Is there such a thing as private cloud?

I had an interesting discussion with a colleague today, who was arguing that there is no such thing as private cloud – it’s just virtualisation, rebranded.

Whilst I agree with his sentiment (many organisations claiming to have implemented private clouds have really just virtualised their server estate), I do think that private clouds can exist.

Cloud is a new business model, but the difference between traditional hosting and cloud computing is more that just commercial. The NIST definition of cloud computing is becoming more and more widely accepted and it defines five essential charactistics, three service models and four deployment models.

The essential characteristics are:

  • “On-demand self-service. A consumer can unilaterally provision computing capabilities, such as server time and network storage, as needed automatically without requiring human interaction with each service provider.
  • Broad network access. Capabilities are available over the network and accessed through standard mechanisms that promote use by heterogeneous thin or thick client platforms (e.g., mobile phones, tablets, laptops, and workstations).
  • Resource pooling. The provider’s computing resources are pooled to serve multiple consumers using a multi-tenant model, with different physical and virtual resources dynamically assigned and reassigned according to consumer demand. There is a sense of location independence in that the customer generally has no control or knowledge over the exact location of the provided resources but may be able to specify location at a higher level of abstraction (e.g., country, state, or datacenter). Examples of resources include storage, processing, memory, and network bandwidth.
  • Rapid elasticity. Capabilities can be elastically provisioned and released, in some cases automatically, to scale rapidly outward and inward commensurate with demand. To the consumer, the capabilities available for provisioning often appear to be unlimited and can be appropriated in any quantity at any time.
  • Measured service. Cloud systems automatically control and optimize resource use by leveraging a metering capability at some level of abstraction appropriate to the type of service (e.g., storage, processing, bandwidth, and active user accounts). Resource usage can be monitored, controlled, and reported, providing transparency for both the provider and consumer of the utilized service.”

and NIST’s private cloud definition is:

“Private cloud. The cloud infrastructure is provisioned for exclusive use by a single organization comprising multiple consumers (e.g., business units). It may be owned, managed, and operated by the organization, a third party, or some combination of them, and it may exist on or off premises.”

If anything, the NIST definition is incomplete (it doesn’t recognise any service models beyond infrastructure-, platform- and software-as-a-service – I’d add business process as a service too) but the rest is pretty spot on.

Looking at each of the characteristics and comparing them to a simple virtualisation of existing IT:

  • On demand self service: virtualisation alone doesn’t cover this – so private clouds need to include another technology layer to enable this functionality.
  • Broad network access: nothing controversial there, I think.
  • Resource pooling: I agree, standard virtualisation functionality.
  • Rapid elasticity: this is where private cloud struggles against public (bursting to public via a hybrid solution might help, if feasible from a governance/security perspective) but, with suitable capacity management in place, private virtualised infrastructure deployments can be elastic.
  • Measured service: again, an additional layer of technology is required in order to provide this functionality – more than just a standard virtualised solution.

All of this is possible to achieve internally (i.e. privately), and it’s important to note that it’s no good just porting existing applications to a virtualisaed infrastructure – they need to be re-architected to take advantage of these characteristics. But I’m pretty sure there is more to private cloud than just virtualisation with a new name…

As for, whether there is a long term place for private cloud… that’s an entirely separate question!

2 thoughts on “Is there such a thing as private cloud?


  1. Perhaps your colleague was looking at more than just infrastructure. If one looks at SaaS and then considers the NIST attributes for a cloud, and you get a different perspective. Suddenly a SaaS private cloud app looks incredibly like a regular app.

    Furthermore while NIST have defined cloud computing and associated attributes (and one could use other definitions, eg Gartner), looking back at the original spirit of cloud, it is the delivery of capability from one organisation to another over the web. In a recent survey 70% of respondents said security was the reason for not adopting public cloud, however in the same survey of those that had adopted public cloud (which included a significant proportion of the aforementioned 70%), only 7% had experienced data security issues, and most of those where attributed to human error. This disparity shows that those that fear public cloud for security reasons were unfounded. Therefore, private cloud isn’t the panacea it is falsely perceived to be.

    From a personal perspective, many of us have our credit card details stored in Amazon. Data that is the most private to us, but however convenience and familiarity negate the concern. As the business side of the organisation becomes familiar with cloud, we will see a drop inso called private cloud.

    Your colleague sounds like a clever guy ;-)


  2. Certainly at the SaaS level the differences are only clear to the IT department – in effect the consumer of the service doesn’t know (or care) how elastic the service is (although internally hosted software services haven’t tended to be self-service and metering might be more accurate for cross-charge purposes). I think you’re right that this does down to who is the service being provided for and in the case of IaaS, it’s just the IT department providing itself with a more flexible infrastructure and the real business value comes as we move up the cloud stack.

    As for public vs. private, I agree that private ceases to have much relevance in a few years’ time but at a recent IDC event it seemed that there are still some issues around cloud maturity, particularly around vendor lock-in that need to be resolved before many organisations make that leap of faith (I was tempted to write about whether we need a private cloud, but stuck to the argument about whether a private cloud even exists).

Leave a Reply