The advent of many technological breakthroughs has drastically changed how enterprises’ IT conceive and deploy their applications. This has been made possible thanks to Software-Defined Technologies that powers the Cloud Service Providers. Since Software-Defined has been implemented in other areas such as WAN/SD-WAN and innovative CASB (Cloud Access Security Broker is on-premises or cloud-based software that sits between cloud service users and cloud applications, and monitors all activity, and enforces security policies) or SASE (Secure Access Service Edge, technology used to deliver WAN and security controls as a cloud computing service directly to the source of connection) providers have changed the way security is delivered.
These solutions facilitate and speed up deployments but come with their own challenges that enterprises must anticipate for delivering the right service to their end-users.
We have covered in a previous whitepaper How software-driven orchestration & automation bring the network agility required to interconnect complex multi-cloud environments how our SDCI platform accelerates and secures Cloud application deployments.
Here, we’ll see focus on the network strategy options when services are spread across heterogeneous environments.
1. Monolithic Architectures
For many years, enterprises have planned their WAN networks strategy to optimize traffic consumption across the Managed Service Provider capabilities.
We have seen many improvements over the last two decades to cope with enterprises’ evolution to IP.
Hub and spoke architectures with Frame-Relay and ATM networks allowed customers to deploy mainframes servers at HQ locations that served end-users with a consistent quality of service.
With the transition of the applications to IP, new ways of network consumption brought even more optimizations. The traffic flow became more complex, from hub and spoke to full mesh networks, applications are more distributed but still reside inside the enterprise closed environment.
Moreover, new apps requiring stringent SLAs, such as VoIP or Real-Time Video, have been massively adopted by end-users.
Figure 1. The monolithic architecture was the answer to Network teams to cope with resources on a single and isolated network domain at a global scale.
Once again, Managed Service Providers had a fit-for-purpose. With MPLS, the network can be fully meshed, the Quality of Service is supported by design, allowing traffic protection and control.
Thanks to the Differentiated Services Code Point Protocol, application network requirement SLA is protected, adapted to its criticality level.
Communication flows are handled by MPLs, allowing more distributed deployments and closer application servers to the end-users. In addition, enterprises have leveraged this capability to enforce optimization programs to improve the application distribution to its end-users while deploying more on-premise services.
While this conception of networks has been a fit for purpose during that period, modern IT has changed the network paradigm where agility is the core challenge for IT teams.
2. Modern IT challenges
Cloud Service Providers (CSPs) and Over The Top (OTT) companies have changed the way applications are consumed in Enterprises.
CSPs are bringing more agility to developers with faster Time to Market for companies. In addition, SaaS providers bring ubiquitous access to their applications.
End-users can be located anywhere, in the corporate network, remote workers, etc.
While this gives more flexibility to end-users, IT Teams must deal with new challenges:
- Security and access control to resources located in heterogeneous environments (CSP, SaaS, on-prem…).
- BYON: Bring You Own Network models, which introduces multiple types of underlays (public Internet and private).
- SD-WAN technology allows for faster deployments while adding underlay management complexity to stitch together end-users with their resources.
- Cloud Service Providers brings application deployment agility with access ubiquity; however, network performance can degrade the application experience.
Therefore, the network as a monolithic architecture is no longer the right model to answer to this new environment. Instead, the network must be modular, flexible, and agile to integrate with NetDevSecOps implementation and cope with these hybrid environments that enterprises have adopted.
We have successfully helped our customers achieve this transformation thanks to the InterCloud platform, VNF and API enabled, where the standard implementation is hybrid, whether for application deployment or the type of underlays deployed.
2.1 Move to Cloud strategy and Agile Architecture
An Agile Architecture removes the dependency on on-prem resources and provides more flexibility to the WAN and service layers while providing a simple governance model that allowed their IT to focus on their internal project initiative to better support their business areas.
This allows to answer to multiple challenges as seen above:
- Connect securely worldwide to the CSPs
- Integrate with the regional SD-WAN over the public Underlay and any Internet-based service.
- Act as the core dynamic routing platform with Software-Defined Cloud Interconnect infrastructure.
- Remove the need for DC Interconnect with routing VNF, implemented in our core platform and managed by InterCloud. VM resources to enable Internet/SD-WAN integration.
2.2 Decoupling the core from the global estate
The right way to achieve the agile architecture is by decoupling Cloud access connectivity from the VPN through our core platform. This allows for a plug-and-play model when integrating different access technologies through carrier hotels or new services, which are easily enabled as platform add-ons. It is then much quicker and simpler to integrate your Cloud resources and manage the security policies to access them.
Figure 2. InterCloud enables customers' digital transformation and leverages ZTN and SASE integration to integrate all services stack securely, whether on-prem, within a SaaS provider, or the CSPs.
Traffic flow is managed East to West-bound and South to North-bound with security access policies according to the customer’s security handbook.
2.3 Utilizing a robust global backbone foundation
Our fully-owned private global core network provides the robust foundation to create a highly cost-effective, stable, and truly global Distribution Layer. This layer is used as an ‘on-ramp’ from remote sites for your Public and Private Cloud resources, as well as being a perfect location to interconnect regionally to customers’ WAN. This delivers a highly scalable and resilient core that will form the basis for Cloud Interconnect Access platform.
2.4 Adapting dynamically to changing business demands
Allows the flexibility to bring in different Cloud resources, even on a bespoke model. We can add your partners or your legacy on-premise architecture as a new Cloud Destination. Platform normalizes the technical configuration to deliver the same level of service regardless of the resource location.
We have flexible options to upgrade or downgrade capacities as business demand dictates.
2.5 Delivered as a fully Managed Services
We provide solutions as managed services; hence our customers benefit from unified, end to end, SLAs managed and maintained from our Service Operations Centre.
Thanks to our service insurance, we protect our customers’ critical deployments.
Hybridization is the new norm. Applications are deployed on-prem and in multi-cloud environments. Networks are multi-sourced, shifting away from legacy technologies. Software-defined technologies have set the pace for deploying new instances integrated into the CI/CD DevOps cycle. Enterprise Network strategy must be capable to sustain the rapid adoption of new technologies. With the InterCloud SDCI Platform, we bring to our customer's freedom of choice with flexibility and agility while maintaining Quality of Service at the most critical.
Philippe is Pre-sales Manager, EMEA at InterCloud.
He has accumulated substantial experience in IT technology trends in Software, Hardware & Service and provides consultancy and solutions for customers developing their Cloud Strategies.