Amazon Looks to Take Cloud ‘Virtually’ Private

Amazon cloud

Amazon (NASDAQ: AMZN) is aiming to cash in on businesses’ growing interest in private cloud computing by building an offshoot of its existing public cloud offerings.

The idea behind the new Virtual Private Cloud (VPC) is that businesses can connect via Virtual Private Network (VPN) to compute resources located within Amazon’s cloud. Those resources are separate from Amazon’s public Elastic Compute Cloud (EC2) resources, and enterprises can extend their own management and security infrastructure to encompass the VPC instances.

“We built Amazon VPC for this purpose — to allow any company to seamlessly connect their existing resources to the AWS [Amazon Web Services] cloud as if it were a part of their own datacenter,” Andy Jassy, senior vice president for AWS, said in a statement.

Pricing is simple: 5 cents per connection-hour plus a per-gigabyte data transfer fee that starts at 17 cents and drops to 10 cents for volume users. The product is currently available in the U.S.-East region.

For some time, enterprises have shown growing interest in taking advantage of the cloud. But some observers have said that large businesses would be more willing to leverage cloud technologies as a part of a controllable, in-house deployment — as opposed to public services like Amazon Web Services’ EC2.

But Amazon CTO Werner Vogels also said that businesses don’t want to give up the scalability and ease associated with a hosted cloud service. That’s where VPC comes in.

In a blog post, Vogels said that CIOs around the world have told him they would “accelerate the adoption of cloud services if they could access a form of cloud that would give them the best of both worlds: the flexibility and cost-effectiveness of accessing a virtually infinite pool of resources without owning it, while being able to integrate those resources into their existing datacenter environments such that they could continue to leverage existing investments in their management and control infrastructure.”

Providers of private cloud technologies such as virtualization expect to gain with VPC, with Amazon touting support from vendors like Citrix and CA.

“By leveraging Amazon VPC, our mutual customers now have access to resources that appear as a natural extension of their current on-premises Citrix based applications,” Frank Artale, vice president of business development at Citrix, said in a statement.

Titans fight cloud wars

For all the pleasant words today, tension remains between companies with public cloud offerings, such as Amazon’s EC2, and those offering private cloud systems, in which a company buys all the hardware and runs it itself.

In his blog post, Amazon’s Vogels said that the private cloud fails to deliver the benefits that businesses need. “Without the diversity and heterogeneity of the large number of AWS cloud customers to drive a high utilization level, [a private cloud] can never be a cost-effective solution,” he wrote.

Vogels explained that users of public clouds get to focus on other things besides hardware management and obtain efficiency and productivity gains through using the private cloud, benefits that no private cloud rollout can replicate.

He added that the elasticity of the cloud, which gives Amazon’s EC2 its name, is also key. “The ready access to vast cloud resources eliminates the need for complex procurement cycles, improving the time-to-market for its users. Many organizations have deployment cycles that are counted in weeks or months, while cloud resources such as Amazon EC2 only take minutes to deploy. The scalability of the cloud no longer forces designers and architects to think in resource-constrained ways and they can now pursue
opportunities without having to worry how to grow their infrastructure if their product becomes successful,” Vogels wrote.

The same argument is being played out in a high-profile war of words between Larry Ellison, Oracle’s CEO, and Mark Benioff, CEO of Salesforce.com and a former Oracle executive. Ellison said earlier this year during an earnings call that private, on-demand Oracle (NASDAQ: ORCL) deployments win over Salesforce (NYSE: CRM) in large enterprise environments.

Benioff’s reply to Ellison, during a presentation at a cloud conference, echoed Vogels’ statements this week. Benioff said that no Oracle private cloud deployment will ever achieve the efficiencies of Salesforce’s public cloud software, which resides in only a few datacenters.

Virtually private

Meanwhile, at least one critic has charged that Amazon’s VPC may not be private enough for most businesses.

Cloud management vendor Rightscale, which offers a management platform for Amazon cloud customers, said that it’s unclear how precisely Amazon keeps VPC activity separate the rest of its cloud.

“Instances in the VPC are separated from non-VPC instances at a deeper network level than instances in different security groups or belonging to different users,” Rightscale said in a blog post. “Amazon doesn’t say anything of substance about the nature of this isolation. Let’s see how soon that will have to change to actually attract enterprises.”

Rightscale, which itself also has a private cloud offering that runs on Ubuntu in collaboration with Canonical Software, additionally claimed that Amazon’s VPC may at the same time be too tightly integrated into customers’ datacenters.

“Instances in a VPC have no external network connectivity whatsoever,” the company said. “All traffic in/out of the VPC has to go through the VPN, at the far end of which it may be routed to the Internet. This includes traffic to other AWS services … and indeed any general Internet traffic. Sounds like #1 priority limitation to fix also from Amazon’s point of view to me.”

However, the company said that VPC’s reliance on customers’ VPN is a feature, not a flaw.

“Cloud traffic bound for the Internet routes over the VPN where it is examined by the customer’s existing security and networking technologies before heading to the public Internet,” Amazon said.

An Amazon representative pointed out that a blog post by Jeff Barr, Amazon senior Web services evangelist, said explicitly that VPC does not connect directly to the Internet.

“Adding [Internet connectivity to VPS] certainly makes sense and we plan to do it — but this is where we’re starting because it’s what is most important to our customers,” Amazon’s representative said.

Update adds comments from Amazon and clarifies availability of VPC.

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web