Skip to main content

Flying in the Clouds

© Unknown


I’ve been seeing the above picture lately (not mine © is unknown). Many people shared it and whenever I saw it I was surprised how naïve it looked in a way. Why? Because of uncertainty.

Moving your IT away from the company’s premises is double edged sword. As from the above picture, cloud computing indeed saves you lots of ongoing costs but let’s take a dive into what your costs can look like if you live in an unstable environment. Many countries’ economies suffered from year 2007 on, suffering which started as a real estate balloon boom in USA and was followed by collapse of many European economies. Globalisation at a glance, where a boom in USA made many across the globe go down the same path. Many companies went down, disappeared, divided, sold their business etc.

Let us be one of the troubled companies. Every single one of us first tries to cut down the expenses when in financial trouble. Right? We see the problems arising, sales are low, revenue is lower than expected and many other relevant indicators are showing us decline. We moved our IT (being that SaaS or IaaS) from on-premises to the Cloud long before the tsunami started. We were happy enough to lower the ongoing costs, we even fired some IT stuff, not needed anymore as our IT is living in the Cloud now. Outsourced company is taking care of our IT, making services available 24/7 etc. Our mail is cloud based, Text editors and Sheets too and we are living in an IT harmony. We even went easily over the security matter of our data being "out there", because we believe those guys and we signed the agreement. All our IT is in other country as cloud is not available in ours. The costs of IT, among others, of course, are mostly based of subscription fee and staff that is configuring services for our employees.

Suddenly we cannot afford to pay the subscription fee. What do we stay with? Can our company still exist and with what IT options? We download the data but what can we do with this data? Can we use it? Are we still able to do our work despite the lack of cloud services?

Looking at the picture above these were the questions popping out. I am not saying Cloud is bad or on- Premises is good or vice versa, it is just we need to ask ourselves so many questions before deciding what is best for us and what will work in the future, which might not be so bright all the times after all. This does not apply to all the environments in the same way, and of course this is just aerial view on the matter, but you got the picture.

So, which iceberg is larger?

Check interesting article on InfoWorld about: “Gartner: Seven cloud-computing security risks”
http://www.infoworld.com/article/2652198/security/gartner--seven-cloud-computing-security-risks.html

Comments

Popular posts from this blog

Netscaler vs Exchange 2019 "time out during ssl handshake stage

If you are using Citrix Netscaler as load balancer in front of Exchange 2019 server you must know this: Microsoft Exchange 2019 is secured by default and allows only TLS 1.2. Therefore default schannel settings are as follows (using IISCrypto tool from Nartac Software): While Citrix Netscaler offers following Cipher Suites: TLS_RSA_WITH_AES_256_CBC_SHA TLS_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_DSS_WITH_AES_256_CBC_SHA TLS_DHE_DSS_WITH_AES_128_CBC_SHA TLS_RSA_WITH_DES_CBC_SHA TLS_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 TLS_DHE_DSS_WITH_DES_CBC_SHA TLS_DHE_DSS_EXPORT1024_WITH_DES_CBC_SHA TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA TLS_DHE_RSA_WITH_DES_CBC_SHA TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA TLS_RSA_EXPORT1024_WITH_RC2_CBC_56_MD5 TLS_DH_anon_WITH_DES_CBC_SHA TLS_DH_anon_WITH_AES_128_CBC_SHA TLS_DH_anon_WITH_AES_256_CBC_SHA TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA Now, you will fi

Reason: [{LED=250 2.1.5 RESOLVER.GRP.Expanded; distribution list expanded};{MSG=};{FQDN=};{IP=};{LRT=}]

 If you got this error checking the mail flow for a distribution group, it means the distribution group is closed and only internal senders can send e-mail to this group. When outside user sends e-mail to this group you get  Reason: [{LED=250 2.1.5 RESOLVER.GRP.Expanded; distribution list expanded};{MSG=};{FQDN=};{IP=};{LRT=}] Set Delivery for this group to internal and external users and your problem will be solved. 

Ports that need to be open on Firewall for Edge Transport servers

Ports that need to be open on firewall for Edge Server subscription with Hub Server to function properly: For Inbound traffic: SMTP - TCP port 25 (from Internet) SMTP - TCP port 25 (from Edge server to Hub server on internal network) For Outbound traffic: SMTP - TCP/UDP port 25 (from Edge to Internet) SMTP - TCP/UDP port 25 (from Hub to Edge server) LDAP for EdgeSync - TCP port 50389 (from Hub to Edge server) Secure LDAP for EdgeSync - TCP port 50636 (from Hub to Edge server) Since Edge server needs to communicate with Hub server it is important that it can resolve Hub transport servers by FQDN and Hub transport servers must be able to resolve Edge servers by its FQDNs. To accomplish this you need to either open 53 (DNS) port and configure internal network adapter to use internal DNS but as a security precaution I would suggest to enter DNS records for Edge servers on local DNS manually and to fill hosts file on Edge servers with FQDNs for Hub transport servers.