Cloud
10/20/2010
12:59 PM
George Crump
George Crump
Commentary
Connect Directly
RSS
E-Mail
50%
50%

How To Use Cloud Storage

This entry kicks off a new series on cloud storage. In this series we will look at cloud storage and what it means from a number of different view points; the storage manufactures, the service providers, the providers of the tools that onramps data to the cloud and of course the people that will actually use cloud storage. This first set of entries will look at you the users and provides some ideas on how you can use cloud storage.

This entry kicks off a new series on cloud storage. In this series we will look at cloud storage and what it means from a number of different view points; the storage manufactures, the service providers, the providers of the tools that onramps data to the cloud and of course the people that will actually use cloud storage. This first set of entries will look at you the users and provides some ideas on how you can use cloud storage.As we will discuss in our upcoming webinar "What's Your Cloud Storage Strategy", cloud storage is an end to a means, meaning that most use cases are not so that you can use cloud storage for the sake of using cloud storage. Instead there is a problem that you are going to try to solve in your environment and cloud storage, or more likely a device or software application that leverages cloud storage, may be a way to solve that problem.

Public or Private

The first question that may come up is are you going to use public or private cloud storage? Private cloud storage is storage that is still internal to your organization, that you still own, power, cool and manage. You are essentially leveraging some of the new capabilities of the storage hardware that is focused on meeting the needs of cloud service providers but going to use that technology in your organization's environment. It could still be multi-location or could even be single location. Public cloud storage is storage that you "rent" from someone else and it is their responsibility to purchase, power, cool and manage. It is still important to understand what type of product they use and that it is going to be reliable, but the responsibility to offer the service is theirs not yours. We will discuss some of the differences between the various cloud storage offerings in an upcoming entry.

For the bulk of our readership I would suspect the answer as to which cloud storage type to use will be that you are going to leverage someone else's storage not create your own. If you fall into the smaller group of building your own private storage cloud then we will cover your needs in our entries about cloud providers because that is essentially what you are, just your customers are internal.

How To Use It

There are several ways that an IT organization may choose to use cloud storage. First you can extend your own application to specifically place data in the cloud. This might be to archive chunks of data that you may need to access but don't need to access it locally and the time to download it from an internet connection is acceptable versus having to pay to store it locally. To take advantage of cloud storage you will leverage the API sets that the cloud storage provider makes available to you. The strength of the API set is an important decision here, does it have the capabilities you want?

With the API set in hand extending an application to the cloud, as long as you have developers, can be straight forward. Many organizations report cloud integration times of less than a few weeks, in some cases days. The variable is the quality of the API set and the extent of integration to be used. The benefit of this type of cloud use case is that once the development work is complete, the use is basically automatic and the economics of cloud based storage can be more fully leveraged.

While there is a fair number of organizations that have developers on staff to make these changes there is a far greater number of organizations that don't. These organizations are going to turn to other companies to provide ways to get data to the cloud. We call this area of the market the "Cloud Onramp". The number of onramp choices is staggering. They cover the full gambit now of data services including backup, archive, file servers and even primary storage. They can be software based or sold as an appliance. They can cache data locally or keep the entire data set in the cloud. The options are almost limitless.

In our next entry we will start to cover the cloud onramps; first how they are delivered, what services they provide and how to tell if they are a viable alternative to traditional storage solutions.

Track us on Twitter: http://twitter.com/storageswiss

Subscribe to our RSS feed.

George Crump is lead analyst of Storage Switzerland, an IT analyst firm focused on the storage and virtualization segments. Find Storage Switzerland's disclosure statement here.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.