Section 12: Cloud and the Datacenter

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which of the following technologies allows an administrator to create virtual machines by abstracting the operating system and applications from the underlying hardware? - Quiz 11 Cloud and DataCenter

A hypervisor is hardware, software, or firmware capable of creating virtual machines and then managing and allocating resources to them. A hypervisor is a function that abstracts the operating system and applications from the underlying computer hardware

Horizontal scaling (scaling out) (Scaling Types / Cloud Concepts) - Cloud and the Datacenter

Adding additional resources to help handle the extra load being experienced ●Essentially, instead of having one server to host your blog, we would now have two servers to host your blog. And as you gain more readers, we're going to load bounce between them. Scaling out provides more redundancy and results in less downtime (adding more and more machines to the pool, we're not relying on a single machine anymore.)

Virtual Servers (Virtualization) (Virtual Network Devices) - Cloud and the Datacenter

Allows multiple virtual instances to exist on a single physical server ▪ Considerable cost savings for an IT budget ▪ Allows for consolidation of physical servers ▪ Multiple NICs increase bandwidth available

Community Cloud (Types of Cloud Computing) - Cloud and the Datacenter

Collaborative effort where infrastructure is shared between several organizations from a specific community with common concerns

Hybrid Cloud (Types of Cloud Computing) - Cloud and the Datacenter

Combination of private and public

Infrastructure Layer (Things to consider with the Software-defined networking (SDN) / Data Center Architecture Types) - Cloud and the Datacenter

Contains the actual networking devices that receive the information from the control layer about where to move the data, and then it's going to perform those movements.

Infrastructure as Code (IAC) - Cloud and the Datacenter

Enables managing and provisioning of infrastructure through code instead of through manual processes ▪ Virtual machines ▪ Virtual devices ▪ Scripted automation and orchestration is the basis of everything we do in horizontal scaling or scaling out within our cloud environments when we need to use elasticity.

Virtual Firewalls & Routers (Virtual Network Devices) - Cloud and the Datacenter

Fully virtual networks with virtual switches, routers, and firewalls (can be used to connect virtual servers together) ▪ Manufacturer's offer virtualized versions of their most popular devices ▪ Virtualized routers and firewalls provide the same features as their physical counterparts

Virtual Network Devices - Cloud and the Datacenter

Major shift in the way data centers are designed, fielded, and operated ▪ Virtualization is everywhere ● Virtual Servers ● Virtual Routers ● Virtual Firewalls ● Virtual Switches ● Virtual Desktops ● VoIP ● Cloud Computing ● Software-Defined Networking

Virtual Machine (VM) Escape (Cloud Concepts) - Cloud and the Datacenter

Occurs when an attacker breaks out of one of the isolated VMs and begins to directly interact with the underlying hypervisor ▪ Host virtual servers on the same physical server as other VMs in the same network if someone's able to escape out of the virtual machine, they can only access a similar type or classification of data. This works well if you're running your own private cloud, but if you're running on top of a public cloud, you really don't get to control which physical servers your virtual machines and cloud-based instances are being run on.

Virtual Private Branch Exchange (PBX) (Voice Over IP (VoIP) ) - Cloud and the Datacenter

Outsources a telephone system by utilizing VoIP to send all data to the provider and then connecting it to the telephone system (you need to use whether that's US based or overseas)

Which of the following types of traffic flows describes network traffic that is entering your datacenter through the firewall or router? - Quiz 11 Cloud and DataCenter

South traffic is traffic entering the data center. In both cases, the data is exiting or entering the data center through a firewall or other network infrastructure boundary device, such as a router.

Management Plane (Things to consider with the Software-defined networking (SDN) / Data Center Architecture Types) - Cloud and the Datacenter

Used to monitor traffic conditions and the status of the network going to allow us to oversee the network and gain insight into its operations. This will also allow us to make configuration changes, to set things up the way we want, and make sure they're working the way we need them to.

Storage Area Network (SAN) (Virtual Storage Solutions / Virtual Network Devices) - Cloud and the Datacenter

When you have a storage area network, this is a very specialized type of local area network that's designed for data transfer and storage. They use fiber optic cables because of their high speed and they transfer data at a block level with a very specialized protocol

Software-defined networking (SDN) (Data Center Architecture Types) - Cloud and the Datacenter

a network architecture approach that enables the network to intelligently and centrally be controlled or programmed using software applications. we're going to take our physical networks and we can completely virtualize them or create a layer of abstraction between the physical devices and the logical architecture that they're going to represent. we can create complex networks very quickly and easily, leveraging increased network size and expanding their scope as well as their ability to rapidly change. they can be changed automatically by the network itself using automation and orchestration we need to consider including the application layer, the control layer, the infrastructure layer, and the management plane. These three layers are going to allow the network to be decoupled from the underlying hardware itself.

