Cloud and the Datacenter (1.2, 1.7, 1.8 & 2.1)

Question 1

Virtual Network Devices

Answer 1

o Major shift in the way data centers are designed, fielded, and operated
▪ Virtualization is everywhere
● Virtual Servers
● Virtual Routers
● Virtual Firewalls
● Virtual Switches
● Virtual Desktops
● VoIP
● Cloud Computing
● Software-Defined Networking

Question 2

Virtual Servers

Answer 2

▪ Allows multiple virtual instances to exist on a single physical server Considerable cost savings for an IT budget
▪ Allows for consolidation of physical servers
▪ Multiple NICs increase bandwidth available

Question 3

Hypervisor

Answer 3

▪ Specialized software that enables virtualization to occur
▪ Hypervisor is the software that emulates the physical hardware
▪ Also called a Virtual Machine Monitor (VMM)

▪ Examples
● VMWare ESXi
● Microsoft Hyper-V
● Virtual Box
● VMWare Workstation

Question 4

Virtualized Storage Solutions

Answer 4

▪ Network Attached Storage (NAS)
● Disk storage is delivered as a service over TCP/IP
▪ Storage Area Network (SAN)
● Specialized LAN designed for data transfer/storage
● Transfers data at block level with special protocol
● Fibre Channel (FC)
o Special purpose hardware providing 1-16 Gbps
● Fibre Channel over Ethernet (FCoE)
o Removes need for specialized hardware
o Runs over your Ethernet networks
● iSCSI (IP Small Computer System Interface)
o Lower cost, built using Ethernet switches (<10 Gbps)
o Relies on configuration allowing jumbo frames over the network

Question 5

Infiniband (Virtualized Storage)

Answer 5

▪ Switched fabric topology for high-performance computing
▪ Very high throughput (>600 Gbps) with very low latency (0.5 μsec)
▪ Direct or switched connection between servers and storage systems

Question 6

Virtual Firewalls and Routers

Answer 6

▪ To fully virtualize your network, you will need a firewall and router
▪ Manufacturer’s offer virtualized versions of their most popular devices
▪ Virtualized routers and firewalls provide the same features as their physical counterparts

Question 7

Virtual Switches

Answer 7

▪ Overcomes the problem of all virtual servers being on one broadcast domain
▪ Layer 2 control provides VLANs and trunking
▪ Provides Quality of Service and security

Question 8

Virtual Desktops

Answer 8

▪ User’s desktop computer is run in browser
▪ Used from web, laptop, tablet, or phone
▪ Easier to secure and upgrade for the admins

Question 9

Software-Defined Networking (SDN)

Answer 9

▪ Provides the administrator with an easy-to-use front end to configure physical and virtual devices throughout the network
▪ All the configurations are automatically done
▪ Provides administrator and overview of the entire network

Question 10

Voice over IP (VoIP)

Answer 10

o Voice over IP (VoIP)
▪ Digitizes voice traffic so that it can be treated like other data on the network
▪ Uses the SIP (Session Initiation Protocol) to setup, maintain, and tear down calls
▪ VoIP can save a company money and provide enhanced services over a traditional PBX solution

Question 11

VoIP Topology

Answer 11

User’s desktop computer is run in browser

Question 12

Virtual Private Branch Exchange (PBX) and VoIP

Answer 12

▪ Ability to outsource your telephone system

▪ Utilizes VoIP to send all data to provider, then provider connects it to telephone system

Question 13

Cloud Computing

Answer 13

o Cloud Computing
▪ Private Cloud
● Systems and users only have access with other devices inside the same private cloud or system
▪ Public Cloud
● Systems and users interact with devices on public networks, such as the Internet and other clouds
▪ Hybrid Cloud
● Combination of private and public
▪ Community Cloud
● Collaborative effort where infrastructure is shared between several organizations from a specific community with common concerns

Question 14

Models of Cloud Computing

Answer 14

▪ Network as a Service (NaaS)
▪ Infrastructure as a Service (Iass)
▪ Software as a Service (SaaS)
▪ Platform as a Service (PaaS)

Question 15

Network as a Service (NaaS)

Answer 15

▪ Allows outsourcing of the of a network to a service provider
▪ Hosted off-site at the service provider’s data center and the customer is billed for usage
▪ Charged by hours, processing power, or bandwidth used like utility services
▪ Amazon’s VPC or Route 53 offerings

Question 16

Infrastructure as a Service (IaaS)

Answer 16

▪ Allows outsourcing of the infrastructure of the servers or desktops to a service provider
▪ Hosted off-site at the service provider’s data center and the customer is billed for usage
▪ Charged by hours, processing power, or bandwidth used like utility services
▪ Examples
● Amazon Web Services (AWS)
● Microsoft’s Azure

Question 17

Software as a Service (SaaS)

Answer 17

▪ User interacts with a web-based application
▪ Details of how it works are hidden from users
▪ Examples:
● Google Docs
● Office 365

