Cloud4Y IaaS

Main article: What is IaaS

When using the IaaS model cloud, the tenant is provided with a software-defined data center (vData Center) configured to meet the needs of the customer based on the VMware vSphere platform. The tenant can use the VMware vCloud Director self-service portal to quickly change the amount and composition of resources and services consumed, add and remove virtual machines, deploy networks, and more. With VMware HA, DRS, and vMotion clustered options, your infrastructure is highly reliable and resilient. The equipment of corporate level is located in network date-tsentrovTIER of III, the communication channels united by an optical ring with duplication. Together, this and other organizational and technical measures guarantee customers an availability level of at least 99.982% per month with legal and financial guarantees in SLA.

2020

Possibility of hourly payment of GPU servers

From October 2021, customers Cloud4Y will find it easier to calculate the cost cloud services and will not have to overpay for the rental of equipment that has already completed its task. Cloudy provider changed the approach to charging such services, giving companies the possibility of hourly payment servers with graphics cards - GPU. Representatives of Cloud4Y reported this on September 30, 2021.

For a long time, an important drawback of renting GPU servers was inconvenient charging. Most providers offer fixed monthly payments, while in fact the equipment can work a little less or a little more than a month. For example, three or five weeks. In the first case, you still have to pay for a month, in the second - to pay for two months. This is unprofitable and inflexible, it prevents companies from realizing their potential. For this reason, the corporate cloud provider Cloud4Y switched to hourly charging of the GPU, company representatives explained.

This approach allows companies to more effectively manage existing resources and conduct more calculations for the same money. Cloud4Y expects that the proposed charging will make the service more affordable for a wider range of companies. Almost every company collects data. Small amounts of information are processed manually or on a computer using CPU. And when there is really a lot of data, but you need to process it quickly, you choose GPU calculations. They are several times more productive, but also cost such equipment an order of magnitude more expensive. Therefore, the market is in demand for the service of cloud GPU computing.

Cloud servers with GPUs are virtual systems that can be used for rendering, 3D modeling, machine learning, analytics, and other "heavy" processes for which the power of one or two or three CPU is not enough. Renting such a dedicated server with a GPU may be required for companies engaged in development, scientific projects, and the creation of multimedia content. At the same time, you do not need to build your infrastructure - it is enough to indicate the required amount of resources in the terminal in order to get the power necessary for quick execution of computing procedures.

Confirmation of compliance of IT infrastructure with international standards ISO/IEC 27017 and ISO/IEC 27018

cloudy provider Corporate Cloud4Y announced on June 3, 2020 that it had received certificates of compliance of the platform with the requirements of international ISO standards/IEC 27017 and ISO/IEC 27018, and also confirmed the compliance of its platform with the requirements of GOST R ISO/IEC 27013-2014. Certificates were issued based on the results of an audit conducted by an international expert team in early 2020.

The ISO/IEC 27017:2015 standard contains practical (mandatory) and advisory parts describing the measures necessary to ensure information security in cloud services. It also lists the requirements for maximum transparency of all transactions with personal data and other sensitive information.

ISO/IEC 27018:2019 formulates a list of measures necessary to ensure information security to protect customers' personal information in the cloud.

The GOST P ISO / IEC 27013-2014 standard actually is the guide to sharing of the ISO/MEK 27001 and ISO/MEK 20000-1 standards and also belongs to the documents regulating rules of information security of cloud platforms.

Compliance with security standards and requirements for the protection of personal data not only within the framework of law 152-FZ and related legislation, but also at a higher international level is the task of any large cloud platform that wants to meet customer expectations. To enable the provider to trust sensitive information and migrate critical business processes to its platform, the provider must offer something more meaningful than the average level of IT security. After all, the security of the cloud platform is one of the most important criteria for choosing a service provider when a company migrates to the cloud.

Cloud4Y strives to ensure the maximum protection of its customers' data, as well as to guarantee them continuous access to systems and services. Therefore, the provider has built a cloud infrastructure that meets the most stringent requirements of information security standards.

