Rawpixel - Fotolia

Cloud networks need careful planning, not just more bandwidth

Cloud computing has fundamentally changed the way enterprises deploy and use IT resources. So what does it mean to build a cloud network?

Building a network that supports cloud computing appears, for many network engineers, to be a path paved by fat pipes. But some enterprise networks need more than some extra bandwidth to deliver what the cloud promises: operational efficiency, lower costs and greater agility to deploy, consume and manage IT resources.

And while there has been no shortage of hype about cloud computing, it isn't all just hot air. Public cloud service spending is projected to hit $127 billion in 2018, up from $56.6 billion in 2014, according to IDC. With a compound annual growth rate of 22.8%, public cloud spending is growing six times faster than the IT market as a whole, IDC reports. Meanwhile, private and hybrid cloud deployments continue to flourish, with 58% of the 600 IT decision makers recently polled by Current Analysis saying they used private cloud architecture in 2014. The poll found 28% had adopted a hybrid cloud strategy.

The task of designing, testing, deploying and managing cloud-ready networks is a multifaceted effort that presents several challenges, but it can also be an opportunity for enterprises to optimize their network operations, improve security and lower costs. Achieving those goals requires more than the right technology investments. Take it from those who have been there: People, process and strategy are just as important to cloud networking as the actual infrastructure deployed.

At K&L Gates LLP, a Boston-based global law firm with more than 2,000 lawyers spread across five continents, the cloud isn't just an idea; it's an operational shift that has had a significant impact throughout the firm. K&L Gates uses both private and public cloud technologies today.

"We manage over two petabytes of data, and I wanted to be able to take advantage of cloud architecture," explains Scott M. Angelo, chief information officer at K&L Gates.

Angelo has been at K&L Gates for three years and he has, in fact, been able to shift his organization to benefit from the cloud. But it's an effort that wasn't without its challenges -- and it was no small undertaking either.

So, what had to change at K&L Gates in order to take advantage of the cloud?

"Everything," Angelo says.

It's not just about fat pipes

When enterprises consider a move to the cloud -- public, private or hybrid -- the first item on many networking professionals' wish lists is more bandwidth. Even at companies that live and breathe networking, there has been a cry for more capacity in order to move to the cloud.

The SaaS vendors don't want to make cloud sound complicated, so they just tell you to put in a fat pipe.
Bask IyerCIO, Juniper Networks

Bask Iyer is the CIO of Juniper Networks and is responsible for the internal network and applications that Juniper's employees use every day. As Iyer has transitioned Juniper's own network to support public, private and hybrid cloud models, he's had to try to make sense of what cloud networking truly requires.

"The SaaS (software as a service) vendors don't want to make cloud sound complicated,"he says, "so they just tell you to put in a fat pipe."

In reality, however, simply putting in a fat pipe -- that is, a higher-bandwidth network connection -- should be just one piece of a broader cloud networking strategy. That said, building a network for cloud is not a one-size-fits-all approach either. Network requirements for cloud depend on which model of cloud computing is going to be used, the way in which cloud-hosted applications and workloads will be reached, and the traffic expected between on-premises systems and the cloud, according to Jim Frey, vice president of research for hybrid cloud and infrastructure management at Enterprise Management Associates Inc.

A dedicated WAN link to the cloud affords enterprises more control over performance and security, but connecting via the Internet enables cloud applications and workloads to be accessible from anywhere. In the simplest cloud deployments, applications and their necessary data live entirely in a public or private cloud.

"In this case, there are few specific network requirements beyond the capacity required to move files back and forth as well as a means for secure access," Frey says. "Many cloud providers offer VPN services directly, or a cloud-based router can be deployed as a VPN gateway."

Networking gets a little more complex with hybrid cloud, which EMA's research indicates is growing at 40% annually -- more than twice as fast as pure public or private cloud deployments. In a hybrid cloud, data resides both in the public cloud and in a private cloud, which ends up creating a number of requirements for specific networking features.

"VLANs or overlay networks -- i.e., VXLAN, NVGRE or OTV -- will be needed to segment or isolate traffic both within the cloud, if available from cloud provider, and to and from the cloud," Frey suggests. Quality of service and DSCP traffic prioritization may also be necessary to ensure enough bandwidth is reserved and available for critical transactions or data flows, he adds.

Network forecast: Cloudy with a chance of pain

What are your biggest challenges with cloud networking? Take our quick reader poll. We'll publish the results in an upcoming issue of Network Evolution.

