As Larry Ellison has famously observed, people use “cloud computing” to mean everything, and therefore nothing. In with the buzzwords, out with the meaning.
Take anything that involves two computers and a network connection, and someone is going to call it cloud computing. Or if you are going to use virtualization: some people rationalize this as “Cloud computing must be based on virtualization technology, therefore our rack of blades running vSphere is a cloud.” Yes, and my stove, just like a true cloud data center, runs on electricity. But I don’t call it a cloud platform.
In Learning Tree’s Cloud Security Essentials course we take a narrower view. That course is aimed at people considering the use of what I think even Larry Ellison would call major cloud services — Amazon Web Services, Google Cloud, Microsoft Windows Azure, and so on.
The security technology is precisely the same as in any other computing environment, the difference is in who has control and visibility. Depending on the cloud model involved, IaaS, PaaS or SaaS (that is, Infrastructure, Platform or Software as a Service), you give up increasing control and visibility as you progress through that sequence. In cases where compliance and control are concerns, you will need to stick with IaaS.
This is where people are surprised for some reason.
The majority of cloud-based systems run Linux. Amazon’s vast catalog of runnable machine images offers a large number of Windows images. But it has an even larger number of Linux images, plus other open-source UNIX-family platforms such as BSD and OpenSolaris.
Amazon no longer cites statistics on utilization, citing customer privacy, but the last we heard the cloud instances actually running at any moment were overwhelmingly Linux.
Microsoft has been disappointed in the popularity of their Platform as a Service (or PaaS) offerings, and have increased the support and promotion of their Infrastructure as a Service offerings. Imagine this, Microsoft’s IaaS products include Linux.
Google recently announced their Google Compute Engine IaaS offering. So far it’s only available to customers willing to pay for Gold support level: $400/month for 24×7 phone support and consultation on architecture and application development. The only operating system available is Linux.
So, the biggest cloud provider by far, Amazon, offers a variety and sees its customers running mostly Linux. Google runs nothing but Linux, and Microsoft even offers Linux as they see there is no other way to be in the IaaS market.
Compliance will require control and visibility, and that means IaaS. And it looks like IaaS is going to mean Linux. In a real cloud, that means command-line administration at a distance. It isn’t that hard, we show you how to do some of it in the Cloud Security Essentials course.