[Update 2017 May 05 ]
One succinct text on what constitutes good VPN architecture might be found here.
[Update 2015 Mar 30]
An very good article very much in the same direction has appeared on ZDNET.
[Originally published Dec 2013]
Really? How can a terminology hurt me ? Well it can: Indirectly through your wallet. And this is because PaaS/SaaS/IaaS v.s. Cloud nomenclature is not well understood. There is no consistent terminology. Thus people residing on this brave Cloud Computing Planet, do make fundamental mistakes that can cost them a lot. All just because of the initial misunderstandings on the terminology level.
“There are two ways of constructing a software design. One way is to make it so simple that there are obviously no deficiencies
and the other is to make it so complicated that there are no obvious deficiencies.” — C A R Hoare
How very witty, true and simple. Perhaps we could just follow this witty but actually very crucial IT Systems advice. Is IT that simple? Are we done here then ?
Well … perhaps not. I think, it is not that simple for the organization, to come to feasible Cloud Computing Architecture, also tailored for the Enterprise.
Especially if the “one” is a large corporation or any kind of large institutions. Any kind of IT enterprise which is currently severely exposed to myriad of mission critical but in the same time “deep legacy” systems. The kind of IT systems which are here to stay “forever” inside any given large organization today.
The really big issue hidden here is the one, we all dread and we all know is beneath:
Legacy systems are staying with us, “for good”.
All together with “legacy strategies”, vested interests and a such.
When faced with the Cloud marketing, “defenders of the legacy” (people and organizations) will surely mix-in an additional requirement and difficulty: One Cloud is not Enough! Meaning: no single Cloud Computing Vendor can produce an SLA that can satisfy. Very often (or always) it is claimed that due to compliance and security requirements, (which are sometimes pure assumptions), one Cloud provider can not satisfy.
There and then, will mushroom all sorts of reasons (some less true, some more), where Security and Compliance are unbreakable and unquestionable, and they will always come firmly on top of the list of the reasons of actually not going for the Cloud. And remember: Legacy IT is not secure and not compliant.
Thus the added (non) critical decision to be made: Single or multiple Clouds, public or private or any combination of the two. Saas? PaaS? IaaS? None of which can deliver the ever elusive “full compliance”.
Should we just give up then? Not yet.
Enterprise Cloud Agnostic Architecture
Day before yesterday, I was aked and I did an impromptu explanation to few investors on the following subject: “What makes Data Centre (DC) a good investment”. And (lo and behold) I managed to explain one highly technical and potentially highly expensive concept to few real (v.s. potential) investors. And they went away satisfied. Which is always a good thing.
Dear old floppy. Will live forever in collective memory of machines of the future. I have clicked “Yes” on the message box above. I have no floppy, 0 or otherwise, for several years now. I just want to be reminded about the dear old fellow…
Ok, perhaps not in a such a drastic way. Here, I am describing an use-case that approves of simple and effective solution that usually renders the resident architectural ceremony obsolete.
Some organizations do suffer from architectural ceremony. Usually arising in a situation when the methodology and process are not tailored for the organization. Not tailored by kind of business and not tailored by size (complexity) of the business. In which case “priests of the architectural ceremony” are required to translate the not so obvious value of the solutions, to /from the rest of the organization.
Here we have an real life example of a “best” solution, that might be slowed down considerably or even discarded by high priests of the architectural ceremony.
Today, I came over this solution, to solve a requirement for an document/image storage and retrieval. With pretty hefty size requirements at that. By “came over” I mean, after 10+years in the business, I “just” draw it, thought about it (for a day) and then the team (of one) went on to implement it under my supervision. Perhaps one might call this an “architectural stunt” but I beg to differ.
Without false modesty I will admit that it struck me how simple and cost effective this architecture and its implementation is. And still relevant, one year after. And yes, may years after, with a hardware refresh. And this fact is equally if not even more important. This is what customers do value very highly.