Cloud Computing Patterns, Mechanisms > Network Security, Identity & Access Management and Trust Assurance Patterns > Secure External Cloud Connection
Secure External Cloud Connection (Cope, Erl, Kristan)
How can a cloud network establish a secure connection with on-premise IT resources?
Solutions and service compositions can be required to execute partially in the cloud and partially on-premise due to scaling requirements, compliance regulations or organizational policy, creating the need for secure connectivity.
A virtual private network (VPN) is used to establish an encrypted connection between the cloud service provider and the cloud consumer.
A VPN is established between the cloud consumer gateway (CCG) and the cloud provider’s virtual private gateway (VPG) using the Border Gateway Protocol (BGP).
Burst In, Burst Out to Private Cloud, Burst Out to Public Cloud, Cloud Authentication, Cloud Balancing, Elastic Environment, Infrastructure-as-a-Service (IaaS), Isolated Trust Boundary, Multitenant Environment, Platform-as-a-Service (PaaS), Private Cloud, Public Cloud, Resilient Environment, Resource Workload Management, Secure Burst Out to Private Cloud/Public Cloud, Software-as-a-Service (SaaS)
A secure connection is established between the cloud consumer network and virtual private cloud.
A customer network securely connected to a VPC.
VPN connections are established via the use of a cloud hub.