North-South (Direction of Flow Types / Data Center Architecture Types) - Cloud and the Datacenter

communication traffic that enters or leaves the data center from a system fiscally residing outside of the data center. North traffic - is traffic that is exiting your data center South traffic - referring to traffic that is entering your data center ** In both cases, this data is exiting or entering the data center going through a firewall or other network infrastructure boundary device such as a router.

Application Layer (Things to consider with the Software-defined networking (SDN) / Data Center Architecture Types) - Cloud and the Datacenter

going to focus on the communication resource requests or information about the network as a whole.

Connectivity Options - Cloud and the Datacenter

options that are available when connecting to cloud-based solutions, including virtual private networks or VPNs, and a private-direct connection to your cloud provider. we're more focused on connecting our enterprise networks to our public cloud service providers known as CSPs.

Fibre Channel (FC) (Storage over a network types : Virtual Storage Solutions / Virtual Network Devices) - Cloud and the Datacenter

Special purpose hardware providing 1 - 16 Gbps of storage area network speed

Dion Training Solutions wants to migrate their email server from an on-premise solution to a vendor-hosted web-based solution like Google Workspaces or Gmail. Which of the following types of cloud models best describes this proposed solution? - Quiz 11 Cloud and DataCenter

Software as a Service (SaaS) uses the web to deliver applications that are managed by a third-party vendor and whose interface is accessed on the client's side. Most SaaS applications can be run directly from a web browser without any downloads or installations required, although some require plugins. The Google Workspaces and Gmail solutions for business are good examples of SaaS solutions.

Multitenancy (Cloud Concepts) - Cloud and the Datacenter

Allowing customers to share computing resources in a public or private cloud ● Better storage/access ● Better use of resources ● Lower overall cost Multitenancy might cause your data to be hosted on the same physical server as another organization's data ● When an organization crashes a physical server, all of the organizations hosted on that same server are affected ● An organization failing to secure its virtual environments hosted on a shared server poses a security risk for the other organizations hosting on that same server Set up virtual servers in the cloud with proper failover, redundancy, and elasticity ● Complex passwords ● Strong authentication ● Strong encryption ● Strong policies

Network as a Service (NaaS) (Models of Cloud Computing) - Cloud and the Datacenter

Allows outsourcing of the of a network to a service provider ▪ This is where all those virtual routers and switches and firewalls are going to come into play. All of this can be hosted offsite at the provider's location, and they put it into their data center. ▪ Hosted off-site at the service provider's data center and the customer is billed for usage ▪ Charged by hours, processing power, or bandwidth used like utility services ▪ Amazon's VPC or Route 53 offerings

Data Center (Data center architecture) - Cloud and the Datacenter

Any facility that businesses and other organizations use to organize, process, store, and disseminate large amounts of data

Snowflake Systems (How to use Infrastructure as Code (IaC) effectively) - Cloud and the Datacenter

Any system that is different from the standard configuration template used within your organization's IaC architecture Keeping things consistent and using carefully-developed and tested scripts ▪ adds risk to your overall security posture ▪ adds a lot of configuration problems and long-term supportability problems for you because it's a one-off system ▪ lack of consistency, going to lead to a lot of issues in terms of security and your ability to support it after it's moved into production.

Elasticity (Cloud Concepts) - Cloud and the Datacenter

Attempts to match the resources allocated with the actual amount of resources needed at any given point in time ▪ Elasticity is focused on meeting the sudden increases and decreases in the workload elasticity is often used in public Cloud services, especially under a pay as you go model.

