ra2 studio - Fotolia
Nearly all organizations now use software as a service to deliver some key applications to most of their users....
More than two-thirds use infrastructure as a service to supplement internal data centers, and, on average, about 10% of the workload has shifted from in-house servers to IaaS. More than half use platform as a service, or PaaS, to put a cloud infrastructure under their custom application code. But in this new environment, far too many companies rely on the same network architecture to serve their users as they did when most of the services came out of their own data centers. In the age of hybrid service delivery and cloud, the network needs some new thinking: Organizations need to choose a path to a hybrid cloud network architecture.
One key place to focus, to create a hybrid cloud network architecture, is getting traffic to and from those external cloud resources. Most organizations connect to their cloud providers over the public internet and still backhaul all internet traffic through their data centers. This can lead to huge increases in the amount of WAN bandwidth required and to unacceptable impacts on application performance.
Action options multiply
Several new approaches to networking provide opportunities for improvements. Direct internet access at the branch is one, most often now discussed in the framework of an SD-WAN deployment. SD-WAN lets IT pool multiple WAN and internet links in a branch to provide better performance at lower costs. It also generally supports selectively splitting traffic out at the branch and sending it directly to cloud destinations, relieving the burden on private, more expensive WAN links -- usually MPLS. This can be a great way to improve the performance of software-as-a-service (SaaS) applications, especially for users in areas replete with internet options and close -- geographically speaking -- to a major point of presence for the cloud vendor.
Another important option when building a hybrid cloud network architecture is direct cloud connect (DCC). In this scenario, the enterprise may have back-end traffic flowing among applications running in the data center and some strategic SaaS, PaaS or IaaS applications. The latency, and variation in latency, can create poor performance for the system as a whole. To mitigate this, the enterprise contracts with the cloud provider for direct network access to the cloud service. (Amazon calls this Direct Connect, Microsoft calls it ExpressRoute and other vendors have their own names for it.) It then engineers a link from its infrastructure to the provider's. This can be in a facility in which both the enterprise and provider host infrastructure, in which case, the enterprise contracts to have a piece of cabling strung from a port on a router in its equipment cage to one in their provider's space. Or it can be done via a telecommunications provider's infrastructure; the client essentially leases a port on the telecoms vendor's router in the facility, extends its WAN to that router port and pays for a cable to be strung to it from the cloud provider's router. In either case, traffic can now flow predictably and at high speed from an enterprise data center to a cloud provider data center.
Last, as a variation on the direct cloud connect approach to the hybrid cloud network architecture, IT now has the option of engaging WAN-Cloud Exchanges (WAN-CX) rather than engineering the whole direct connect chain itself. The enterprise sets up a connection to an exchange environment -- possibly provided in a colocation facility, possibly in an MPLS or other network provider's infrastructure -- and then uses virtual pipes across that connection to link to cloud service providers. The major benefit here is that IT can set up one connection -- to the exchange -- and connect to many providers through it instead of having to dedicate a port to and engineer a separate connection for each. The exchange environment can have a total cost of ownership advantage over a direct connect, especially when a link is needed for a short-term project (e.g., absorbing an acquired company or spinning off a new one) or the volume of traffic flowing to a provider will be small.
Direct internet access, software-defined WAN, DCC and WAN-CX all offer advantages in the right scenario, and variations and new options emerge regularly. However organizations approach their strategy for creating a hybrid cloud network architecture, most will have to re-evaluate and update how they currently connect their systems and users to the cloud applications that are becoming an ever-larger portion of the IT portfolio.
How exactly does WAN cloud exchange work?
Learn how better security is driving cloud network migrations
Discover proven methods for securing the cloud