Additionally, WAN optimization appliances or application delivery controllers may be used to compress and accelerate traffic, depending on the application type. Adoption of virtual appliances for network security and monitoring are also an option in deployments where they're necessary, practical and cost effective.

The concept of network programmability, via software-defined networking (SDN) and network functions virtualization (NFV), will also play a significant role in optimizing enterprise networks for the cloud.

"SDN and NFV are both highly relevant to cloud networking, although live production usage is still in early stages," Frey says.

Cloud networking: Look at the big picture

Making big architectural shifts is often easier said than done, however, and the technical hurdles are often just one half of the equation. Juniper CIO Iyer says that, generally speaking, many people in an enterprise don't pay attention to infrastructure until it's broken. In the past, events like Y2K and other big IT trends like VoIP put a focus on infrastructure. Now it's cloud computing, security threats and mobility that have renewed emphasis on infrastructure.

"We were potholing before," Iyer says. "We were building things where we saw holes and increasing bandwidth as we needed it."

The problem with that approach was that he was spending a lot of time and money on infrastructure. By fully embracing a "why not cloud?" approach -- continually evaluating the cloud readiness of every service and application -- Iyer has been able to optimize Juniper's internal IT operations with a dramatic data center consolidation project. He decommissioned 18 of the company's 20 data centers, lowering the total cost of the network.

"By building an infrastructure that enables the move to the cloud, we ended up shutting down a lot of our data centers," he says. "You don't need so much gear in so many data centers."

While there's no shortage of networking-savvy minds at Juniper, Iyer is still the "IT guy." That means he got no special favors when it came to figuring out the best path forward.

"People would rather go help customers than help me with the network," he says. "So I still have to get my architects and do design for policy, security, et cetera."

The cloud provided an opportunity to remove the "mind-numbing" aspects of networking, he says, which included routine tasks like IP address management and other common services that are now more centrally managed and controlled in a cloud network.

José Fernandez Balseiro, technical officer and project manager at the European Space Agency (ESA), says that while more bandwidth was certainly necessary to support the Paris-based space agency's private cloud project, it's only one piece of his cloud networking strategy.

By the time ESA undertook its private cloud project, it was already in the midst of upgrading parts of its WAN from a 100 Mbps, Layer 3 MPLS service to a 1 Gbps, Layer 2 WAN service. Balseiro faced a two-part challenge. First, the new WAN needed to allow traffic to flow seamlessly between all of ESA's main sites and branches; some branches are in remote locations and do not have access to a large amount of bandwidth, so reusing the existing connections was mandatory.

Second, Balseiro also needed to design a business continuity plan for the agency's private cloud that could effectively leverage, in a robust way, the Layer 2 features of the new WAN -- while also maintaining the legacy network security infrastructure that imposes choke points to allow traffic to always go through.

"Many organizations today do not really know whether they need business continuity at all and, if yes, whether this need could be addressed in ways that have a contained impact on the network," he says.

Don't forget about people

In addition to infrastructure needs, a successful cloud networking strategy also considers the people that need to be part of the network transformation. Such a shift typically requires a networking team that has the technical know-how to navigate cloud computing and virtualization, and one that is willing to work closely with other groups within IT to coordinate a broader strategy.

For Angelo, at K&L Gates, a lot of his company's journey to the cloud didn't have to do with the pure technology aspects. Angelo faced a talent management challenge -- getting the right mix of people, partnerships and vendors to come up with the best solution.

Also outside the world of switches and routers, IT pros dabbling in cloud for the first time often run into problems with legacy service provider and vendor contracts.

"I had existing contracts with data centers that were major constraints for me getting to where I wanted and needed to be," Angelo says. "There were also contracts with some of the older technology that we knew we wanted to get off of."

The question of capital depreciation for technology assets is another consideration and challenge that needs to be part of a cloud network transformation.

"All the stars need to align so you can get things to happen, or you have to work really hard to make things happen," Angelo says.

Sean M. Kerner is an IT consultant, technology enthusiast and tinkerer, and has been known to spend his spare time immersed in the study of the Klingon language and satellite pictures of Area 51. He has pulled Token Ring, configured NetWare and has been known to compile his own Linux kernel. He consults to industry and media organizations on technology issues.

Next Steps

Learning the basics of cloud networking

Is the network the Achilles' heel of the cloud?

Understanding network as a service

This was last published in March 2015

Dig Deeper on Cloud Networking