

Introducing Amazon Virtual Private Cloud - jeffbarr
http://aws.typepad.com/aws/2009/08/introducing-amazon-virtual-private-cloud-vpc.html

======
blasdel
This seems like it's mostly aimed at the kind of corporate idiots that are
obsessed with centralized firewalls and proxies and "application security
firewalls", especially when they're packaged as a funny-colored 1U server with
an awful web interface and a 100x markup.

It will be a great success.

~~~
akd
Haha, the Redline EX3250 is an example of one of those 1U servers that can
take a lot of load off your servers by doing all your SSL. It sold for $30,000
in 2003 - I bought one on EBay for $225 in 2007 and use it to run SSL for my
site. It's amazing what people pay for "enterpriseyness."

------
idlewords
I wonder if this is an effort to make it easier for corporate IT departments
to run experiments with EC2, in hopes of eventually luring large datacenters
on to the service. It seems like it would be vastly easier to get political
cover for trying out a VPN-only service unreachable from the internet than the
regular EC2 infrastructure.

------
mattjung
This feature is maybe the most important one since EC2 was launched. It makes
cloud computing enterprise ready...

~~~
idlewords
Can you explain what you mean by 'enterprise ready'?

~~~
mattjung
It allows enterprises to easily and securely integrate servers that run in the
cloud with their own internal infrastructure via a VPN. This fosters hybrid
environments (internal IT + cloud in parallel) and thereby lowers the barriers
for migrating IT services incrementally to cloud services. It takes away one
of the most cited obstacles for the adoption of cloud computing in enterprise
IT: security.

~~~
idlewords
Thanks, I get confused sometimes by enterprise lingo.

My guess is the warm secure feeling will last until the new security tradeoffs
of cloud computing become better understood a few months from now. But since
so much is about perception, this is a clever move.

~~~
mattjung
I agree that is by far not the end of the security discussion, especially,
there is always that issue of trust towards the cloud provider itself. Do you
trust Amazon's VPN, privacy mechanisms, etc. or do you prefer a third-party
provider? Similar to: do you trust MS Firewall or the one of a third-party
provider?

But I think it is more than only addressing perception - the alternative until
today was building your own VPN by hand and dealing with all those dynamic IP
addresses. Very awkward and error prone...

------
kogir
I got all excited thinking they had made something I could install in my own
data center. While nifty, this still doesn't allow me to properly protect my
data (whole disk encryption, etc). I want a self-hosted private cloud.

~~~
a-priori
<http://open.eucalyptus.com/>

~~~
catch23
And the competitor to this is a YC company, Virtualmin.

~~~
SwellJoe
We're a co-opetitor to Eucalyptus, I think. Or something. We don't directly
target the model of Eucalyptus, which seeks to exactly duplicate the AWS API
on your own machines (a valid pursuit, I suppose, but not one we're interested
in). We will very likely support Eucalyptus at some point (assuming customers
want it; though no one has actually asked for it, so far; it would be
relatively easy to add since we already support AWS), as Yet Another
Virtualization Layer. We're agnostic about that stuff.

We have built our own (much simpler to use) API and GUI for building private
clouds, but it doesn't seek to clone the AWS API in any way. Though it can use
AWS as one type of virtual system to be managed (among many others; Xen,
OpenVZ, Zones, and vservers, with KVM and VMWare on the TODO list). Where
we're particularly strong is in delegation and resource sharing amongst many
untrusted parties. We're trying to help people build AWS-style services and
sell them or offer them to disparate divisions within a large company. It's
still early yet in that plan, but we're speeding up on Cloudmin (our product
in this space) now that we have several heavier users of the product.

Anyway, private clouds are definitely something a large number of huge
companies want. Amazon has no good incentive for moving into that space, since
there's so much room at the bottom where they're operating now, and there's
still thousands of companies that _will_ move into the public cloud to one
degree or another that have not done so yet. Actually, I guess if Amazon
wanted a monopoly on the space, then they would have one good reason for
moving into the space, but from everything Bezos has said on the subject, they
don't actually want a monopoly or think they could maintain one. We'll see, I
guess.

~~~
shykes
"private clouds are definitely something a large number of huge companies
want. Amazon has no good incentive for moving into that space [...]"

Maybe not directly. A year ago Amazon participated in a $12M series B
financing for Elastra, a major private cloud player. As far as Amazon is
concerned, more private clouds means more hybrid clouds, which means a bigger
pond for the every-growing AWS fish.

~~~
SwellJoe
No argument here. We've found that the folks we're interacting with _do_ want
to be able to overflow into AWS, as needed, and with data that is not
sensitive.

I think Amazon is moving with astonishing efficiency in this space. If we ever
find ourselves in competition with them, I'll probably sleep a little
restlessly at night. They're certainly more sure-footed than almost anyone
else in the space. They occasionally implement things in ways that are a
little obtuse, but in general, they've executed extremely well, iterated
rapidly (incredibly so for such a large company), and delivered good products
before anyone else even realizes there's a need.

------
ephermata
Wonder how this compares to skytap (www.skytap.com)?

