Log4j Vulnerability Response Center. Get Informed Now

DevOps and Security Glossary Terms

Virtual Private Cloud (VPC)

What is a Virtual Private Cloud (VPC)?

As enterprise organizations continue to develop new cloud-based software and migrate existing applications into the cloud, three types of cloud environments have emerged to meet their needs:

  1. A private cloud environment uses a proprietary architecture - one that is owned and exclusively accessed by the organization itself. Private cloud implementations use a single-tenant architecture and may be hosted with on-premise hardware or by a third-party service provider. Private cloud environments offer IT organizations a greater degree of control over cloud security and configuration.
  2. A public cloud environment is one where a third-party cloud service provider offers its cloud infrastructure for rent or lease to the public. Rather than establishing and maintaining their own in-house servers, IT organizations can contract with public cloud service providers for data storage and computing resources on an as-needed basis. Public cloud resources are based on a multi-tenant architecture where resources are dynamically allocated to customers as needed.
  3. A hybrid cloud environment is a mix of on-premise IT infrastructure, private cloud infrastructure and public cloud infrastructure in use by the same organization. To qualify as a hybrid cloud, the constituent systems must talk to each other - there must be some interface of communication that unites resources into a single computing environment. Hybrid cloud architectures offer increased security for sensitive data along with high availability of low-cost computing resources (storage, processing, etc.)

A virtual private cloud (VPC) represents a unique delivery model for private cloud services. A virtual private cloud allows an IT organization to provide an isolated section of public cloud infrastructure, establishing a virtual network over which they may enjoy complete control. This isolated network acts as private cloud deployment, adopting a single-tenant architecture that prevents the provisioned servers from being dynamically allocated to other users. The organization that rents the VPC can customize it according to their unique specifications, including the selection of IP addresses, creation of subnets, and the configuration of network gateways and route tables.

Virtual private clouds allow IT organizations to take advantage of the privacy and control associated with private cloud deployments while leveraging the cost savings that are associated with the public cloud.

Private Cloud vs Virtual Private Cloud - What's the Difference?

The difference between most private cloud deployments and virtual private cloud deployment is based on the roles of tenant and service provider and how those roles are allocated.

In a traditional private cloud deployment, the IT organization is the service provider and the individual business units or departments are the tenants. Cloud infrastructure is built and maintained in an on-premise data center and different business departments may access computing resources or data storage from the cloud-based on their needs. This type of deployment can allow the business to measure IT resource usage by department and make effective budgeting decisions that reflect each department's need for private cloud services.

In a virtual private cloud deployment, the public cloud provider takes on the role of a service provider and the subscribers are the tenants. A business may subscribe to virtual private cloud services and assign an internal IT organization the responsibility of configuring the environment and apportioning its resources to individual business units on an as-needed basis.

Why Do IT Organizations Adopt Virtual Private Cloud?

Virtual private cloud occupies its own market niche when it comes to cloud computing deployment models - but why would an IT organization want a public cloud service provider to supply it with private cloud infrastructure?

The original draw of the cloud computing service model was that it gave IT organizations much cheaper access to the data storage and IT infrastructure resources they needed to develop new applications and services. Cloud computing has helped drive down the cost and technological complexity associated with app development, helping more organizations build software to power their business operations.

While public cloud resources work well for some organizations, others demonstrated concern about the multi-tenant architecture and how the concept of shared resources could impact data security and compliance. What if data on their servers was mistakenly presented to another subscriber? What if more control over data storage servers was necessary to maintain compliance with industry regulations for data privacy?

These concerns led to the conceptual development of private cloud infrastructure that could be maintained by on-premise IT and offer greater control over security when compared to a public cloud. While private cloud deployments allowed enterprise IT to dynamically allocate proprietary infrastructure, adopting organizations missed out on the cost reductions associated with the economies of scale in the public cloud. While private cloud deployments were secure and productive, they were also expensive to establish and maintain.

Virtual private cloud is the best of both worlds for IT organizations that value both security and cost savings. The ability to provision isolated servers in the public cloud gives IT organizations peace of mind with respect to the security of their data, along with access to the cost savings traditionally enjoyed in the public cloud deployment model. This combination of security, control, cost savings, and vendor support makes VPC an excellent cloud deployment option for many organizations.

Who are the Leading Virtual Private Cloud Service Providers?

The first step to establishing your own virtual private cloud environment is choosing a reputable and reliable vendor to supply the infrastructure. The world's leading technology companies are among the biggest players in the virtual private cloud marketplace.

Amazon Virtual Private Cloud

Amazon VPC was launched in August 2009. The service includes a range of features and multiple connectivity options for users. Amazon VPC is useful for hosting simple websites, multi-tier web applications or scalable apps that connect to back-end data systems. Amazon's virtual private cloud is also useful as a disaster recovery site where an organization can back up its data to ensure business continuity in case of a data center outage.

Google Virtual Private Cloud

The Google VPC product offers some unique features, helping it stand out against the competition. A single VPC can span multiple regions, enabling IT organizations to use the same virtual servers for projects happening in different regions. VPC peering can also be used to enable private communication within the organization. Users can set up a VPC for no initial charge but will be billed based on their resource usage.

IBM Virtual Private Cloud

IBM's virtual private cloud product offers the most important features and customization options associated with VPC deployments. Users can create virtual server instances, manage their own subnets and gateways and add data storage as needed to meet their needs. Users get full control over IP ranges, security groups and more.

Monitor Your Virtual Private Cloud with Sumo Logic

Sumo Logic's cloud-native analytics platform helps IT organizations monitor the security, operational and business performance of applications in the cloud. Sumo Logic takes advantage of a virtual private cloud feature called VPC flow logging that automatically logs data about network traffic in the VPC.

We've built custom applications for leading cloud vendors such as Google VPC and Amazon VPC, enabling our users to automate the aggregation and analysis of VPC flow logs. Access to real-time network data via VPC flow logs and Sumo Logic helps IT organizations develop actionable insights into the performance of their virtual private cloud deployments.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.