Vulnerabilities / Threats // Insider Threats
10/4/2010
11:53 AM
50%
50%

KT Launches Large Scale Private Cloud

Leading Korean telecom partners with Cloudscaling to develop platform for data-intensive mobile services.




Slideshow: Amazon's Case For Enterprise Cloud Computing
(click for larger image and for full photo gallery)
KT, Korea's largest fixed-line operator and its second largest mobile carrier, has launched the nation's first large-scale, private cloud. It will serve as a platform for data-intensive services to devices such as smartphones and tablet PCs, as well as to deliver computing infrastructure to its internal enterprise.

"Telcos should focus on the explosion of data from smartphones, the Internet, and multimedia. We should prepare for continued data growth in the future. There will be many opportunities to provide applications supporting this data explosion. We think cloud is the right technology solution to accomplish this," said Jung-sik Suh, senior VP, cloud services business unit, at KT.

Telecommunications provider KT elected to partner with San Francisco-based Cloudscaling, in part because of the service provider's use of commodity hardware, open source software, and automation, said Suh.

"The leaders in cloud technology are Internet companies, not telcos or enterprise IT companies," he said. "We wanted a cloud computing partner that understood our vision for cloud services, which is a cost-competitive offering at a high quality of service."

By using a private cloud, KT can eliminate systems that require the manual management of virtual servers, moving instead to automated management -- a more cost-effective and efficient approach, according to the company. In fact, the first phase will consolidate 9,800 servers onto the new cloud infrastructure, KT said.

"KT's approach to cloud computing is bold," said Randy Bias, CEO and founder of Cloudscaling. "Modeling their cloud computing architecture after the most efficient and lowest-cost public cloud providers should allow them to leapfrog regional competitors who are building clouds based on enterprise architectures."

Other partners include Intel, Citrix, Nexenta, Cloud.com, and SP Korea, according to Cloudscaling.

"We used commodity hardware to keep the up-front and ongoing [capital expenditure] costs down. The software stack is based heavily on free and/or open source software to lower the license costs. The system was designed for failure," said Bias. "Cloud infrastructure must be highly available, which means hardware and software failure should not interrupt the service. These loosely coupled services should be automatically provisioned, deployed, and managed."

The Cloudscaling team brings together experience building and managing cloud infrastructures at companies such as Amazon, GoGrid, Yahoo, Engine Yard, and Puppet Labs, and has teleco and service provider clients around the world.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3580
Published: 2014-12-18
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

CVE-2014-4801
Published: 2014-12-18
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-6076
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.

CVE-2014-6077
Published: 2014-12-18
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CVE-2014-6078
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.