Service Models

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *

Already have an account? Sign In »

9 hours 59 minutes
Video Transcription
in this video, we're gonna progress through the cloud computing concepts and talk about the three major service models for the cloud blow. You see where the service models is depicted in the NIST info graph
and by the service models were putting it really into three separate categories. Software as a service also referred to a SAS platform as a service pass and infrastructure. As a service, I ***, we're gonna dive into each of these three
commonly and collectively these air referred to also as the SP I layers software platform and infrastructure. I'm gonna walk through these, but I'm gonna go through them in a reverse order,
starting with infrastructure as a service. That's a model where the cloud provider hosts the servers to storage the network, all those physical aspects of it, and then the consumer, the cloud consumer, they come in and they provisioned virtual equivalents on top of that infrastructure that's being hosted by the cloud provider.
So this includes processing storage networks. Other fundamental computing resource is,
and the consumer has able to do this arbitrarily. This is the traditional first phase of the cloud infrastructure. As a service, you don't own the machines, but you manage, control and design virtual versions of these machines.
The next step in cloud is the past model platform. As a service, this is a model where the cloud Provider hosts and application development platform on its own infrastructure. And then it makes that platform available for the cloud users and accessible through the Internet.
So this includes application development frameworks, middleware capabilities, functions such as the databases, messaging and queuing with past The big difference. And you could see it in that picture on the right hand side, all that infrastructure of physical infrastructures there, even the virtual infrastructure. But you're not managing any of that as a user.
Rather, you are taking advantage of
the published capabilities, the platform level capabilities, eso some examples storage, including, such as file system, storage, right and providers. If you talk about Amazon as three buckets or storage accounts on azar,
they expose the file systems, and they actually provide the capabilities to expose them in such a ways
that you can mount and connect to these file systems from your virtual machines. So they're taking care of a lot of the hassle with respect to NFS or CFS. mounting methods. They also will expose blob style storage so you can access the contents that reside in that storage bin
over http or https.
That wouldn't be something you just natively conduce. So there are providing a little layer on top of just pure storage as functionality and value add
thinking a little bit further, more past just to give you some real context around these AWS, they have the concept of auto scaling groups and as there has these VM scale sets, right where you have
basically the same machine multiple instances of the same virtual machine
and you have a pool of them. And when load and demand goes up, you scale out that pool, and when demand goes down, you scale down that pool and reduce the number of machines as the horizontal scaling that we were previously talking about.
Database is another big area for pass right so managed post GREss. There's a lot of proprietary managed databases between the different providers of aws azar, Google AWS, Lambda Serverless functions, becoming a real big topic right now
function APS is azar's equivalent, and I think that the similar in G, c p,
even kubernetes could be a real bear to manage, so providers have come in there, and they've offered a way to
abstract all the details that you might need to use and be aware of if you wanted to manage a cluster of micro services or container based capabilities and services. So, for example, a Circle bernetti service rather than provisioning a bunch of virtual machines, installing Cooper nineties on them and
building on them together and getting the multiple nodes of those machines
communicating with each other and then distributing loads of individual containers across those machines. Your abstracted from that and having to deal with kubernetes even at that layer,
you give up some control when you take this model, but you get some ease and simplicity at the same time.
And last but not least, is software as a service. So in this model you're giving up a lot of control in terms of the underlying architecture and how it's configured right. It's a distribution model where the cloud provider hosts the applications on its own infrastructure, and they make them available to users over the network.
Typically, it's accessed through the Internet,
so the consumer uses the applications themselves but they don't have to worry about the infrastructure as a service. Virtual machines. They don't worry about platform as a service. Even fact. They're not even going to be aware off the nuances of what kind of a database is this
software as a service using? How is the information being persisted? For example,
how is messaging and routing taking place? You are really abstracted from that When you go the software as a service model
again, you have less control. But it's greater simplicity for you.
Great examples of software is a surface. Salesforce is a customer relationship management system. Very popular. Concur is expense reports management system used by a lot of big companies. Zendesk is a service in help desk system. So for your internal support, customer support, technical support.
Alvi it right and you access those
all through a Web based interface, and you have a certain degree of configuration you have. But you don't have any interaction with the underlying databases, virtual machines, storage and so forth.
There could be a blurry line between Sassen Pass as well. I think a good example of that is Web flow, so that's a the no code low code type solution for you to build interactive websites. Is that a SAS? Is that a pass? I don't know. Not all of these. Not everything you're gonna come across in the world world
fits extremely cleanly into one of these three categories.
But these are how NIST defines the categories. And it's what the C s A guidance really leans on. Is the NIST perspective on cloud. So for the purposes of your test, knowing that s p I layers is very important.
Just to recap, we covered SP I write sas past and I *** I asked being the resource pool of virtualized infrastructure and then you is the cloud consumer have the ability to to do that or use the cloud provider. You expose capabilities that allow them to
build virtualized abstract versions of these things
on that actual infrastructure
platform. It serves the service, bringing things up to a little higher level of abstraction, simplifying certain things, giving up a little bit of control but reaping the benefits as well. And then finally, software as a service where everything is really abstracted except for the application itself.
And you just have no insight into how the underlying resources are managed.
In fact, they themselves may not be managed on my *** or pass basis, right? The SAS provider themselves could have a bunch of
physical machines or virtual machines on physical machines that they themselves manage. And like we said, it really gets confusing in the real world scenarios. And there's a very blurry line that's wraps it up for this lesson. It was a very quick one with these three key concepts, but you're gonna be hearing about him a lot, and so hopefully they've resonated with you.
I look forward to seeing you as we continue
going through the cloud compute domain for the CCS K exam.
Up Next