This is the fourth in a multi-part series. Follow the series here.
In this installment, we’ll look at qualification. Since Barracuda is a cloud security provider, our discussions will naturally focus on security considerations. When we talk about qualification, we’re really talking about two things that can go hand-in-hand: a proof-of-concept, and a framework reference architecture.
The Shared Responsibility Model means that while your cloud provider will ensure rock-solid security for AWS, you’ll need something additional in front of your cloud-resident applications and workloads to secure them from attacks and be able to monitor and log activity.
Diagram of the AWS Shared Security Model. Click here for more information.
Whether you do this with native tools or third parties is dependent upon the features you need. For example, healthcare is concerned over data privacy (HIPAA is an obvious requirement but there can be equally stringent local requirements), while financial institutions absolutely need the ability to monitor and log access and activity.
You already set-up security on your local workloads, so you know what you’ll need to duplicate in the cloud. You may also want or need a single way to visualize data to and through the cloud. The obvious example here are hybrid configurations that many companies end up deploying: selecting a single security vendor who can provide end-to-end visibility may be a key part of your considerations.
So qualification is ensuring the chosen vendor (or vendors) can provide all the features you require. Typically this can be accomplished through a short proof-of-concept (sub-30 days) but most companies also take this opportunity with their vendor or service provider to identify a framework reference architecture against which they can migrate or move multiple workloads. Just like their on-premises counterparts, cloud-facing security solutions are a one-to-many proposition: a single firewall or pair of firewalls (for clustering and failover) can support a number of discrete workloads (formerly VMs).
So your qualification is really the final test-phase for the first workload or application you’re going to migrate – with the rest of your requirements following this first cloud deployment.
In our next installment, we’ll look at security in a bit more depth as it’s already played a critical part in your steps to cloud deployment.
If you would like more information on how Barracuda can help you migrate to the public cloud, visit us on the web here:
Rich est directeur marketing pour les produits de cloud public chez Barracuda. Il a rejoint l'équipe dans le cadre de l'acquisition de C2C Systems en 2014. Rich est l'un des experts du cloud public de Barracuda. Il travaille directement sur les écosystèmes cloud et est cité dans des ebooks de Microsoft sur la sécurisation du cloud public. Il est également contributeur régulier des blogs thématiques sur le cloud de Barracuda. Dans le cadre de notre travail sur le cloud, il aide au développement de stratégies et à leur exécution avec nos partenaires et nos équipes commerciales.
Vous pouvez envoyer un e-mail à Rich à l'adresse [email protected].