eweekchat

Next-Gen Cloud Services
JOIN US: This is a chat-based conversation about new types of cloud (and cloud delivery) services, which are becoming more pervasive and diversified than ever. We are becoming more dependent on the cloud each day--especially during the COVID-19 pandemic. Join us!
   4 years ago
#eweekchatNext-Gen Networking TrendsJOIN US: This is a chat-based conversation about trends in new-generation networking in which we will discuss the impact of SD-WAN, 5G, WiFi6 and other factors in moving data from one node to another--and another--and another.
   4 years ago
#eweekchatConfidential ComputingJOIN US: This is a chat-based conversation about how a newly recognized trend in IT security that follows data all the way through the transom and protects it at every stage--including when it's processing. Join us!
Chris Preimesberger
Q2: Did "fog computing" sort of melt into edge?
Eric Han
hard to pin down where the fog is/was :).
Phil Straw
A2. Yes - proprietary Cisco term went #opensource
Bruce Kornfeld
A2: Fog Computing was Cisco's term for edge...and yes...we believe its all merged together now
Larry Lunetta
A2: Yes, the veil of "fog" is lifting as better edge to cloud management systems enable IT to leverage custom-built compute and storage resources at the edge while integrating them with data center and traditional cloud.
Tony Cai - Nerdio
A2: Fog computing and Edge computing are blending if not the same. Its either running in someone elses datacenter or your own. Marketing terms :D

(edited)

Eric Han
A2: bringing more services to edge (as connectivity, real-time demand increases) is happening. Having that serve from new arch / patterns too. So that's super real.
Bruce Kornfeld
I think Fog was Cisco way of trying to blur the lines between true edge and datacenter/cloud. While they are 3 different things - they all need to work together.
Sean Leach
a2: Fog computing really never took off as a term, it was very nebulous/misunderstood. Even "edge" can mean different locations based on who you ask. We define the edge as the intersection/touch point between the end user/device and the cloud
Bruce Kornfeld
@seanleach agreed on your definition. However another slice is to say that edge is anything outside the datacenter or cloud. its a little more broad, but real.
Larry Lunetta
Edge also implies where and how data is generated and processed. Increasingly, IoT-based applications need almost real time access to compute resources.
Chris Preimesberger
Fog, edge, IoT ... oh, my!
Bruce Kornfeld
Yes IoT but lots of other examples. what about retail outlets with 1,000s of site...they (sometimes) must have onsite "kit" for real time as well
Nick Brackney
a2: I had a customer, a large brewery, say to me just the other week. You guys call this all sorts of things, I guess its edge now. We've just had it instrumented for years. This is how we build better products with our data, we cant move it or get the speed in public cloud.
Phil Straw
@brucekornfeld Yes - data creation and infrastructure is moving to places where data centers didn't use to be and will require a different class of solution wrt. perf., security & mgmt
Chris Preimesberger
So instrumentation provides the metrics neeed for admin, no matter what where the data is?
Sean Leach
@brucekornfeld how do you define the "cloud"? :) you can have a cloud running at the edge. We see the "cloud" as more of a deployment definition (i.e. not have to build/run your own network/servers/apps), not a location.
Bruce Kornfeld
edges are small (our perspective)...if you have big ol building with lots of gear in there at the "Edge"...isn't that a cloud? (good debate to have!!!)
Phil Straw
@SoftIronCEO This is what I mean when I talk about different class of security and provenance: https://softiron.com/secure-provenance/
Chris Preimesberger
Q1: Generally, what trends are you seeing in the delivery of next-generation cloud services? What new features are we seeing?
Eric Han
A1. From a customer pov, I see that there's the desire to focus on their area of differentiation. At the same time, every customer has a diff pov :). So something I think is important is the move towards how to enable 'fully managed' and 'self-managed' style services
Phil Straw
A1. Big move to #hybridcloud right now. We're seeing a big focus on secure provenance - a transparent audit of products being deployed, and a shift away from proprietary solns. to #opensource.

(edited)

