With Microsoft's Azure cloud computing platform set to go live on New Year's Day, the company is looking ahead to later in 2010 when it will unveil a new security structure for multi-tenant cloud environments as well as private cloud software based on the same technology used to build Azure.
Hasan Alkhatib, the Azure senior architect, described the Microsoft security project code-named "Sydney" Thursday at an Xconomy forum on cloud computing held at Microsoft's New England R&D Center in Cambridge, Mass.
In addition to embedding greater security into the public cloud, Alkhatib said Microsoft is planning to help customers build private cloud networks within their own data centers, using the same software Azure is based on.
"Every customer says 'where can we get a private cloud?'" Alkhatib said. "We're building them. Within a short period of time private clouds will be available with the same technology we've used to build Windows Azure."
However, Alkhatib said he thinks private clouds lack most of the benefits of public clouds, and focused most of his talk on the Azure services that will be offered publicly over the Web.
Project Sydney, unveiled last month at Microsoft's Professional Developers Conference, addresses security in virtualized, multi-tenant environments in which customers are typically sharing data center resources.
Sydney will provide isolation between customers' cloud resources with network virtualization, and provide secure connections between an enterprise's internal data center equipment and what it uses in the cloud, Alkhatib said. Sydney will aggregate "any arbitrary set of endpoints," including servers and client machines inside the enterprise and resources in a public cloud service like Azure, and create what Alkhatib called a "virtual network overlay" which is secured with IPsec and which can only be accessed by those authorized to do so.
"All these elements appear to each other as if they have a dedicated, private network," Alkhatib said.
Regulatory compliance in cloud computing is still a major challenge, however. Alkhatib said the IT industry must lobby agencies to accept new security guidelines that are based on logical, rather than physical structures.
Microsoft hasn't announced a release date for Sydney but is committed to delivering at least a beta version in 2010, Alkhatib said. The private cloud product based on Azure may also come out in 2010, he said.
Microsoft today is running Azure out of data centers in Chicago and Texas, and will add four more data centers in January in Dublin, Amsterdam, Singapore and Hong Kong, Alkhabit said.