Voice Over IP (VoIP) - Cloud and the Datacenter

Digitizes voice traffic to be treated like other data on the network. You can do this by connecting it to what's known as an ATA device, which essentially is going to convert your analog voice to something digital that you can use and push over the network. Uses the SIP (Session Initiation Protocol) to setup, maintain, and tear down calls VoIP can save a company money and provide enhanced services over a traditional PBX solution

Virtual Private Network (VPN) (Types of Connectivity Options) - Cloud and the Datacenter

Establishes a secure connection between on-premises network, remote offices, client devices, and provider's global network ● Amazon Web Services- Direct Connect Gateway ● Microsoft Azure- Azure Private Link

Private Direct Connection (Types of Connectivity Options) - Cloud and the Datacenter

Extends preexisting, on-premise data center into the provider's network to directly connect to your virtual private cloud network ●you can bypass the internet directly and instead establish a secure and dedicated connection from your infrastructure to the cloud provider's infrastructure using a dedicated leased line or a similar type of WAN connection. ●If you're running a large enterprise networking, you need higher speeds and redundancy, you may instead choose to use a private-direct connection to your cloud provider. - These are sold under different names, depending on the cloud provider you're using. If you're with Amazon Web Services or AWS, they call this a Direct Connect Gateway. If you're with Microsoft Azure, they call this an Azure Private Link.

Type 2 Hypervisor (Types of Hypervisors / Virtual Network Devices) - Cloud and the Datacenter

Guest OS Hypervisor (Virtual Box) HostOS (Windows) Hardware (mac desktop) Works well with a desktop environment

Vertical scaling (scaling up) (Scaling Types / Cloud Concepts) - Cloud and the Datacenter

Increasing the power of the existing resources in the working environment ●is really easy to use because you simply add faster and better components to your existing single server. ●This makes it easier to use, and it works well for long-term scalability. Normally when you're dealing with scalability, you're going to be dealing with vertical scaling.

IP Small Computer System Interface (iSCSI) (Storage over a network types : Virtual Storage Solutions / Virtual Network Devices) - Cloud and the Datacenter

Lowers cost and relies on configuration that allows jumbo frames over the network (not good for large network solutions that need fast high quality storage ●This has a limitation of less than 10 gigabits per second because again, our Ethernet, the fastest place of Cat6a or Cat7 is going to be limited to 10 gigabits per second.

On-premise vs Hosted DataCenters (Data Center Architecture Types) - Cloud and the Datacenter

On-premise - you're using a traditional private data infrastructure where your organization has its own data center that houses all of its servers and networking equipment that it's going to use to be able to support its operations. We call this on-premise because it's usually located in the same building as your main office. On-premise multiple locations - you're going to have multiple offices spread across a large geographic region or across the globe. And then all the other offices around the globe, they'll be called branch offices. Now these branch offices usually will not host their own servers, but instead they will host them in your on-premise data center at your headquarters. Co-Located (Hosted) Datacenter - your organization places their servers and networking equipment in the datacenter environment owned by another company Essentially, you're going to rent space in their data center instead of having to build your own.

Virtual Switch (Virtual Network Devices) - Cloud and the Datacenter

Overcomes the problem of all virtual servers being on one broadcast domain ▪ Layer 2 control provides VLANs and trunking ▪ Provides Quality of Service

Which of the following cloud services should an organization choose in order to develop a new iPhone app without having to configure and set up their own development environment? - Quiz 11 Cloud and DataCenter

Platform as a Service (PaaS) is a complete development and deployment environment in the cloud, with resources that enable you to deliver everything from simple cloud-based apps to sophisticated, cloud-enabled enterprise applications.

Orchestration (How to use Infrastructure as Code (IaC) effectively) - Cloud and the Datacenter

Process of arranging or coordinating the installation and configuration of multiple systems ▪ Lower costs ▪ Speed up deployments ▪ Increase security

Platform as a Service (PaaS) (Models of Cloud Computing) - Cloud and the Datacenter

Provides a development platform for companies that are developing applications without the need for infrastructure ▪ Dion Training uses PaaS for our courses Examples: ▪ Pivotal ● OpenShift ● Apprenda

Software-Defined Networking (SDN) (Virtual Network Devices) - Cloud and the Datacenter

Provides the administrator with an easy-to-use front end to configure physical and virtual devices throughout the network ▪ All the configurations are automatically done ▪ Provides administrator and overview of the entire network

What type of services can allow you to get more storage and more resources added to the cloud as fast as possible? - Quiz 11 Cloud and DataCenter

Rapid elasticity allows users to automatically request additional space in the cloud or other types of services. Because of the setup of cloud computing services, provisioning can be seamless for the client or user. Providers still need to allocate and de-allocate resources that are often irrelevant on the client or user's side. This feature allows a service to be scaled up without purchasing, installing, and configure new hardware, unlike if you had to install more physical storage into a server or datacenter.

