Cisco Blogs

Cloud Management and Security: Being Ready

June 7, 2010 - 2 Comments

Well it seems like yesterday since my participation at TM Forum Management World 2010 in Nice, France, during May 17 2010 week. Specifically, I participated in a wonderful session, Opportunities, Business Models & Requirements for Cloud Providers.

Having just returned from Paris, France where I had presented at the Cloud Telco 2010 Conference, I could not help but pick up on common themes of Cloud Management and Security and will state that management and security are absolute table stakes when developing a sustainable Cloud-based service architecture blueprint. Further, another theme for discussion was the role of network virtualization (not a new concept by the way) specific to the network infrastructure enablement e.g. multi-tenancy. Architecturally, considerations such as proximity of the network to the data center infrastructure itself as to mitigate latency and ensure the required quality of service when moving virtual machines were also common topics for discussion at these venues. Oh yes, it is no surprise that with the launch of Cisco’s CRS-3, we have integrated the Network Positioning System (NPS), that implements L3-L7 best path for content.

However, in focusing on cloud management there is the notion of “on demand” as opposed to hours, days and weeks. Therefore cloud management autonomic flow-through provisioning may be the norm and will consequently have implications to OSS systems as these move to cloud management architecture as I highlighted at the Cloud Telco 2010 Conference in my presentation last week:

cloud management

In the context of cloud security, there are few fundamental questions-considerations that may serve as inputs to developing a cloud security blueprint and by no means comprehensive, such as:

  1. Where is my data?
  2. Geographical location of data
  3. Who is accessing it on the physical and virtual servers?
  4. Is it segregated from others?
  5. Can I recover it?
  6. What is the threat vector for cloud services?
  7. How do I identify the weakest link in cloud services security chain?
  8. Would centralization of data bring more security?
  9. Federated trust and identity issues
  10. Who would manage risk for my business assets?
  11. And, can I comply with regulatory requirements

Finally, next week the ITU-T will kick off it’s first Focus Group meeting in Cloud computing, June 14-16, Geneva, Switzerland.

I do look forward to hearing your thoughts on cloud management and cloud security.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. Thank you for comment!

  2. 3TS Cisco Growth Fund as a growth engine for SolveDirectAfter half a year of the Cisco Growth Fund acquiring a stake in Solvedirect, the U.S. orders for the companies service management products are beating new orders in Europe. SolveDirect has set up a subsidiary in Silicon Valley and runs an extra data center in California to comply with U.S. data security legislation.