Reaching the international level and obtaining ISO/IEC 27017, ISO/IEC 27018 certificates, as well as GOST R ISO/IEC 27013-2014 confirm Cloud4Y's solid approach to managing information security in the public cloud and protecting user personal data.

Launch of business support program during COVID-19 epidemic

On April 22, 2020, Cloud4Y announced the launch of a business support program. The provider compensates the business for the costs associated with using the Cloud4Y cloud platform during the COVID-19 epidemic.

According to the company, the Cloud4Y platform is a large selection of solutions and services for remote work with a execution period of 1 hour. Organization of remote connection to employee desktops, teamwork on tasks, projects and documents for efficient internal communications, convenient video conferencing service, built-in security mechanisms and data leakage control.

Moreover, the Cloud4Y protected circuit is certified for compliance with the requirements for state information systems of class K1-K3, personal data of the security level 1-4, and the protection class against unauthorized access 1G. Compliance with the law allows you to process any confidential information in the cloud, including trade secrets, personal data and data of government information systems (GIS).

Cloud4Y solutions are designed to meet the requirements of information security, and provide a wide range of options for applying data encryption policies (including certified GOST VPN encryption algorithms), access control, password management, auditing user activity, information leakage prevention and malware protection .

Since the beginning of March 2020, the demand for remote work organization solutions, as well as for hybrid cloud solutions for scaling physical infrastructure has grown 2.5 times.

In some companies, the transition to online has increased the burden on existing IT equipment and led to the need to look for ways to scale the infrastructure. There are also business segments that were not technically ready to switch to remote operation.

There are many reasons, but the essence is one - the business cannot function 100%, the company incurs losses and is forced to reduce employees.

Cloud services have proved to be the most attractive solution for the following reasons:

• The lease (or subscription) scheme does not force the company to invest in expensive equipment and expand the staff of IT engineers.
• Payment is made only for the resources actually consumed.
• The provider is responsible for the continuous availability of services and data. The company is exempt from the need to hire personnel capable of competently setting up remote work in compliance with safety requirements.
• Data transmission is organized in accordance with safety requirements (including the use of GOST-certified safety algorithms).
• Additional services are available for comfortable and secure remote work.

2019

• Return an additional 5% per year to dissatisfied customers. Cloud4Y has announced service quality guarantees. The company is ready to return to customers 5% of the annual contract if they remain dissatisfied with the quality of services provided.
• In July 2019, the corporate cloud provider received a certificate of compliance with the requirements of GOST R ISO/IEC 27031-2012 "Information Technology. Security techniques and tools. Information and Communications Technology Business Continuity Readiness Guide. " The standard covers all events and incidents (including those related to security) that may affect ICT infrastructures and systems. Voluntary certification according to this GOST confirmed the company's ability to protect IT equipment.
• Within the framework of the international voluntary certification system, Cloud4Y has received a certificate of compliance with the requirements of GOST R ISO 22301-2014 (ISO-22301: 2012). The standard includes a method for protecting against force majeure, which can cause significant damage to the company and stop business processes, as well as ways to reduce costs if an incident occurred. The certificate also makes it possible to receive state contracts.
• In June 2019, Cloud4Y underwent another QSA audit and received a certificate of compliance with the PCI DSS standard. The certificate confirms that the cloud provider complies with the Payment Card Industry Data Security Standard (PCI DSS) regarding the storage, processing and transmission of payment card data, and the Cloud4Y cloud platform fully meets the requirements of the PCI DSS security standard.
• The company has made basic storage drives faster. Customers of the enterprise cloud provider who used the HDD medium solution were transferred to SSD SSD medium drives, which increased the speed by 2 times without changing the cost. Now they are guaranteed to have 1024 IOPS on TB for the same money.
• Archived Storage Service - The service provides the business with cold storage for archived data and multi-year backup databases. The solution is built on the S3 object storage platform, but it is an important difference from the usual cold-storage, which involves periodic use of data. It can be assigned the ice-cold storage level, since the archives here are requested exclusively rarely, or even never. Storage uses enterprise-level NetApp storage arrays. The solution allows you to use the S3 or OpenStack Swift API to connect applications and integrate with external systems. All user interactions with storage are encrypted.
• Cloud4Y starts the Kubernetes-as-a-service (KaaS) service. Customers were able to easily deploy the automation platform, create and work in Kubernetes clusters, and conduct development in a reliable computing environment. The Kubernetes-as-a-service is based on the Container Service Extension (CSE) and supports basic container technologies, including Docker. CSE implements KaaS in vCloud Director through the creation of virtual machine templates and allows organizations to deploy full-fledged Kubernetes clusters for container applications. The solution reduces Kubernetes installation time from a few days to 15 minutes.

