Between private cloud and public cloud, which solution to adopt ?

Today, customer needs are changing and evolving with the emergence of new technologies and service models. From a private cloud setup, they may want to transition to a public cloud or once again establish their IT infrastructure in-house. It also happens that they choose a combination of the proposed solutions to maximize their activities and support their growth. Rcarré offers all these options, either individually or in combination.

The concept of digital transhumance perfectly describes this phenomenon, through the digital journey that a company can initiate among various service models.

In response to this phenomenon, our vision is both strategic and technological, shared between two service models: private cloud and public cloud.

But what is the cloud ?

The public cloud is a model in which solution providers (mainly the GAFAM companies) make IT infrastructure and associated services available. The public cloud is a triangular model: the providers who make the infrastructure available, service companies like Rcarré that manage this infrastructure, and the end customer who consumes the resources made available according to their needs.

The private cloud is a model where the service provider makes its own infrastructure available, hosted in data centers in Luxembourg. This infrastructure is therefore purchased, managed, and operated by the provider itself. The provider also manages all service layers in order to provide a comprehensive and fully managed service.

Hybridization is a clear advantage in this concept of transhumance. Depending on the needs of each company, the customer will deploy their applications in the best location based on their requirements: in the public cloud, in the private cloud, or in a SaaS solution, all while maintaining complete coherence in the company’s solutions.

 

Common Ground :

Firstly, it is appropriate to remind that these two service models (private and public cloud) are not in opposition. The service strategy in place is identical, allowing us to provide a consistent solution to our customers, always maintaining a high-quality standard.

However, the models will exhibit differences in:

• Sovereignty: hosting data and applications in compliance with and respecting the jurisdiction of a country.
• Compliance: adhering to regulatory standards for cloud usage in accordance with industry directives.
• Migration: transitioning from one model to another is not always straightforward.

 

What Levels of Service Do the Two Cloud Types Offer ?

The public cloud offers three service levels:

• SaaS (Software as a Service): The cloud provider makes an application available that is entirely managed on the platform (e.g., Microsoft 365).
• PaaS (Platform as a Service): The provider offers the platform, and a third-party developer installs the application and manages it in collaboration with the service provider.
• IaaS (Infrastructure as a Service): Based on the infrastructure in the public cloud provider’s data center, the client manages their own infrastructure.

The private cloud provides two types of platforms :

• SaaS: On a fully shared infrastructure with shared virtual machines. The provider can offer work sessions with or without business applications, email, and/or file-sharing tools.
• PaaS: The client has their own virtual machines, allowing for specific needs to be met.

 

Which services and technologies are mutualised ?

In the private cloud, clients are part of a shared infrastructure with existing services and technologies in place (e.g., dual firewall, anti-virus scanning, web filtering, 24/7 standby service, detection, and blocking of malicious behavior). Penetration tests are conducted annually on our private cloud. Other services can be shared, such as Active Directory, Netscaler, reverse proxies, etc.

Regarding the public cloud, Microsoft 365 is already a shared service, and server clusters are provided to enable services like Exchange Online. For Azure, mutualization is not possible since each client has their own infrastructure. However, at the managed services level, management consoles can be shared, especially with Azure Lighthouse, which enables customer support.

 

What Are the Costs Associated with These Two Cloud Types ?

There are two types of costs for the public cloud :

• Annual or monthly subscriptions for tools like Exchange Online or Teams.
• “Pay as you go”: Consumption-based costs for Azure services. Optimization can be achieved by reserving instances for 1 or 3 years, allowing clients to save on consumption costs.

For the private cloud, costs are defined at the time of the offer, with no additional usage costs. Furthermore, private cloud clients benefit from additional technologies (e.g., malicious behavior detection and blocking) at no extra cost due to infrastructure mutualization.

 

Who provides support in these two models?

On our private cloud, support is entirely provided by our local teams, whether for user or infrastructure issues, without third-party involvement, ensuring a quicker response in case of problems.

Regarding our public cloud solution, there are two types of support:

• User support is also entirely provided by local teams.
• Infrastructure support is shared between Microsoft, responsible for the servers provided, and the service provider, which must configure the infrastructure correctly and adhere to best practices.

 

What services are available for both cloud types ?

The Azure solution in the public cloud includes the following managed services :

• Monthly proactive maintenance (e.g., server patching).
• Reactive maintenance (e.g., when a security vulnerability is detected).
• System and Azure platform monitoring.
• Cloud advice: Monthly cost analysis, security recommendations, and platform resilience.

Services included in the private cloud are 100% provided by a local team and include :

• Bimonthly proactive maintenance.
• Reactive maintenance in response to security vulnerabilities.
• 24/7 system monitoring.
• Guaranteed permanent redundancy.

 

What about backups and disaster recovery? Is there a difference?

In the private cloud, data is backed up daily and retained for one week, followed by a weekly backup that is kept for eight weeks, providing two months of backup coverage. Backups can be extended as needed or stored on secure external media. In the public cloud, backup retention aligns with that of the private cloud. Azure backups are georedundant, meaning they are sent to a secondary site at a distance of at least 1500 km.

Our private cloud solution is redundant due to its presence in two Tier IV data centers in Luxembourg. The network is split between these two data centers, connected by dark fibers following different paths to ensure redundancy. Internet connectivity is provided by different providers for each data center, but with IP addresses that we own. All of this allows for a quick response in the event of an incident to bring up infrastructure in either data center without changing addressing or configuration.

“Site recovery” is a possible option in the public cloud to ensure disaster recovery to another data center. As for resilience, there are three possibilities in Azure:

• Local: Three backups in the same data center (if one node fails, data can be recovered on another node).
• By zone: Backups are stored in three different data centers with separate power sources.
• Georedundancy: Backups are stored in two distinct data centers 1500 km apart.

 

Is automation, which is increasingly discussed, a reality in both cloud types ?

In the public cloud, we benefit from numerous services offered by Microsoft that allow for rapid deployment of images with the latest updates. There are also “Infrastructure as Code” services like Terraform or Azure by Step that enable writing code to define infrastructure more quickly and securely (avoiding human errors).

On the other hand, automation in the private cloud is not as advanced as in the public cloud. We leverage possible automations from the public cloud to implement as many as possible in the private cloud.

 

What about compliance in all of this? Can one opt for either solution if the company is regulated ?

As emphasized by the Luxembourg regulator, in both cases, it involves IT outsourcing. In this regard, the company must conduct a comprehensive analysis of this outsourcing before opting for either solution. The documentation required is substantial for both solutions. Naturally, information security is a critical consideration.

Managing outsourcing is crucial, and therefore, the cloud officer is responsible for proper management of automation, billing, and oversight of activities at the cloud provider. This cloud officer role comes with strict requirements in terms of product knowledge, which is why it is often outsourced.

Notification to the regulator must be submitted before migrating to the cloud because approval will require some time. However, turning to Rcube will greatly facilitate the company’s efforts, because we’re already advertised near the regulator.

In summary, compliance and the cloud:

 

So, when it comes to choosing between public cloud and private cloud, which solution should one choose ?

In conclusion, it is evident that there is no one solution better than the other! The suitable solution is found through studying the client’s needs and constraints, and perhaps increasingly involves the allocation of resources between private cloud, public cloud, on-premises infrastructure, and SaaS applications – in other words, IT hybridization.

Revew the webinar (FR)