Outsourced Private Cloud

An outsourced private cloud has two security perimeters, one implemented by a cloud consumer and one implemented by a cloud service provider. The two security perimeters are linked by a trusted internet connection. The security of the outsourced private cloud depends on the strength of the security perimeters and the trusted internet connection. 

The cloud consumer organization can connect the user devices such as smartphones, tablets, laptops, and other wireless BYOD (bring your own devices) to IP over WiFi (IP / WiFi) or IP over 4G (IP / 4G WiMAX or LTE)  networks to communicate with the site's boundary controller in order to access the cloud services and resources.

The Challenge

Access to the resources of an outsourced private cloud, such as a database of sensitive information or a web server with downloadable proprietary data files, needs to be monitored and controlled. 

The link between the two boundary controllers can be vulnerable to attack, especially if it goes through the public internet. This outsourced cloud solution requires trusted internet connections.  

The CIS Solution

The SIPbiz.net boundary controller solution based on user's unique identification to monitor and control cloud resource access. A user is authorized to access a cloud resource when the user identity is registered and included in the access list of the resource. 

A user identity must be registered with the organization's SIPbiz.net boundary controller  and the the remote SIPbiz.net boundary controller of the outsourced community cloud. The local SIPbiz.net boundary controller uses the local registration information to authenticate the user, and the remote SIPbiz.net boundary controller uses the remote registration to authorize the user's cloud resource accessibility.

The multiple steps of access verification as describe above enable the monitoring and control of the access of the cloud resources. The monitoring data is processed and reported by continuous monitoring applications.

In the outsourced private cloud scenario, the participant organizations are connected via links between the SIPbiz.net boundary controllers that allow access through their security perimeters. The SIPbiz.net connection can be initiated by one of the boundary controllers.  The successful connection establishment creates a trusted internet connection over which transiting information is encrypted.

Benefits and Capabilities

Security Enhancement

  • Connect user devices and servers from behind NAT firewall
  • Mutual inclusive privacy protection with PKI
  • End-to-end encrypted information via TLS

Technology Advantage

  • Scalability: There is no architectural limit on the number of trusted connections a SIPbiz.net can connect. Each SIPbiz.net can initiate and accept multiple TLS connections.
  • Encryption works with or without NAT firewall
  • Encryption works with IPv4 or IPv6 networks
  • Flexible SIPbiz.net connection configurations
    • Point-to-point
    • Point-to-multipoint
    • Full mesh

Learn More

For additional information on how your organization can benefit from SIPbiz.net Outsourced Private Cloud solution, please contact sipbiz@sipbiz.net.