The economics of Cloud may incentivize changes in architecture. Here is an example:
Many companies aggregate security log files from servers and network devices into a single repository to facilitate alerting on events and to support forensic investigation of security events. For some organizations, compliance requirements like PCI indirectly make this a requirement (it would be too onerous to satisfy Requirement 11 without implementing a SIEM). There are many Security Incident and Event Management systems (SIEM) that support this. Security log aggregation can create a large amount of network traffic to the centralized database.
Many cloud providers allow an unlimited amount of inbound network traffic, but charge for outbound network traffic. This could create a situation for a company, considering all costs, where it is less expensive to place the SIEM and other monitoring infrastructure in the Cloud rather than inside the walls of the organization’s data center. This may become even more obvious as the company increases the number of servers it puts in the Cloud.
Let me know if you would like help analyzing the cost of cloud for your organization.
No comments:
Post a Comment