Prevention instead of aftercare As it stands for the self-healing of clouds
A cloud that can detect and fix even your glitches sounds almost too good to be true. But it’s more than a pipe dream. However, one must not overestimate the possibilities and not leave the security entirely to the cloud. A division of tasks between cloud, cloud provider and cloud user is necessary, as is more prevention.
Companies on the topic
The idea of self-healing in cloud computing is actually nothing new, but is gaining relevance in times of a lack of cloud experts.
(Image: © metamorworks – stock.adobe.com)
The first ideas for a self-healing cloud are already many years old. Researchers put forward the thesis: Cloud computing requires a robust, scalable and powerful infrastructure. To provide a reliable cloud computing platform, it is necessary to build a self – diagnosis and self-healing system against various failures or downgrades.
For example, the Defense Advanced Research Projects Agency’s Mission-oriented Resilient Clouds (MRC) project aimed to develop an intelligent, self-healing cloud computing infrastructure capable of identifying the nature of an attack and then essentially repairing itself.
Awakening self-healing powers in the cloud
The desire for such self-healing powers is unbroken today: Cloud experts are in short supply; cloud security in particular still causes problems and prevents many companies from benefiting from the advantages of the cloud.
At the same time, attacks are increasingly taking place on and off clouds. IT security incidents and data breaches are the result and can lead the affected companies to production stoppages and result in sanctions by the supervisory authorities.
But can the challenges of a secure, resilient, available and high-performance cloud be solved by completely automating the diagnosis and resolution of disruptions and attacks, thus making the cloud truly self-healing? Or is it rather the case that cloud security cannot be transferred entirely to the cloud provider or the cloud itself, so the cloud user always remains under obligation?
Autonomy possible in parts of the cloud
Market researchers such as 451 Research, for example, have described the necessary functions for self – healing with cloud and hosting providers:
- High availability: Self-healing for automatic recovery when hardware, software, networks or even an entire region fail.
- Intelligent automatic scaling: Scale to provide and calculate scalability in response to traffic peaks.
- Rapid Restore Data Vault: Time machine-like feature that allows hosting company customers to revert to the last version of the files in case of accidental data loss or malicious attack on websites, databases and mailboxes.
Undoubtedly, these are desirable features, but they do not cover all cloud security or cloud privacy requirements. Obviously, self-healing in autonomous clouds should always be understood as a function for partial areas. Further tasks remain with the cloud provider, but also with the cloud user. The cloud itself is therefore not a”lone wolf”.
Healing does not only need the cloud itself
But there are certainly features to automatically fix cloud problems. With automatic repair in the Google Cloud, for example, high-availability applications can be created in Compute Engine. Automatic repair automatically restarts compromised applications. Problematic instances are immediately detected and automatically recreated so that clients can be served again. With the automatic repair, an application does not have to be re-deployed manually after an error.
However, it should be clear that the desired self-healing would have to affect the entire cloud infrastructure, including self-healing networks, for example. This area alone requires numerous functions, as demonstrated by the concept of VMware: The VMware Virtual Cloud Network (VCN) enables companies to view the network as an end-to-end environment. With virtualized networking, security, and analytics solutions, VCN addresses the core capabilities required for detection, avoidance, and end-to-end automatic correction, and forms the foundation for self-healing networks, VMware says.
With Kubernetes, for example, self-healing is also possible in a certain form: you restart failed containers, replace and reschedule containers when nodes fail, terminate containers that do not respond to your custom health check, and make them known to clients only when they are ready.
If the desired, self-healing cloud services are also to be provided to users, a complete self-healing also includes a healing of the endpoints. Ivanti Neurons for Healing, for example, provides automated bots for actively diagnosing and fixing problems. Automating routine tasks should pave the way to creating a truly self-repairing environment.
Towards self-healing
So, any infrastructure necessary for a cloud service needs features to test itself, for internal monitoring, for analytics (problem analysis), automatic fixes, and ways to reboot.
But there are also approaches that want to enable self-healing via infrastructure-as-Code. So, according to the vendor, the Accurics platform can heal the native cloud infrastructure itself by encoding security throughout the development lifecycle. With Accurics, companies of all sizes can achieve cloud cyber resilience through free cloud-based and open source tools such as Terrascan, according to the provider.
This shows that self-healing has a lot to do with prevention, i.e. with prevention and preparation in order to be able to react better to a disorder. Deviations from policies and configurations are sought and eliminated before they can lead to negative effects. Only those who prevent can heal themselves.
(ID: 47502794)
