The Drotos Engineering cloud migration project is proceeding. Your applications require a 99.9% uptime. You are now working on the disaster recovery and business continuity plan to ensure that occurs.

This paper will look at security technologies to use to meet our security requirements and design for the proposed cloud-based network environment. We will also look at automated scanning and monitoring techniques or tools to use for the cloud-based environment and also list the steps to implement the tools.

When it comes to security in cloud-based environment, both parties i.e. the cloud service provider and the consumer of the services must ensure they practice security measures so as to prevent attacks. It is the responsibility of the cloud service provider to ensure that their infrastructure is secure and client’s data and applications are protected. It is also the responsibility of the consumer (Drotos Engineering) to ensure that applications are accessed after the user has been authenticated.

The security technologies employed in a cloud-based environment include:

Virtualization

According to Rivera A (2018) virtualization is creating of virtual version of something, for example, we can have virtual server, virtual operating system, virtual network resources etc.

Cloud service providers store data from several clients and virtualization can ensure that one client does not accidentally view another client’s data.

Encryption

According to Pfleeger C et al (2015) encryption is encoding a message so that its meaning is not understood by a layman. Pfleeger C et al (2015) define decryption as reversing an encrypted message to its original form. The cloud service provider will use encryption to ensure security of the data. The cloud service provider will use Attribute-based encryption (ABE).

Data security

The cloud service provider will ensure that the data is secure and it is confidential, maintains integrity and it is available when needed.

Multi-factor authentication

The cloud service provider will provide multi-factor authentication whereby a user does not only need to provide a password but he/she also needs to provide a secret key/pin from a special hardware device and this can be seen as hard token or even from software apps.

The cloud service provider is responsible for monitoring the services it provides to consumers e.g. network, storage service etc. On the other hand, the consumer (Drotos Engineering) is responsible for monitoring the systems and applications created by the consumer using these services.

The network will be monitored using PRTG network monitoring tool. According to PRTG website paessler.com the PRTG network monitoring tool monitors switches, routers, firewall, workstations, servers, VMware etc.

We will use New Relic to monitor database performance

We will use Zabbix to monitor our systems and applications

The most critical one is the network since without the cloud-based network we cannot access these other services such as storage services etc.

Implementation of PRTG networking tool

You need to buy the PRTG monitoring tool from their website Paessler.com and download it. After downloading it, you need to install it and run through the installation wizard. The following image depicts the PRTG system administration interface.

Implementation of the new relic monitoring tool

You need to buy the new relic monitoring tool from their website Newrelic.com and install it and from there you are able to monitor slow transactions, error rates, database performance etc.

We are currently operating on a traditional private network. For us to be able to ensure that our employees can access files and software locally and remotely, software applications and storage are scalable as employee number increases, software application response time is high even with employee growth, business continuity even in case of network failure etc. we need to migrate our network to cloud-based network.

This paper will look at the rationale for transitioning from the traditional network environment to the cloud-based environment. We will also look at the hardware requirements to support the cloud-based environment. We will list the steps to implement the recommended cloud-based solution. We will finish by giving our opinion on whether the solution will address our business needs or we need further modifications.

Before looking at the reasons for transitioning, let’s first define traditional network and cloud-based network.

According to Wadia Y (2016) traditional network consists of switches and routers that are connected to physical hardware and its main purpose is transmitting and forwarding packets from one place to another.

Wadia Y (2016) says that cloud based network has virtual devices such as virtual servers, virtual routers and switches that are provided by cloud service provider. An organization doesn’t need to install these devices.

The reasons for migrating from traditional network to cloud-based environment are:

1. Security

Cloud based solution is heavily filtered compared to the traditional network. Cloud service providers allow only unicast datagrams while restricting all broadcast datagrams over their network. Cloud service providers have got security specialists who oversee network security issues such as denial of services since they are in the business of providing cloud based networking.

1. Database server and other severs

Cloud-based solution has got servers such as database servers, application servers, mail servers etc. The database server usually scales nicely with increase in data volume and thus catering for growth in organization.

1. Price consideration

It is cheaper to use third party servers for storage, computing, applications etc. than buying our own servers and having them configured at the organizations premises. The same applies for network devices, it is cheaper to use cloud service provider network devices than buying our own and configuring them.

1. Reduction in work load

Since we are having our applications and database storage provided by cloud service provider, we can only focus on our core business as Drotos Engineering and not focus on things such as, is our network antivirus up to date? Is our database secure and is our data integrity intact?

We will not be adding any hardware as an organization since we will be using the cloud service provider hardware such as virtual switches, database servers, application servers, mail servers etc.

We don’t need the network hardware to implement the cloud-based solution. What we need is OpenFlow protocol, which is a software-defined networking protocol that issues access to forwarding plane of a network switch or router over the network. We also need an interface that facilitates communication of applications through Application Programming Interfaces (API).

We need to consider compliance. Does the cloud-based provider comply with various compliance policies such as FERPA etc.

We need to consider whether we will receive technical support for the service or not

The migration to cloud-based solution will address all our business needs since our data storage and usage intends to increase. Cloud service providers always keep their software up to date with the latest patches, therefore, we are guaranteed that we will be using the latest Microsoft Office package for our daily operations.