Cloud services for production, post and broadcast are coming to market faster than ever before, and covering more and more processes that were previously the preserve of onsite hardware and software. Richard Welsh (pictured), CEO of Sundog Media Toolkit and SMPTE governor for EMEA and Central and South America, shares the basics on what the cloud has to offer.
The cloud offers many obvious advantages: reduced capital cost for facilities, increased scalability and broader choice of processes. Pay-as-you go services not only reduce capital outlay,but improve overall cost effectiveness, eliminating the issues associated with poor utilisation of purchased hardware and software.
One of the challenges cloud services face in meeting customer needs is the current fragmentation of products. A facility can easily choose to use cloud services for part of its production workflow, downstream transcoding and test-and-measurement, for example. However, these services will be across multiple providers and usually also operating in different clouds. This means the facility faces the challenge of managing these remote processes and the movement of content between a number of external locations.
Public, private, or hybrid?
Consider the cloud implementation itself first. There are a number of options here but broadly they fit into three categories: public, private or hybrid. Public cloud is as the name suggests, shared with any others who choose to use it. Public clouds are usually in large data centres, remote from the user and often not geographically close.
Private clouds are entirely segregated, so not shared by multiple unrelated organisations or individuals. Physical separation of private clouds gives the maximum peace of mind regarding security, and can be treated as part of a closed content network – i.e. a trusted environment. Private clouds are usually on premises, although as we will see shortly, this is not always the case.
Hybrid clouds are a mix of public and private, and it is the hybrid implementation that has the most sub-classes. A simple hybrid may be storage of assets on a private cloud system, which extends to a public cloud when the private cloud reaches capacity. A more sophisticated approach may be to co-site a private cloud in a public cloud provider’s facility, which allows business rules to overflow from private to public on demand. This approach offers the potential advantage of a single technical environment, although to do so requires the private cloud to run the same architecture as the public cloud, even if that is not the optimal solution for the private implementation.
A more flexible approach to the hybrid solution is to facilitate a single technical environment by adding a software control layer above the normal cloud control layer. The example shown illustrates how this layer interacts with multiple clouds, controlling its own processes in each cloud, but keeping the separations invisible to the user.
By adding workflow capability to this control layer, multiple (otherwise disconnected) processes can automatically run in sequence as desired, truly unifying the approach. This is the essence of a single technical environment that is abstracted away from the cloud implementations, user devices and individual processes.
Mobility
Handheld devices with multicore processors, high resolution screens and powerful built -media functionality have significantly changed the landscape for people wishing to work remotely on media processes. 4G networks are further extending this possibility, and allowing streamed media at a level acceptable to professionals for many purposes. Cloud services make this a significant opportunity for the industry.
By separating control and process, the user need not be physically co-located with the content or processing. Many media facilities work already this way anyway, in essence, with user terminals controlling a central machine resource over a KVM system or virtual machines across the content network. KVM over IP is available, of course, so remote working is already possible in that way. Cloud allows this to be truly remote and unconstrained with web-interfaces accessed over mobile networks, securely streamed proxies (so the content doesn’t reside on the user device) and all the horsepower and storage of the raw content located in a cloud. Since a cloud implementation should have all the appropriate security in place to do this, even if users are collocated with an on-premises cloud, it does not necessarily compromise security to allow it to take place outside the facility. Additional controls regarding remote access can be applied if desired, such as extra authentication layers, forensic marking of content and activity logging.
Security
One of the primary concerns for facilities considering cloud services is the security afforded their content. Much time and effort is spent in post houses to ensure physical and electronic security is in place to prevent the loss of data. As discussed earlier, the ultimate way to alleviate such concerns is to implement a fully private cloud on premises. However this may not be practical or cost effective in many cases, so the use of an external service is required. What happens to your data when it leaves your trusted network and enters a cloud environment? The fact is there are many possible ways to move, store and manipulate data in cloud systems and unless you are in full control of them, you may not know if your data is being protected.
The good news is that because of the architecture of cloud, it can allow more security than traditional systems relying on block storage (a simple SAN for instance). Combining data dispersion techniques with encryption can for instance offer multiple layers of defence that are not afforded by encryption alone. Of course, as with any system there are many areas that require attention to ensure security. Attacks on cloud systems may try to exploit multicore vulnerabilities, concurrency, or particular control (hypervisor) implementations. A robust system treats the whole cloud network as being under threat, expects attack from all sides and protects against it.
The use of cloud in media production and post production processes still has much further to go to reach its full potential, but it is sure to be a game changer for facilities large and small.