Question 18

Platform as a Service (PaaS)

Answer 18

▪ Provides a development platform for companies that are developing applications without the need for infrastructure
▪ Dion Training uses PaaS for our courses
▪ Examples:
▪ Pivotal
● OpenShift
● Apprenda

Question 19

Desktop as a Service (DaaS)

Answer 19

▪ Provides a desktop environment that is accessible through the Internet in the form of a cloud desktop or virtual desktop environment
● Virtual Desktop Infrastructure (VDI)

Question 20

Elasticity

Answer 20

▪ Attempts to match the resources allocated with the actual amount of resources needed at any given point in time
▪ Elasticity is focused on meeting the sudden increases and decreases in the workload

Question 21

Scalability

Answer 21

▪ Handles the growing workload required to maintain good performance and efficiency for a given software or application
● Elasticity
o Short-term addition or subtraction of resources
● Scalability
o Long-term planning and adoption

Question 22

Vertical Scaling (Scaling Up)

Answer 22

▪ Increasing the power of the existing resources in the working environment

Question 23

Horizontal Scaling (Scaling Out)

Answer 23

▪ Adding additional resources to help handle the extra load being experienced
● Vertical- Scalability
● Horizontal- Elasticity
▪ Scaling out provides more redundancy and results in less downtime

Question 24

Multitenancy

Answer 24

▪ Allowing customers to share computing resources in a public or private cloud
● Better storage/access
● Better use of resources
● Lower overall cost
▪ Multitenancy might cause your data to be hosted on the same physical server as another organization’s data
● When an organization crashes a physical server, all of the organizations hosted on that same server are affected
● An organization failing to secure its virtual environments hosted on a shared server poses a security risk for the other organizations hosting on that same server
▪ Set up virtual servers in the cloud with proper failover, redundancy, and elasticity
● Complex passwords
● Strong authentication
● Strong encryption
● Strong policies

Question 25

Virtual Machine (VM) Escape

Answer 25

▪ Occurs when an attacker breaks out of one of the isolated VMs and begins to directly interact with the underlying hypervisor ▪ Host virtual servers on the same physical server as other VMs in the same network

Question 26

Infrastructure as Code (IAC)

Answer 26

o Enables managing and provisioning of infrastructure through code instead of through manual processes ▪ Virtual machines ▪ Virtual devices ▪ Scripted automation and orchestration

Question 27

Orchestration

Answer 27

o Process of arranging or coordinating the installation and configuration of multiple systems ▪ Lower costs ▪ Speed up deployments ▪ Increase security

Question 28

Snowflake Systems

Answer 28

o Any system that is different from the standard configuration template used within your organization’s IaC architecture o Keeping things consistent and using carefully-developed and tested scripts

Question 29

Virtual Private Network (VPN)

Answer 29

Establishes a secure connection between on-premises network, remote offices, client devices, and provider’s global network ● Amazon Web Services- Direct Connect Gateway ● Microsoft Azure- Azure Private Link

Question 30

Private-Direct Connection

Answer 30

▪ Extends preexisting, on-premise data center into the provider’s network to directly connect to your virtual private cloud network (Overall, Private is superior, but more expensive than a VPN)

Question 31

Datacenter

Answer 31

▪ Any facility that businesses and other organizations use to organize, process, store, and disseminate large amounts of data

Question 32

Types

Answer 32

``` ▪ Three-tiered hierarchy ▪ Software-defined networking ▪ Spine and leaf architecture ▪ Traffic flows ▪ On-premise versus hosted datacenters ```

Question 33

Benefits

Answer 33

▪ Performance ▪ Management ▪ Scalability ▪ Redundancy

Question 34

Software-Defined Networking (SDN)

Answer 34

▪ Enables the network to be intelligently and centrally controlled, or programmed, using software applications ▪ Application Layer ● Focuses on the communication resource requests or information about the network as a whole ▪ Control Layer ● Uses the information from the applications and decides how to route a data packet on the network ▪ Infrastructure Layer ● Contains the network devices that receive information about where to move the data and then performs those movements ● Provides a layer of abstraction between the devices and the control and data flow that happen on the network ▪ Management Plane ● Used to monitor traffic conditions and the status of the network

Question 35

Architectures

Answer 35

▪ Spine and Leaf Architecture ● An alternative type of network architecture that focuses on the communication within the datacenter itself ● Spine and leaf architecture can give faster speeds and lower latency ● This architecture can be used in combination with the standard three-tiered hierarchy ● North-South o Traffic that enters or leaves the data center from a system physically residing outside the datacenter o Northbound is data leaving the datacenter o Southbound is data entering the datacenter ● East-West o Refers to data flow within a datacenter ● On-premise o A traditional, private data infrastructure usually located in the same building as the main offices ● Co-located o A datacenter environment owned by another company ● Cloud-based o Migrating company data out of own server and datacenters and into a cloud service provider’s servers and datacenters.