Agreed.
The big problem I see between Cloud an On-prem at the moment is the disjointed security, I wish somebody would come up with a solution for that. Certain things you would take for granted with on-prem, such dropping a couple of Next-gen Firewalls to a core-location, or tapping a port to give traffic forensics etc.. Are very difficult or impossible in AWS, and AWS don't seem interested in offering a decent alternative.
Instead what you get is, a few security policies groups to control port and IP access.. no IPS, DPS, DPI or App filtering. Everytime I think about this, I have 1 single thought "... Hey AWS, 2003 just called, they want their security methodology back.."
If AWS offered the hypervisor capabilities of ESXi to customers on the normal EC2 platform, the world and cloud would be a much better place!
Biting the hand that feeds IT
