Published on May 6, 2020
By Avinash Nagadi, Pre-Sales Engineer
Organizations across the globe have fully embraced cloud platforms with the leading players setting up shop in the middle east last year. Although some concerns around security and data residency remain, businesses are moving in the direction of cloud in the tech transformation. Advantages such as lower TCO, availability, agility, etc. over on-prem data centers are fully recognized. The task of migrating on-prem DC is not as straightforward as it seems with some projects running past their milestones, particularly in IaaS even though cloud platforms have come up with their migration tools.
Service providers and the customers are rightly following the guidelines of assessments, planning and implementation to achieve cloud migration. An in-depth look at how these guidelines are applied in the enterprises will tell us where the problem is.
The primary difference between cloud and on-prem DC is the abstraction of infrastructure underlying applications. In an on-prem DC, servers are grouped by their function and different functions of an application stack regulated by firewall communicate with each other. In the cloud the all the servers of an application stack are grouped(vpc,vnet, etc) to leverage the full benefits of the cloud. To achieve it, customers rely on CMDBs which are often not updated, forcing them to manually validate it, thus delaying the transformation.
The second reason is the application dependencies. A business application in an on-prem DC will communicate with other applications. The protocols or ports used for this communication remain unidentified unless someone inspects the data passing between them. This remains true for communication within the application. For example If you are using windows servers you will be surprised with ports used by underlying protocols in windows. Now this should be cause for concern because if any of these communications are not allowed in the cloud, it may break the application. To correctly identify the communications and validate it is a project in itself.
The third reason which is often is that the dependencies within a business application and between different applications are either presented as a manual flowchart without many details or in the form of logs. Using them for cloud migration can be tedious and unproductive.
Enterprises should avoid falling into this trap and must look for a solution that simplifies the tasks of logical group the applications in an on-prem datacenter, identifies the dependencies and validates it. Visualizing the identified applications with the communication details is going to expedite the cloud migration projects.
Avinash is specialized in data center security and experienced in advising a wide range of security solutions for enterprises. He is also a cyber law and regulation enthusiast.