by Mike Fitzgerald, Network Design Associate
Every day at Safety Net we are met with clients asking about “the cloud” and how can they leverage it in their business. We have been helping our clients move services to the cloud or provision new services in the cloud for years now (even before it became part of the daily conversation). With all of the talk about the cloud in the last few years, I thought it would be a good idea to explain what it is and how today it has become a part of the way business gets done.
In essence, the cloud is the same services that everyone has been using without the need to own the hardware or make that big capital investment that was once required. To steal a definition from the National Institute of Standards and Technology – cloud computing is the delivery of computing as a service rather than a product, whereby shared resources, software, and information are provided to computers and other devices as a utility (like the electricity grid) over a network (typically the Internet). Clouds can be classified as public, private or hybrid.
There are some simple, easy to understand benefits from this approach; without the need for a big investment in hardware, it is easier for businesses to make the jump into services that can provide real benefit but were beyond their reach before. It is also easier to manage costs, since there is never a need to replace expensive failed hardware and the cloud service is usually provided through a metered billing model – either by number of users or the amount of traffic.
For those companies that already have physical infrastructure, the cloud provides an opportunity to move away from aging hardware without losing any of the benefits they already enjoy.
A brief list of the kinds of services available today includes some very bad acronyms – SaaS (software as a service), PaaS (platform as a service), IaaS (infrastructure as a service), and UCaaS (unified communications as a service). Let’s take a look at what these mean.
We find this classification filled with many services that provide real benefit to the small to mid-sized business (SMB) space without the major expenditure that would be incurred by setting up the software locally. Antivirus, spam filtering, web content filtering, and the biggest of all – Email can all be set up in hours with virtually no upfront capital costs. In addition, they provide much more flexibility with the ability to add or remove licenses based on the current user count.
In my role as a Network Designer, I see two basic approaches to antivirus. In a larger organization or one that has made a commitment to security, there is typically a managed antivirus with the management component installed on a server and agents installed on all of the computers. In a smaller environment or one that does not have that same commitment to security, I will typically find that each computer (and server) will have some kind of standalone antivirus. What are the drawbacks to these approaches? In the past we would always recommend the first option. It would give a centralized point of reporting and management for all computers on the network. The drawback was that it required resources. So to go along with the antivirus, the client would either get a more powerful server, or an additional server at additional cost. In the second scenario there is no management, so if a computer stops getting updates or stops doing scheduled scans, nobody knows. This puts the whole environment at risk.
Today in both of these situations we would recommend a cloud-based antivirus. With the antivirus delivered as SaaS, the client gets all of the benefits of having a managed antivirus, such as centralized updates and reporting, as well as the ability to add or remove computers as needed. The licensing costs are significantly less, and there are no additional hardware requirements.
Web Content Filtering
One of the most common ways for a computer to be compromised with malware is for the user to go to a website that has malware or malware installers embedded in it. These may provide the user an alert that needs to be responded to before the user can continue, with the alert written so that any answer will be passed to the system as approval to install the malware. Because of this it is very important that businesses employ some type of content filtering technology. Traditionally this was done by an appliance on site. When web content filtering is provided as SaaS, the web requests are verified before the user is permitted to go to the site, preventing them from going to one of the sites that is known to be malicious. A console provides a reporting interface to management, which can be configured to show as much information as is needed.
A business hosting their email locally will require many more resources in the way of storage and memory if they do not have any type of spam filtering. In the second quarter of 2013, over 70% of all email sent was spam. There are many devices that can be put in line with the mail flow on premise to filter this spam. With just some minor configuration changes, email can be routed through a cloud service which will safely remove over 95% of the spam. These services offer administrator and reporting consoles.
An essential part of security is having systems patched to correct any security deficiencies. In the past a service would be installed on a server that would download operating system updates which would then be distributed to all of the client computers. Today there are cloud patch management solutions. These typically involve an agent or registration with a service that detects when there are patches that need to be applied and then implements those patches either on a schedule or when the computer is available online.