Larry Lunetta
A1: Cloud services are no longer defined by a "place" (i.e. a public cloud) but by the experience of IT and the user. As a result, even though the workloads may run at the edge, in a data center, etc., the agility, scalability and control of "cloud" will apply.
Tony Cai - Nerdio
A1: With the pandemic happening around the globe, we are seeing the adoption of #WFH technologies including the use of #WindowsVirtualDesktop, it has picked up a lot of steam in the past several months as workers needs secure, fast and manageable cloud endpoint to access data.
Sean Leach
a1: The main trends we are seeing are around the realization that serverless is the preferred deployment model for new applications / next generation architectures. Real-time and in depth observability is also a requirement / focus area.
Chris Preimesberger
@radio_eric Interesting. So does this mean that most or all cloud deployments are going to be customized going forward?
Larry Lunetta
AI: I think WFH is a great example. That comprises network access from a remote location with the management and security provided in a variety of locations, including the cloud.
Sean Leach
@SoftIronCEO No doubt - we are seeing this trend as well. It is a powerful way to avoid provider lock-in
Chris Preimesberger
@SoftIronCEO Phil, how do you separate hybrid from multi-cloud deployments?
Larry Lunetta
With the use of microservices, organizations can customize where and how they deliver IT resources.
Nick Brackney
a1: people are not getting cloud value for every workload. With edge lighting up and data centers not going away they need to think about Cloud as an operating model that extends to all these environments. #Iwork4Dell @delltechcloud #eweekchat
Sean Leach
@larry_lunetta Yep good point. We are seeing the trend of moving the application logic as close to the end user as possible. For scale and performance reasons
Phil Straw
Multi-cloud is about commoditizing public cloud, where hybrid is about owning your data & infrastructure for perf. security etc.
Eric Han
customized: don't think that's possible at scale.The fully-managed will have more cookie-cutter, repeat approach (customer benefit is they don't do the care-feeding) but customization level is low. Opposite for self-managed.
Chris Preimesberger
Nick, welcome. What do you do for Dell TEch?
Larry Lunetta
@NickBrackney Yes, and the challenge is how to manage that seamless experience across all those physical environments.
Nick Brackney
Hi Chris I drive our cloud and edge message and do some thought leadership. But my passion in this space comes from what I hear from customers :) I always learn more participating in these types of tweet chats.
Nick Brackney
@SoftIronCEO my 2 cents is multi-cloud is just customers' reality. Either they planned for it (i.e. focus on best of breed, risk mitigation), or they ended up in it. Now they just need to find a way to make it work for them. Thats back to the consistency and seamless convo.
Phil Straw
@NickBrackney Many have multiple cloud relationships today - apps everywhere. Very few have true multi-cloud portability between them.
Chris Preimesberger
Q4: What are some new approaches vendors are using to ensure safe delivery of cloud services and to add value with ancillary features?
Phil Straw
A4 Cloud is now established enough that vendors are now designing for cloud specifically. This helps a lot because retrofitting security is often hard or impossible.
Phil Straw
A4 As cloud, edge and indeed hybrid emerges as the norm a more holistic approach to security is possible for the same reason.
Phil Straw
A4 Cloud is one piece of the puzzle and securing it as as much about all the things that touch it, including enterprise and edge. SoftIron does this with storage products to enable a continuum that is coherent for data assets in all locations.
Larry Lunetta
A4: Organizations are moving to a Zero Trust framework which relies on identity-based access control and much tighter security integration between the end point and the application.
Bruce Kornfeld
A4: Another area is for users to leverage encryption from cloud providers, but not trust them with the keys. BYOK is a movement that is starting to take hold with Cloud.
Nick Brackney
A4 I was a fan of VMware's approach before I ever got to Dell. I think abstraction and building in security is the way to go in simplifying and ensuring safety. But biggest thing is closing the gaps and burden on customers of Shared Responsibility Models.
Chris Preimesberger
Do you think identity control and access is ultimately the most efficient way to secure anything?
Eric Han
A4: vendors are building for and like clouds now. so good question and I think small (in terms of visibility but large in impact) has been continuous release/update (which adds to the security goal). More to where you question might be asking is also providing viz @editingwhiz
Larry Lunetta
A4: To add value, vendors are adding AI-based capabilities to deal with the complexity of a hybrid cloud world. AI is now cutting down the number of trouble tickets reported and reducing the amount of time to resolve them.
Eric Han
A4-cont: and knowing the state of deployments, as to the value-add. @editingwhiz
Tony Cai - Nerdio
A4: Double encryption in transit and at rest as a feature, enforcing MFA as a standard, PaaS hosted connection gateways with built in security managed by the vendor. Microsoft has started to enforce their partners to beef up their security all around.
Nick Brackney
Identity and Access Management is absolutely critical especially Privileged Identities. However it, and networking are battling it out for the most overlooked area needed, based on what I see.
Sean Leach
a4: A big area of R&D is around the safe delivery of applications in multi-tenant environments-maintaining performance/security. Technologies like WebAssembly/WASI are scalable/powerful technologies that provide high performance isolation - as opposed to docker etc.
Bruce Kornfeld
end users can now run their own key managers for all their encryption use cases - now extending to cloud.

(edited)

Chris Preimesberger
Can BYOK security become problematic due to presumed complexity, or is that actually an issue?
Eric Han
IdAM is a must and a building block. Otherwise, we don't have a lot to act on. @editingwhiz
Sean Leach
a4: TLS 1.3 is another key technology that improves performance and security at the TLS level
Nick Brackney
agreed @brucekornfeld given the way that governments have treated data sovereignty and gag orders you'd have to be very foolish to hand over the security keys to a vendor. They can be compelled to divulge your info and have to keep it from you.
Larry Lunetta
A4: Identity-based access control is the starting point for a "defense in depth" approach to security. No one technique will be sufficient to achieve something like Zero Trust, but it definitely is a foundational element.
Tony Cai - Nerdio
A4: RBAC - Role based access control as well.
Bruce Kornfeld
Key management CAN be very complex. Each use case can have thousands or millions of keys. Third party key managers are designed to remove that complexity, and now they can also work with cloud app - and cloud providers are supporting it.
Eric Han
@larry_lunetta agreed. Not my article but I liked this read from @stackrox on some on the container space. https://www.stackrox.com/post/2020/08/guide-to-gke... #stackrox
https://www.stackrox.com/post/2020/08/guide-to-gke-runtime-security-for-gcp-workloads/
Guide to GKE Runtime Security for GCP Workloads | StackRox: Kubernetes and container security solution
Guide to GKE Runtime Security for GCP Workloads | StackRox: Kubernetes and container security solution
This guide discusses GKE runtime security recommendations and best practices to help harden K8s and protect your cloud-native apps
Bruce Kornfeld
@NickBrackney Agreed. It kind of amazes me that this is so prevalent today. So many cloud apps out there where the customer just "turns on" encryption and maybe doesn't realize the vendor has the keys as well.