East-West (Direction of Flow Types / Data Center Architecture Types) - Cloud and the Datacenter

Refers to data flow/moving within a data center For example, if we're using a spine and leaf architecture, any data flow between various servers in the data center, even if it goes between different leafs would be considered East-West traffic because that data is not leaving our data center. Now due to the increased use of software-defined networking, virtualization, private cloud, and converge networks, more and more traffic that we're using is being classified as East-West traffic, because it's still virtually part of your data center.

Fiber Channel over ethernet (FCoE) (Storage over a network types : Virtual Storage Solutions / Virtual Network Devices) - Cloud and the Datacenter

Removes the need for specialized hardware and runs FC over Ethernet networks ●This allowed you to kind of put up this bundleness over a standard TCP/IP or Cat5 or Cat6 network, and that would help you reduce the cost and make it easier for the solution to be implemented in your network.

Hypervisor (Virtual Network Devices) - Cloud and the Datacenter

Specialized software that enables virtualization to occur on the physical machine ▪ Hypervisor is the software that emulates the physical hardware ▪ Also called a Virtual Machine Monitor (VMM) Examples ● VMWare ESXi ● Microsoft Hyper-V ● Virtual Box ● VMWare Workstation

Infiniband (Virtualized Storage) (Virtual Storage Solutions / Virtual Network Devices) - Cloud and the Datacenter

Switched fabric topology for high-performance computing ▪ Very high throughput (>600 Gbps) with very low latency (0.5 μsec) ▪ Direct or switched connection between servers and storage systems

Public Cloud (Types of Cloud Computing) - Cloud and the Datacenter

Systems and users interact with devices on public networks, such as the Internet and other clouds

Private Cloud (Types of Cloud Computing) - Cloud and the Datacenter

Systems and users only have access with other devices inside the same private cloud or system

Distribution/Aggregation (Components of Three-tiered hierarchy / Data Center Architecture Types) - Cloud and the Datacenter

This layer is located under the core layer and it's going to provide boundary definition by implementing access control lists and filters. we're going to be defining policies for the network at large. you're going to see layer three switches here being used because this distribution layer is going to ensure packets are being properly routed between different subnets and VLANs within your enterprise network.

Spine (Layers of spine and leaf architecture / Data Center Architecture Types) - Cloud and the Datacenter

This spine contains the switches that will interconnect all the leaf layer switches into a full mesh topology. This leads to increased performance and redundancy for all the servers that are connected to the leaf layer and in turn to the spine layer.

How is VPN created? (Virtual Private Network (VPN) / Types of Connectivity Options) - Cloud and the Datacenter

This type of connection will usually be created as a site-to-site VPN between your EdgeRouter and the cloud service providers network. When using a VPN solution like this, usually you're going to rely on a traditional IPsec VPN to create an encrypted connection between your cloud providers network and your own enterprise network, all over the public internet, using this encrypted VPN tunnel. This allows you to extend your network using a highly available, managed and Elastic Cloud VPN solution to protect your network traffic instead of letting it traverse the internet directly.

Software as a Service (SaaS) (Models of Cloud Computing) - Cloud and the Datacenter

User interacts with a web-based application ▪ Details of how it works are hidden from users Examples: ● Google Docs ● Office 365

VoIP Topology (Voice Over IP (VoIP) ) - Cloud and the Datacenter

User's desktop computer is run in browser

Virtual Desktop (Virtual Network Devices) - Cloud and the Datacenter

User's desktop computer is run in browser ▪ Used from web, laptop, tablet, or phone ▪ Easier to secure and upgrade for the admins

Differences Between VPN and Private Direct Connection? (Connectivity Options) - Cloud and the Datacenter

Virtual Private Network (VPN) ●Faster Speed ●Better performance ●Support multiple VPCs ●Better redundancy Private Direct ●Cheaper

Type 1 Hypervisor (Types of Hypervisors / Virtual Network Devices) - Cloud and the Datacenter

are going to be where you have the OS, the operating system, sitting on top of your hypervisor and that's sitting directly on top of the hardware. Works well for servers because you're removing that extra layer of the OS (Host OS) Bare Metal Hypervisor - runs the hypervisor as the OS. And then, I can run the other operating systems that I want to host, like Windows Server, Mac, or Linux, inside the hypervisor. By removing that extra layer of software inside of the type two by moving to a type one, I am going to get better performance.