2018

Service Availability Issues

Some Customers using a standard IaaS service located in one of the data centers in Moscow may have problems in the availability of their services. The company's engineering staff is engaged in the prompt restoration of the affected Clients. We apologize for the inconvenience.

Load Balancer as a Service

On June 25, 2018 cloudy , the provider Cloud4Y , as part of the extension of the cloud services line according to the model IaaS , introduced a solution that provides for the virtual data center routing function,,,,, Firewall NAT Site DHCP to Site, VPN VPN-Plus SSL , Load Balancing, High Availability, syslog - NSX Edge VMware (load balancer). Physically, this service is implemented in the form virtual machine connected to virtual data center networks and to external networks (). Internet

Load Balancer

The load balancer resides between the client and the server farm that receives inbound network and application traffic and distributes traffic across multiple servers using different methods. By balancing application requests across multiple servers, the load balancer reduces the load on a single server and prevents one application server from becoming a single point of failure, thereby improving overall application availability and agility.

Traffic is growing and applications are becoming more complex. The service will be in demand among companies that need to provide a foundation for creating flexible networks that meet growing demands, improving performance, reliability and security for many types of traffic and services, including applications.

Among the advantages and features of Cloud4Y load balancer functionality are:

• TCP, UDP, HTTP, HTTPS protocol support
• Using Weighted round robin, IP hash, URI, least connection algorithms
• Manage SSL certificates
• X-header forwarding for client identification
• L4/L7 transparent mode
• Enhanced Health Monitor
• Resistance/Sticky Methods: SourceIP, MSRDP, COOKIE, SSLSESSIONID
• One hand mode
• URL rewrite and redirection
• Advanced Traffic Management Application Rules
• IPv6 Support
• Improved CLI load balancer for troubleshooting
• Enabling/disabling individual servers (pool members) for maintenance

Upgrading VMware vCloud Director to 9.0

January 30, 2018 it became known that VMware vCloud Director cloud Cloud4Y it was updated to version 9.0

At the end of 2017, Cloud4Y specialists validated the infrastructure and tested the functionality of the Tenant portal vCloud Director version 9.0. A little later, the solution became available to the provider's customers.

Among the functional improvements, it should be noted: Multisite function, which allows you to provide a single login to a tenant with several virtual Data Center (Org vDC) under the control of different vCD; Ability to use Distributed router Logical Router to manage routing needs between two or more Org vDC networks Trunking support for external networks and Routed Org Networks The ability to extend the Tenant Portal user interface with the UI extensibility framework vCD support database PostgreSQL as an external database other than and; MS SQL and Oracle latency support between vCenter Server and vCloud Director up to 100 milliseconds.

vCloud Director 9.0 also includes Security Groups that help you dynamically define and enforce security policies. A tenant administrator can define the compliance criteria for individual virtual machines through security groups in self-service mode, and DFW (Distributed Firewall) policies can be applied to these security groups.

Customers can now watch statistics of their VMs themselves through Tenant Portal using the 'Monitoring Chart'. vCloud Director collects and stores various measures of VM performance. These metrics include data on CPU/memory/virtual machine storage usage, average disk latency, and more. VM monitoring and metrics can be used to make fact-based decisions in order to maximize the benefit within the resources used.

