Page 601 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 601

available from each.

               An on-premise solution is the traditional deployment concept in which
               an organization owns the hardware, licenses the software, and

               operates and maintains the systems on its own usually within their
               own building. On-premises solutions do not have ongoing monthly
               subscription costs like a cloud service but may be costlier because of
               initial up-front costs of obtaining hardware and licensing and ongoing
               operational management costs. On-premises solutions offer full

               customization, provide local control over security, do not require
               internet connectivity, and provide local control over updates and
               changes. However, they also require significant administrative
               involvement for updates and changes, require local backup and
               management, and are more challenging to scale.

               A hosted solution is a deployment concept where the organization
               must license software and then operates and maintains the software.

               The hosting provider owns, operates, and maintains the hardware that
               supports the organization’s software.

               A cloud solution is a deployment concept where an organization
               contracts with a third-party cloud provider. The cloud provider owns,
               operates, and maintains the hardware and software. The organization
               pays a monthly fee (often based on a per-user multiplier) to use the
               cloud solution. Most on-premises environments can be crafted or re-

               created as a cloud-only solution.

               Cloud services can also be offered in a variety of deployment options,
               including the following:

               Private A private cloud is a cloud service within a corporate network
               and isolated from the internet. The private cloud is for internal use
               only. A virtual private cloud is a service offered by a public cloud
               provider that provides an isolated subsection of a public or external
               cloud for exclusive use by an organization internally. In other words,

               an organization outsources its private cloud to an external provider.

               Public A public cloud is a cloud service that is accessible to the
               general public, typically over an internet connection. Public cloud
               services may require some form of subscription or pay-per-use or may
   596   597   598   599   600   601   602   603   604   605   606