In an earlier post I discussed why Amazon’s IPSEC support was important for Enterprises giving them the ability to treat the cloud provider as an elastic resource yet maintain security of data transfer.
At PDC today Bob Muglia (President of Server and Tools) discussed ‘Project Sydney’ as a way to bridge the gap between the cloud and on-premise equipment. In a demo he showed a web application running in Azure accessing a database that resided within the corporate network. He did state ‘IPSEC’ and in a further session at PDC Yousef Khalidi described that cloud components and on-premise servers exist in a virtual LAN that was secured.
From what I can see at this time it doesn’t sound like network-level IPSEC but rather server to server IPSEC however I could be proven wrong any time now. Regardless of the method it is a pretty powerful theme – allowing organisations to maintain some sensitive, high-performance or high security systems within their own Data Centres or hosting providers but still utilise Cloud providers.
This is also subtly different from the functionality Amazon released. The Amazon Virtual Private Cloud provides an IPSEC tunnel to a private instance of cloud servers that do not have public access. This meant you could use it to extend your data centre and host some components with Amazon BUT you couldn’t utilise this infrastructure for front-end Web services.
What Microsoft is delivering with Project Sydney much more focused on giving Web applications on Azure the ability to tunnel back to Data or other services located within the corporate network.
I will keep digging.