Communication and Collaboration Tools
Everyone is familiar with email. Most businesses have some kind of system. Today’s cloud-enabled office can really leverage tools that were previously beyond their scope to enhance productivity and provide a level of organization and collaboration that was only available to the largest businesses before. The one true business solution is Microsoft’s Office 365. It offers email, shared calendars, file storage, web applications (Word, Excel, etc.), and Lync. Even if you are familiar with these products from previous versions of Office you may be surprised at the additional integration they have now. With Outlook 2013 (which is included with Office 365 Business Premium or Enterprise Edition) you can not only see if the person who sent the email is online, but you can initiate an instant messaging (IM) session with Lync right from the email – with the topic of the IM session set to the subject of the email. Once you are in the IM session you have the ability to share a program from your computer, your desktop, or create a whiteboard that both people can write on. You can also request a meeting on their calendar from the IM session. It even has the ability to do a video conference, all right from the email.
In addition to all the new functionality this provides it also provides spam filtering, message retention for compliance purposes, and very large mailbox sizes. All of these features are available at a relatively low per user fee.
Backup and Disaster Recovery
One of the most common failings with backup strategies in the past was that they required user intervention to some degree, either to change a tape (or tape set) or to swap an external disk drive. Often we find that although folks mean well and think they are managing the backups well, they are actually neglecting to do that physical part for days or even weeks at a time. With the new cloud-enabled backup solutions, a business can back up their entire server environment to the cloud and in many cases have the ability to convert the back up into a virtual machine, which can then be turned on in the cloud for complete access and functionality.
IaaS is basically a server hosted somewhere. For example, you could contract with someone to provide a server that you can connect to over the network. This could be a physical server, but it would most likely be a private virtual server that is using resources shared with many other users. Typically the operating system can be included by the vendor and any applications on the server are provided by the client. In this scenario the client is typically paying for a combination of various metered services (such as data sent out, the amount of storage being used, the CPU and RAM allocated to the server) on a monthly or annual basis.
There are some real benefits to this approach beyond having a lower upfront cost. There are no ongoing hardware maintenance costs, there is no need to have a room dedicated to network hardware, and it further reduces the need for onsite technical resources.
In situations where there is a primary line of business application that is being accessed from multiple offices, putting the application on a server in the cloud reduces the impact of a local network outage.
For example, think of a client that has three offices and an application on a server in location one. If that location loses connectivity then everyone will be unable to access the application except the people in location one.
If the application is deployed to a server in the cloud and location one loses connectivity then the only people affected would be the people at location one.
IaaS servers are placed in virtual private network segments within the providing service (for example – Microsoft Azure), so they are not accessible to the outside unless they are specifically configured to be accessible. With the ability to create a Virtual Private Network (VPN) connecting the cloud server to the local network the cloud server becomes an extension of the local network. In essence it becomes a branch office.
This is a complete operating system environment with a client application. It could be set up as a web server, a database server, a CRM server or one of many other types. For a company that is providing an online store, for example, they could purchase the web server component and the back-end database component without ever having to actually have a dedicated server. One of the primary benefits to this approach is that the two biggest bottlenecks are removed – there is no effective limit to the number of users accessing the site and the computing resources will be available to keep the site from being overloaded.
UCaaS is a hosted phone system. It allows for a much higher level of service, without the need to have a room full equipment and the big investment that entails. Hosted Voice over IP (VoIP) communications for most businesses offer all the functionality they’ll ever need, are ideal for a decentralized workforce, support the latest features such as voicemail to email and call forwarding to cell phones, and the phones can be ported anywhere with an Ethernet connection.
As you can see, the options for cloud are endless. It is important to consider what options are a right fit for your business. If you have interest or questions about the cloud, please contact us.
October 5, 2021 in Blog, Security
July 8, 2021 in Blog, Security