Enabling Digital Society

Using the Cloud and Mobility to enable citizens to take part in their world!
Options
Search
Gov 2.0 Radio
Listen to internet radio with Gov20Radio on Blog Talk Radio
Tags
Archive
Archives

Secure Cloud Hybrid Applications

MSDN Blogs > Enabling Digital Society > Secure Cloud Hybrid Applications

Secure Cloud Hybrid Applications

27 Mar 2011 7:50 PM
  • Comments 1

One of the key aspects to secure cloud hybrid applications is a secure connection from the cloud based services to the on premise base ones. With Windows Azure this is quite easy. You can use Windows Azure Connect to establish a secure IPV6/IPSec based tunnel from the individual role in Azure, to the individual service( s ) on premise. Channel 9 has a short video on this topic:

http://channel9.msdn.com/posts/Windows-Azure-Platform-Security-Essentials-Module-5-Secure-Networking-using-Windows-Azure-Connect

Something that tends to be a misunderstanding is that Azure Connect is not a VPN from your network, to the Internet.  The connections are configured to go from a specific server, and services on your network, to a specific Role hosted in Azure. It is point to point and secured with IPSec.  You aren’t exposing your network to the entire Internet over a VPN type connection.

There are a couple key benefits I see to this from a security angle.

  1. You can move the UI and Business layer off to the Azure servers. This prevents potential hackers from touching infrastructure connected to your network. The Azure Connect tunnel will provide secure encrypted communications between the Business layer worker roles and the specific service or DB on premises. The unwashed masses can not touch the interface of the services or DB on your network. It will only talk to the Role you have defined in Azure. This provides another layer between you and the bad guys.
  2. This will allow you to create hybrid applications where all of the sensitive data is still kept safely on premises in your data centre. You don’t have to push a lot of data out to the web. The UI and Business layers are already being accessed from over the Internet anyway so there is little benefit to them being hosted on premises other than the desire and perception of control.

Hybrid applications over Azure Connect provide an excellent means to create highly scalable and robust form filing, and data publication applications for public consumption. Definitely have a look at it.

Comments
  • Nick Ward
    20 Jan 2013 9:49 PM

    Hey Rocky,

    Have you got an updated version of this post for Windows Azure Virtual Networks and the VPN connectivity?  Would be useful!

    Cheers,

    Nick.

Page 1 of 1 (1 items)
Leave a Comment
  • Please add 8 and 8 and type the answer here:
  • Post