1. Field
Embodiments relate to a storage and application controller for mirroring and switchover of applications in a plurality of cloud locations via a plurality of configurable security protocols.
2. Background
Cloud storage is a model of data storage in which digital data is stored in logical pools, and the physical storage spans a plurality of servers. The physical storage environment may be owned and managed by a hosting company. These cloud storage providers may be responsible for keeping the data available and accessible, and for keeping the physical environment protected and maintained properly. People and organizations may buy or lease storage capacity from the cloud storage providers to store user, organization, or application data.
In certain storage system environments a storage controller that is also referred to as a controller may comprise a plurality of storage servers that are coupled to each other, where one or more of the storage servers may comprise a plurality of processing nodes or servers. The storage controller allows host computing systems to perform input/output (I/O) operations with storage devices controlled by the storage controller. Further details of a storage controller may be found in the publication “IBM System Storage DS8000: Architecture and Implementation,” Third Edition, published November 2012, by International Business Machines Corporation.
Network security is a branch of computer security specifically related to networks, and may involve browser security, security of data in transmission, security of other applications in the networked environment, security of the operating systems of computers in the networked environment, etc. Computer communications represents an insecure channel for exchanging information leading to a high risk of intrusion or fraud, such as via the interception and decryption of communications. Different mechanisms have been used to protect the transfer of data via various communications protocols that may include encryption and/or other operations to securely establish connections and transfer data. For example a Secure Sockets Layer (SSL) protocol may be used for connections between two computational devices. A Virtual Private Network (VPN) protocol may be used to link two computational devices such that they appear to be in a local private network. A VPN tunnel may be used to securely communicate between the two computational devices. Internet Protocol Security (IPsec) is a set of protocols that run over the Internet Protocol (IP) layer. IPSec allows two or more computational devices to communicate in a secure manner by authenticating and encrypting each IP packet of a communication session. A VPN established over IPSec is referred to as an IPSec VPN. OpenVPN is an open-source software application that provides virtual VPN techniques for creating secure point-to-point or site-to-site connections in routed or bridged configurations and remote access facilities. Internet direct connect is another mechanism for secure data communications. Various other communications protocols may be used for secure data communications.