Scalability (Cloud Concepts) - Cloud and the Datacenter

designed to be more of a static or long-term solution. Scalability is going to be used to handle the growing workload that's required to maintain good performance and efficiency for a given software or application. ● Elasticity - Short-term addition or subtraction of resources ● Scalability - Long-term planning and adoption

Core (Components of Three-tiered hierarchy / Data Center Architecture Types) - Cloud and the Datacenter

going to consist of the biggest and fastest and most expensive routers that you're ever going to end up working with going to be considered the backbone of our network and it's used to merge geographically separated networks into one logical and cohesive unit. In general, you're going to have at least two routers at the core level operating in a redundant configuration. After all, if you only had one core router and it went offline, the entire network would grind to a screeching halt.

Network Attached Storage (NAS) (Virtual Storage Solutions / Virtual Network Devices) - Cloud and the Datacenter

is a disk storage that's delivered as a service over your TCP/IP network.

Spine and leaf architecture (Data Center Architecture Types) - Cloud and the Datacenter

is an alternative type of network architecture that's used specifically within the data center. With a spine and leaf architecture, instead we're going to be focused on communication within the data center itself only specifically to the server firm and the portions of it. we can actually get faster speeds and lower latency than the traditional three-tiered hierarchy as well. By using a spine and leaf architecture, we can actually take shortcuts in getting data from place to place, and this all happens best when we're using software-defined networks in combination with a spine and leaf design.

Infrastructure as a Service (IaaS) (Models of Cloud Computing) - Cloud and the Datacenter

is going to allow outsourcing of the infrastructure of your servers and desktops to the service provider, in addition to outsourcing that network ▪ Hosted off-site at the service provider's data center and the customer is billed for usage ▪ Charged by hours, processing power, or bandwidth used like utility services Examples ● Amazon Web Services (AWS) ● Microsoft's Azure

Leaf (Layers of spine and leaf architecture / Data Center Architecture Types) - Cloud and the Datacenter

is going to consist of all the access switches that aggregate traffic from the different servers and then connect directly into the spine layer or the networks core.

Desktop as a Service (DaaS) (Models of Cloud Computing) - Cloud and the Datacenter

is going to provide you with a desktop environment that is accessible from the internet in the form of a cloud desktop, or a Virtual Desktop environment. Virtual Desktop Infrastructure (VDI) ● easy to secure (increase the security) ● easy to upgrade because essentially, you get a brand-new desktop every time you log in. Because all that you're doing is creating a virtual file on a server. ● You're not having to actually build a new computer. So, the machine on your desk now just becomes a dumb device built to access this VDI environment. All of the important stuff is actually kept in my server room.

Access/Edge Layer (Components of Three-tiered hierarchy / Data Center Architecture Types) - Cloud and the Datacenter

layer is located beneath the distribution or aggregation layer, and it's going to be used to connect to all of your endpoint devices like your computers, your laptops, your servers, your printers, your wireless access points, and everything else. These access or edge devices are going to usually be regular switches, and they're going to be used to ensure packets are being converted to frames and delivered to the correct end point devices when needed.

Scripted Automation (How to use Infrastructure as Code (IaC) effectively) - Cloud and the Datacenter

used in cloud computing all of the time. This allows our development security and operations teams or the dev sec ops team to rapidly deploy things like a new router, switch or even an entire network, complete with servers and security devices. it can even include some basic logic to ensure the right things are being deployed based on the current conditions, security templates and policies are then going to be deployed, and these contain a series of configuration files that are applied to the different devices being deployed in your environment. ▪ These might include network settings, access control lists, group policies, or permissions.

Control Layer (Things to consider with the Software-defined networking (SDN) / Data Center Architecture Types) - Cloud and the Datacenter

uses that information from the applications and decide how to route a data packet on that network. It also makes decisions about how traffic should be prioritized, how it should be secured, and where it should be forwarded to

Three-tiered hierarchy (Data Center Architecture Types) - Cloud and the Datacenter

which consists of the core, the distribution or aggregation layer, and then the access or edge layer. Now, when we talk about this three-tiered model, this is a traditional network you're going to find in most enterprises. Benefits: Performance Management Scalability Redundancy It also is going to give us a better way to troubleshoot our network because normally if we find an issue, we're going to find it and isolate it down to a single access or edge layer device.


Ensembles d'études connexes

Social Problems Chapter 11: Sexual Orientation and the Struggle for Equality

View Set

BIO 103: Macromolecules study guide

View Set

The French Revolution - Chapter 18

View Set

Marketing management test 2 ch 6-9

View Set

Chapter 7 Taxation of Personal Life Insurance

View Set

CCTP Level 1-Basic Care and Handling Section 2-2: Communication Exam

View Set