"We define the continuous improvement of the organization's activities as its mandatory goal, and improving the quality of services provided is an important condition for maintaining the company's high competitiveness. vCloud Director 9.0 updates the process of performing day-to-day operations with virtual infrastructure both on our part and on tenants. " 'Nikolay Fokin, CEO of Cloud4YAvtor '

2017

Veeam Backup & Replication Certified Version Availability

At the end of December 2017, corporate cloud provider Cloud4Y announced the availability of a certified version of Veeam Backup & Replication in its cloud.

Since January 1, 2018 federal law No. 187-FZ "On the Security of the Critical Information 26.07.2017 of the Russian Federation" comes into force, according to which one of the four "main tasks of the security system of a significant critical information infrastructure facility" is: "restoration of the functioning of a significant critical information infrastructure facility, provided including by creating and storing backup copies of the information necessary for this."

Earlier, the requirements of the legislation for backup were already announced by the FSTEC in the 17th, 21st and 31st Orders and regulators of the credit and financial sphere in the requirements for reservation and backpacks.

Thus, operators of a number of information systems need to use tools that have been evaluated in accordance with the established procedure in their activities. Cloud4Y provided cloud-based backup with assurance that any amount of data will be stored based on Veeam Backup & Replication's FSTEC-certified version.

Veeam Backup & Replication provides backup, replication, and recovery for virtualized applications and data. The solution quickly backs up VMware and Hyper-V VMs without using agents inside VMs. As a result, Veeam Backup & Replication helps speed up the backup process and reduce storage costs.

The certified version of Veeam Backup & Replication is designed to protect information in state information systems up to and including 1 class of security, in automated process control systems up to and including 1 class of security, in personal data information systems (for which threats of the 1st, 2nd or 3rd type are relevant) up to and including 1 level of security, when complying with operating instructions.

For commercial personal data operators, conformity assessment can be carried out both in the form of certification and in another form at the choice of the operator, however, in some cases, the selection of a certified product can reduce the cost of evaluating the information system, since the product certificate automatically certifies that the conformity assessment has already been carried out by the manufacturer, indicated in Cloud4Y.

The Cloud4Y cloud offers several options for organizing a backup service, for example, the client can choose between Backup as a Service based on Veeam Backup or the IaaS service for self-creation and configuration of the backup server. At the same time, a free VPN with encryption over the Internet is always provided.

Cloud Solution for Government Information Systems

Cloud4Y has developed a specialized solution for organizing IT infrastructure for hosting information systems in the cloud that are classified by the legislation of the Russian Federation as state information systems (GIS). This requires both the owner of information systems (IS) and the service provider to implement a number of organizational and technical measures to comply with information security requirements determined by the legislation of the Russian Federation.

There are 3 classes of GIS security. The lowest class is the third, the highest is the first. The security class of the information system (first class (K1), second class (K2), third class (K3)) is determined depending on the level of significance of information (CD) processed in this information system and the scale of the information system (federal, regional, object).

It is also important to note that in many cases, personal data are processed in the GIS, the protection of which should be provided in accordance with FZ-152 "On Personal Data." Due to the similarity of measures, FSTEC recommends combining and applying the measures contained in both orders.

To place the GIS on the provider's site, the provider's cloud infrastructure must meet the IE requirements not lower than the customer's IE class. Compliance data shall be confirmed by IE Cloud4Y Certificate of Compliance with Information Security Requirements issued by FSTEC licensee based on the results of certification tests.

