NetApp and our partners are answering your cloud questions as part of the Data Driven Cloud Series, so you can manage, move and secure your data in any environment. This week, Datapipe weighed in on the new innovations emerging from recent FedRamp certified cloud offerings.
As emerging technology innovations continue to permeate cloud platforms, government agencies are evaluating the different types of Federal Risk and Authorization Management Program (FedRAMP) cloud solutions that are available to them. Datapipe has deployed cloud solutions, built upon NetApp storage technology, for nearly half of the cabinet-level government agencies. Each of those solutions was architected to meet the agency’s business and technical needs. Let’s look at the differences between the two primary cloud solutions available to government customers.
Infrastructure as a Service (IaaS)
Cloud platforms are the building blocks for an agency to deploy applications upon. At the lowest tier you will find IaaS. Within an IaaS cloud, customers can expect to find the processing power (compute), storage, and network resources already deployed in a secure fashion. Provisioning IaaS cloud resources can be achieved rather quickly and this allows customers to quickly deploy an application. However, a traditional IaaS cloud solution provides security and management of the infrastructure only through the hypervisor. This leaves the responsibility of securing and managing the solution above the hypervisor to the customer. The portion of the infrastructure that is not typically covered includes virtual operating systems, virtual networks, applications, data, and the security controls that sit on top of the entire solution. If a customer has the in-house expertise to provide these capabilities or leverages a managed service provider (MSP) to provide this expertise, an IaaS solution can work quite well. Without this expertise, the overall cost to secure the solution can become quite expensive and in the meantime, a customer could potentially be exposed to any number of security vulnerabilities.
Platform as a Service (PaaS)
The next tier up is a PaaS solution. This builds upon the best features of an IaaS solution (management of the compute, storage, and network resources) while also providing responsibility to deploy and manage the virtual machines themselves. Customers would no longer have to be responsible for the security of the virtual operating systems or the network layer that resides above the applications and data. Customers need only worry about their applications and data itself. This is a great solution for customers that do not have in-house IT expertise, are tasked with streamlining their IT department, or have the internal resources but would like to reallocate those resources for other projects or innovations. If a customer does have the in-house IT expertise, they may need to work with the cloud service provider (CSP) to make sure there is a clear division of responsibility and each party understands their role in the overall management of the solution. This can often become the best of both worlds, as customers no longer need to worry about the security of the cloud solution, but are still able to retain full control over their applications and data.
With the Joint Authorization Board (JAB) approved FedRAMP PaaS solution, Datapipe and NetApp are delivering unique secure cloud solutions that exemplify the use of emerging technologies while offering agencies the ability to layer additional security controls above and beyond the FedRAMP baseline. Government agencies that choose this platform are able to take advantage of Datapipe and NetApp’s successful history of supporting complex, security sensitive government programs.
Below, Dan Tudahl, President and General Manager, Datapipe Government Solutions answered your cloud questions on WTOP, Federal News Radio.
A New Era for the Cloud--Today's government agencies are under incredible pressure to respond to changing needs, and they are moving toward a cloud delivery model. The public cloud is quickly becoming part of many IT organizations' strategy that complements a private cloud strategy. By providing a data fabric that spans across all clouds, NetApp enables organizations to confidently manage and maintain control of their data across any cloud, accelerating innovation and IT responsiveness.