Microsoft to unveil cloud computing security in 2010; plans to offer private cloud software
A project code-named Sydney will addresses security in virtualized, multi-tenant environments in which customers are typically sharing data center resources; Sydney will provide isolation between customers’ cloud resources with network virtualization, and provide secure connections between an enterprise’s internal data center equipment and what it uses in the cloud.
With Microsoft’s Azure cloud computing platform set to go live on New Year’s Day, the company is looking ahead to later in 2010 when it will unveil a new security structure for multi-tenant cloud environments as well as private cloud software based on the same technology used to build Azure.
Hasan Alkhatib, the Azure senior architect, last week described the Microsoft security project code-named “Sydney” at an Xconomy forum on cloud computing held at Microsoft’s New England R&D Center in Cambridge, Massachusetts.
In addition to embedding greater security into the public cloud, Alkhatib said Microsoft is planning to help customers build private cloud networks within their own datacenters, using the same software Azure is based on. “Every customer says ‘where can we get a private cloud?’” Alkhatib said. “We’re building them. Within a short period of time private clouds will be available with the same technology we’ve used to build Windows Azure.”
Alkhatib said, however, that he thinks private clouds lack most of the benefits of public clouds, and focused most of his talk on the Azure services that will be offered publicly over the Web.
Network World’s Jon Brodkin writes that Project Sydney, unveiled last month at Microsoft’s Professional Developers Conference, addresses security in virtualized, multi-tenant environments in which customers are typically sharing data center resources. Sydney will provide isolation between customers’ cloud resources with network virtualization, and provide secure connections between an enterprise’s internal data center equipment and what it uses in the cloud, Alkhatib said. Sydney will aggregate “any arbitrary set of endpoints,” including servers and client machines inside the enterprise and resources in a public cloud service like Azure, and create what Alkhatib called a “virtual network overlay” which is secured with IPsec and which can only be accessed by those authorized to do so. “All these elements appear to each other as if they have a dedicated, private network,” Alkhatib said.
Regulatory compliance in cloud computing is still a major challenge, however. Alkhatib said the IT industry must lobby agencies to accept new security guidelines that are based on logical, rather than physical structures.
Microsoft has not announced a release date for Sydney but is committed to delivering at least a beta version in 2010, Alkhatib said. The private cloud product based on Azure may also come out in 2010, he said. Microsoft today is running Azure out of datacenters in Chicago and Texas, and will add four more datacenters in January in Dublin, Amsterdam, Singapore, and Hong Kong, Alkhabit said.