The protection of communication channels between the data center in which Cloud4Y cloud infrastructure and data center with the deployed access gateway in SMEV are deployed should correspond to the level set by documents regulating access to SMEV. As means of cryptographic protection of communication channels, the product line of Infotecs has been chosen. The ViPNet Coordinator HW1000 appliances are installed at the endpoints. ViPNet The Coordinator HW1000 is an enterprise-wide security gateway that provides secure access to both data centers and enterprise cloud infrastructure, and supports up to 1 Gb/s of high-speed link protection. These complexes have FSTEC certificates as a means of internetwork shielding and FSB certificate as a means of cryptographic protection of the CP3 layer

Protection of the virtualization environment is based on GOST R 56938-2016 "Information Protection. Protect information with virtualization technologies. General provisions. " In addition to the security objects inherent in any automated system, the virtual infrastructure also has specific objects specific to the virtualization environment. For example, Security Code is vGate R2. The vGate provides full product functionality on the VMware vSphere virtualization platform used in the Cloud4Y cloud. To solve the "superuser" problem, the vGate implemented the separation of user roles. Virtual infrastructure management is assigned to VM administrators, and security management is assigned to the security administrator.

A proven Veeam is used from the various options of the redundancy tools certified by FSTEC. Veeam Backup & Replication enables efficient backup, replication, and recovery of virtualized applications and data.

The Cloud4Y IaaS solution reduces government costs for upgrading server equipment and securely places it in the cloud of the GIS provider without changes and with the established structure of the communication organization with SMEV.

Base SLA upgraded to 99.982%

On October 23, 2017, corporate cloud provider Cloud4Y announced an increase in the basic level of availability of cloud SLA services to 99.982%.

Service "Cloud Windows or" Cloud Linux is the possibility of using services operating system installed in a virtual environment on the platform VMware vSphere with the possibility of dynamic change of parameters (amount of RAM, processor power, volume) hard drive by the Customer through the portal. VMware vCloud Director

Cloud Services from Cloud4Y (2017)

The Cloud4Y provider has improved the minimum allowable performance CPU and RAM of the system. The number of MIPS per vCPU is now at least 2900, which guarantees customers the declared processor performance. It is also not allowed to "re-sign" physical RAM. This means that the Configured Virtual RAM allocated when creating the virtual machine that the guest OS will see is 100% dedicated physical memory. It is available to the virtual machine at any time.

"We decided to abandon industry practice based on the assumption that all virtual machines will not want to use all 100% of their memory at one point in time and will be able to share unused memory while working. Therefore, now RAM Swaped is 0%, and all RAM is reserved. This approach in practice avoids compromising the performance of cloud servers when the operating system accesses blocks in RAM and waits for a quick response, but these blocks, due to the load of other clients, are read and written to a hard drive that is significantly inferior in speed. As a result, our cloud-based performance servers can completely replace the physical server with the corresponding characteristics for customers at any time. " Noted in Cloud4Y

Switch to vCloud Director 8.20

On August 4, 2017, corporate cloud provider Cloud4Y announced the upgrade of the virtual infrastructure management platform vCloud Director to version 8.20.

vCloud Director from VMware is the main means for management of cloudy infrastructure of VMware vSphere for the service providers providing services in the IaaS (Infrastructure-as-a-Service) model and their clients.

The dashboard allows you to create and manage virtual machines, migrate them from another cloud, flexibly manage access rights to the virtual resource pool, create internal routed and isolated networks, configure flexible Firewall rules, create VPN connections, configure load balancing between virtual machines, and more.

The transition to version 8.20 is due to the desire of Cloud4Y to provide end users with the convenience and freedom in settings that vCloud Director gives. This version adds advanced functionality by integrating VMware NSX into the platform. Now the user can create any network topology in a few seconds - from simple to multilevel using the interface on HTML5.

Among the features of vCloud Director 8.20 in Cloud4Y noted:

• Advanced NSX network features that allow you to configure dynamic routing and firewalls both within and between vDC organizations.
• Tenant layer 2 (L2) VPN access to support hybrid clouds;
• SSL VPN access support, in addition to IPSec and L2-VPN
• Administration of client-level roles
• Support for VM-Host affinity, which defines which VM groups to host without VMware DRS (Distributed Resource Scheduler) recommendations
• Automatic discovery and import of virtual machines
• Multi-Cell Upgrade utility, which now supports updating all cells in a server group with a single operation.

VMware vCloud Director 8.20 is packed with features that help improve the security and ease of management of virtual resources, anchoring the trend for hybrid cloud infrastructure and cloud customer self-service.

