Software-Defined

Performance and Security for Azure Cloud Applications

by Nick Vale on ‎05-20-2015 05:00 AM (3,512 Views)

Moving your Apps to the cloud will mean you need to address the issues of availability, performance and security issues when you architect your cloud infrastructure. Also don’t under-estimate the potential complexity of your infrastructure if you start to mix cloud friendly technology with your Data Center based hardware products – just how many GUIs do you need to learn?! Try and select products that can be deployed wherever you need them – cloud as well as a physical or virtual data center.

 

The headlines on cloud outages seem to have become less frequent but there is still a risk of your Apps becoming unavailable to users unless you look at cross region deployment or multiple clouds.

 

App Performance can be impacted by latency issues unless you are deploying App instances globally and it’s important to consider the flexibility and scalability of a cloud deployment to provide the right response times as application traffic volume changes.

Security is a huge concern for us all, wherever the application is hosted but more so in the cloud where regulatory compliance can be more difficult to achieve when compared with your own Data Center.

 

A fully featured virtual Application Delivery Controller (ADC) can help alleviate performance and availability issues with features like Global Load Balancing and auto-scaling but what about security? There are virtual or software Application Firewalls to help here but what about protecting those all-important keys? In your own data center they would be kept safe in your FIPS compliant Hardware Security Module (HSM). Can that be replicated in the cloud?

 

The 10.0r1 release of the Brocade SteelApp Traffic Manager includes some very interesting integration work with the Azure Key Vault product to address this particular cloud migration issue.

 

Image1.png

 

The Azure Key Vault (FIPS 140-2 Level 2 and CC EAL4+ certified) safeguards cryptographic keys and other ‘secrets’ used by Apps and services based in the Azure cloud. Just by storing the keys in the cloud can bring about reduced latency and improved performance as there is no round trip to and from your own HSM. Now SteelApp can use those cloud based keys to offer SSL offload functionality which can reduce the workload on the back end servers, reducing cost and improving response times to end user requests

 

Image 2.png

 

Anyone with an interest in securing cloud based applications, from App Developers to Chief Security Officers can now have more confidence that Azure cloud based Apps can be compliant, secure and available and provide a great end user experience. After all, you want all the advantages of a cloud like Azure such as scalability and flexibility when compared to your own infrastructure, but with no downsides right?