Vulnerabilities / Threats // Insider Threats
10/4/2010
11:53 AM
50%
50%

KT Launches Large Scale Private Cloud

Leading Korean telecom partners with Cloudscaling to develop platform for data-intensive mobile services.




Slideshow: Amazon's Case For Enterprise Cloud Computing
(click for larger image and for full photo gallery)
KT, Korea's largest fixed-line operator and its second largest mobile carrier, has launched the nation's first large-scale, private cloud. It will serve as a platform for data-intensive services to devices such as smartphones and tablet PCs, as well as to deliver computing infrastructure to its internal enterprise.

"Telcos should focus on the explosion of data from smartphones, the Internet, and multimedia. We should prepare for continued data growth in the future. There will be many opportunities to provide applications supporting this data explosion. We think cloud is the right technology solution to accomplish this," said Jung-sik Suh, senior VP, cloud services business unit, at KT.

Telecommunications provider KT elected to partner with San Francisco-based Cloudscaling, in part because of the service provider's use of commodity hardware, open source software, and automation, said Suh.

"The leaders in cloud technology are Internet companies, not telcos or enterprise IT companies," he said. "We wanted a cloud computing partner that understood our vision for cloud services, which is a cost-competitive offering at a high quality of service."

By using a private cloud, KT can eliminate systems that require the manual management of virtual servers, moving instead to automated management -- a more cost-effective and efficient approach, according to the company. In fact, the first phase will consolidate 9,800 servers onto the new cloud infrastructure, KT said.

"KT's approach to cloud computing is bold," said Randy Bias, CEO and founder of Cloudscaling. "Modeling their cloud computing architecture after the most efficient and lowest-cost public cloud providers should allow them to leapfrog regional competitors who are building clouds based on enterprise architectures."

Other partners include Intel, Citrix, Nexenta, Cloud.com, and SP Korea, according to Cloudscaling.

"We used commodity hardware to keep the up-front and ongoing [capital expenditure] costs down. The software stack is based heavily on free and/or open source software to lower the license costs. The system was designed for failure," said Bias. "Cloud infrastructure must be highly available, which means hardware and software failure should not interrupt the service. These loosely coupled services should be automatically provisioned, deployed, and managed."

The Cloudscaling team brings together experience building and managing cloud infrastructures at companies such as Amazon, GoGrid, Yahoo, Engine Yard, and Puppet Labs, and has teleco and service provider clients around the world.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading, January 2015
To find and fix exploits aimed directly at your business, stop waiting for alerts and become a proactive hunter.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7402
Published: 2014-12-17
Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service (crash) via a crafted ICAP request.

CVE-2014-5437
Published: 2014-12-17
Multiple cross-site request forgery (CSRF) vulnerabilities in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) enable remote management via a request to remote_management.php,...

CVE-2014-5438
Published: 2014-12-17
Cross-site scripting (XSS) vulnerability in ARRIS Touchstone TG862G/CT Telephony Gateway with firmware 7.6.59S.CT and earlier allows remote authenticated users to inject arbitrary web script or HTML via the computer_name parameter to connected_devices_computers_edit.php.

CVE-2014-7170
Published: 2014-12-17
Race condition in Puppet Server 0.2.0 allows local users to obtain sensitive information by accessing it in between package installation or upgrade and the start of the service.

CVE-2014-7285
Published: 2014-12-17
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote authenticated users to execute arbitrary OS commands by injecting command strings into unspecified PHP scripts.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.