SAP HANA Hosting

The Cloud4Y company within development of decisions on creation of cloudy infrastructure will propose to customers the solution on virtualizatsiiSAP HANA on the basis of VMware there is SAP HANA the Hosting. This service will be in demand among companies that need instant access and analysis of large data sets, which is hundreds of times faster than when using traditional DBMS.

SAP HANA (High Performance Analytical Appliance) is positioned as an in memory computing technology and is a high-performance analytics tool. Most data in SAP HANA is processed in RAM. In this case, a combination of data storage in a line and a generation form is used using appropriate compression algorithms. Such specifics require special servers with heavy use of large amounts of RAM and storage systems for reliable operation of the system.

Cloud4Y offers an on-demand (IaaS) infrastructure based on VMware vSphere and certified hardware for a virtualized SAP HANA solution. Supports up to 4 TB (4080 GB) of RAM and up to 128 virtual cores per installation on VMware vSphere. SAP HANA supports VMware vSphere client management capabilities, including vMotion, Distributed Resource Scheduler (DRS), and VMware High Availability (HA).

"GPU (Graphics Processors) in the Cloud" Service

Cloud4Y, as part of the expansion of the range of cloud services, offered a cloud graphics service (GPU) in the spring of 2017. The solution was developed as an alternative to buying an expensive graphics station. Customers are expected to be design engineers, graphic designers, video bloggers and videographers.

The company's platform is based on powerful Nvidia Grid K2 graphics cards and fast - SSD disks, which allows you to get excellent performance when working with the most demanding applications - 3DS AutoCAD Max, Maya, Sony Vegas Pro, CC line ON Adobe and many others. The Licensed Software is provided for rent with monthly payment.

A platform is used that virtualizations VMware fully supports graphics accelerators without the need to use third-party solutions.

A graphics station in the cloud eliminates the capital cost of buying and upgrading PCs in favor of operating costs. When users work with a virtual workstation using the VDI/GPU model, only crypto-resistant encryption algorithms are used to exchange information with the virtual environment. Real-time fault-tolerant storage, backup, and disk mirroring deliver high levels of data retention and video and 3D continuity.

2016

Cloud-based health care solution

Cloud4Y announced in September a specialized solution for organizing IT infrastructure for medical institutions. When developing cloud solutions for healthcare organizations, first of all, the requirements of 152-FZ for the processing, storage and transfer of personal data were taken into account. All equipment and software is prepared for certification under FZ 152 up to level 1 inclusive.

In addition to organizing cloud IT infrastructure, the company provides medical facilities with IT equipment that is configured and further supported by the company. Cloud4Y provides a cloud server, remote workstations for employees, and cloud enterprise mail.

The main trend of modern medicine is an increasing customer orientation. Regardless of the location of the patient and physician, access to information becomes a key requirement to increase satisfaction and improve clinical outcomes. "In this case, only cloud technologies have the potential, since traditional systems do not provide the necessary access to computing resources and large data warehouses," the company said. "Cloud-based medical software gives medicine everything it needs to access large information arrays in a timely manner, thereby optimizing medical services."

Migrating to all-flash storage

In the summer of 2016, it became known that Cloud4Y was switching to a more modern storage system. According to the company's calculations, an all-flash (SSD only) storage system with ultra-fast SSD drives will help customers use all the capabilities of flash technologies while maintaining the full functionality of enterprise disk array software.

As you know, today, for many organizations with a developed IT infrastructure, the issue of moving performance-sensitive business applications to SSD is more important than ever before. The increase in performance that is achieved with SSD is usually more effective than with the traditional approach, which is directly related to the increase in the number of disks in the storage system, according to Cloud4Y.

"With the popularity of SSD, all-flash subsystems are still not widely used. Basically, the use of all-flash was hindered by the fact that according to the generally accepted misconception, SSDs do not differ in high reliability, - noted in Cloud4Y. - However, this opinion has not received any serious confirmation. At the same time, using SSD is justified if you want to increase disk system performance at the lowest cost. "