Most companies today use at least one cloud provider in some capacity. Within two years, 92% of companies will be using two or more.
This hybrid cloud world is forcing traditional data center design to evolve. The rise of hyper-converged systems and software-defined everything requires businesses to reevaluate traditional network and security designs to take advantage of the as-a-service world of today.
With an increase of high-profile security breaches, the old network designs are no longer keeping up. The pressure on IT departments to act as service providers is driving business outcomes that include reduced time-to-market for new applications and services, reduction in costs and increased availability of data. Also, many at the C-level want to see cloud-first application strategies aimed at taking advantage of these agile, consumption-based services.
You may ask: What about my network? How do I ensure it can take advantage of multicloud? Can I make sure that my data protection, security and availability will stand up to regulatory audits? Will I be able to maintain networking and security policies when accessing applications and data in multiple clouds?
What if there were a better way to control the networking and security policies in a granular way, whether or not the applications and data are on-premise or in the cloud?
In the article below, we’ll provide some insight to the challenges of multicloud networking and the primary ways organizations can solve these challenges to deliver increased agility in data availability and recovery, enhance security and reduce costs to get new business capabilities to market.
Modernize the LAN
Traditional networking uses a physical, layered spine-and-leaf network design as well as physical layering of management, production environments and test networks. These are each based on legacy designs that require proprietary hardware and protocols. This manual system for updating firewall rules and tables increases the time required to expand the network. It’s neither agile nor secure enough for the modern hybrid world.
Meanwhile, the explosion of hypervisors like Hyper V and vSphere has added further complexity and increase the burden on traditional perimeter-focused security designs. This is because hypervisors increase the amount of network segmentation required. In turn, this shifts internal traffic patterns in a heavy East-West pattern that rarely gets inspected in perimeter security design.
Some of the largest security breaches showed that a lack of security inspection at this layer is ineffective. Without a software-defined datacenter LAN, protecting on-premise data becomes a challenge. This design limits design secure connectivity to the cloud.
Being able to implement the same security policies both on-premise and in the cloud allows for greater security and flexibility while reducing risk. This includes measures like isolating and segmenting networks by IP and protocol, creating networks on the fly, using network policies and enabling copy-pasting and re-use of networks as with server virtualization.
We’ve observed that software-defined networking (SDN) solutions such as Cisco ACI and VMware NSX bring organizations business value by allowing them to deliver networking agility. Being able to control Layers 2 through 7 in a software construct rather than a physical switch allows for unlimited uses of virtual switches, routers and firewalls. All of them can be deployed in an instant, whenever needed.
Using SDN technologies helps organizations provision thousands of isolated networks for development, test and staging environments on the same physical infrastructure. SDN policies remove the manual work and cycle time associated with procuring, installing, and configuring traditional network infrastructure. IT can then deploy networks in lockstep with their workloads as fully audited self-service transactions. As a result, applications move much faster through development, test, staging and production without changing IP addresses.
Modernize the WAN
Software-defined WAN (SD-WAN) often comes up in the conversation around network modernization. Separating the hardware plane from the management plane allows networking policies to control networks, protocols and application types. As a result, applications take the fastest and cheapest path to their destinations. Using cheaper internet links to augment MPLS circuits lowers costs.
It also allows direct routing of software-as-a-service (SaaS) application traffic from branch offices to Microsoft Office 365, Salesforce and other cloud-based applications. The result is reduced backhaul traffic on the data center LAN. Using a single set of networking policies for LAN and WAN allows for faster, more efficient connectivity. It’s also more secure and comes at a lower cost.
Many organizations now offer networking services and SaaS applications to provide businesses with what they need when they need it. Traditional network vendors like Cisco, Brocade and Juniper are also shifting to a software-defined approach. The list of AWS networking services is growing daily, and Azure and Google Cloud are also offering security and networking services in an as-a-service model. VMware also offers multiple as-as-service networking and security features as well as a Hybrid Cloud Connector Software that allows networking connection options to multiple cloud providers.
Native Hypervisors in the Cloud
The trend of hypervisors offered natively in the cloud is also growing. Today, Azure offers desktop, server and application services that pair with data and networking services. These ensure high availability and disaster recovery options based on Microsoft technologies.
Meanwhile, VMware has the vSphere software platform with VMware NSX Software-Defined Networking, Virtual SAN and a lifecycle manager. All these come bundled and installed on hardware in AWS Datacenter. VMware also announced its intent to extend the VMware Cloud bundle to Azure data centers as well.
This creates endless options for increased security and disaster recovery by allowing organizations to stretch Layer 2 networks across the globe. This means a true drag-and-drop experience from on-premise to the cloud. These advances would have been impossible only a few years ago. Today, they represent the standard for all applications.
Modernizing Your Network: Next Steps
We can thank Google, Facebook and Amazon along with all the born-in-the-cloud software providers for these developments. An agile service provider approach is the standard for applications being delivered to customers. This requires all networks to be modernized in a software-defined model.
Migrating applications and workloads to the cloud are the first steps to modernization. How you innovate in the cloud is the journey. We help you deliver hybrid IT by leveraging the cloud to improve customer experiences, streamline business operations and create unique competitive advantages. Look to Softchoice to help modernize, scale and innovate your business.
Is your network ready for modernization? Explore our network readiness solutions and take the next step in your digital transformation journey.