One of the common misconceptions that I run into is that a public cloud services provider can’t have an on-premises element to their offering and that having this footprint somehow “breaks” the cloud model.
The root of this misconception lies in equating cloud to a location. Cloud is a computing style, not a location.
There are already cloud-based services providers that use an on-premises element to their architecture. For example, Qualys provides security as a service (vulnerability management) using an on-premises physical or virtual appliance to launch the local scanning from. Using the on-premises appliance, significant amounts of bandwidth are preserved as well as providing network connectivity into an organization’s internal networks to perform its scanning services.
So, how is this Cloud? Remember cloud is a computing style. The key is how the appliance is managed by the cloud provider and, more importantly, not managed by the enterprise consuming the service. The on-premises element is just a “black box” to the enterprise. In most cases, they shouldn’t have to pay for or provision the appliance footprint, even if it is a physical piece of hardware. The appliance is just a part of the overall service delivery. Further, the enterprise shouldn’t have to install software on it or perform updates. Essentially, it should be a “lights out” footprint — everything should be handled by the cloud services provider.
Why would an on-premises footprint be important? Multiple reasons:
- To provide network connectivity (e.g. VPN) into protected locations in the enterprise’s internal network, systems and information
- To reduce bandwidth consumption for scanning related services (vulnerability management, dynamic application security testing, etc)
- To improve performance and reduce bandwidth requirements through intelligent caching, compression and other bandwidth optimization techniques
- To keep large datasets local for local processing and analysis – again primarily to save bandwidth costs
- To keep sensitive data local
- To keep regulated data local (e.g. geolocation requirements)
The latter two are becoming increasingly important as more critical business information, systems and processes move to the cloud. I’m sure there are more requirements that you could add to the list. The takeaway is to expect more cloud-services providers to offer on-premises extensions of their architectures to address specific usage requirements.