Don’t Forget Networking In Your Travel Plans To The Cloud

Don’t Forget Networking In Your Travel Plans To The Cloud

Don’t Forget Networking In Your Travel Plans To The Cloud

The term “cloud” was first used by the telecomm industry in early schematics of the Internet to identify the various, non-specific uses data was put to at the end of their cables. The transmission of data was the telecomm industry’s primary focus. What happened in the cloud was someone else’s concern.

Today the attention has shifted so much to all the amazing uses data can be put to within a cloud environment that there is an unfortunate tendency to overlook how all your data is going to get safely and reliably to the cloud and back. It’s a little like focusing on all the great things you plan to do in Paris without considering how you’re actually going to get there.

Critically evaluating your network options may be less exciting than focusing on your ambitions in the cloud, but before you send your data off on its great adventure, you better be sure you know how it’s going to get there and get back.

Rest assured: You can safely assume that there are secure network options for every cloud implementation, but there are many details to be considered to before you decide which options are best suited to your needs and resources.

Admittedly, unless you are a network geek, thinking about networking can be a daunting task so, if you don’t know CCIE from TCP, here’s a primer on the network options you can use to connect to the cloud

There are basically three basic network options to connect to the cloud:

  1. Encrypted Virtual Private Network (VPN) over the Internet
  2. Adding a cloud environment as a node on your current Wide Area Network (WAN).
  3. Point-to-point circuits, i.e., leased lines.

Encrypted VPN over the Internet

Virtual private network technology makes it possible for businesses to securely and affordably create geographically dispersed business networks on top of the public Internet infrastructure. A key advantage to VPN access is that it is relatively inexpensive because your data is traveling for free over the Internet. It is also relatively uncomplicated to implement. These advantages essentially launched a wave of businesses into the Internet, and from there to the cloud.

VPNs provide security by the use of tunneling protocols and through security procedures such as encryption. Encryption protocols include Internet Protocol Security (IPSec), Transport Layer Security (SSL/TLS) and Datagram Transport Layer Security (DTLS).

While your data is out hopping from router to router around the Internet, it is also kept separate from everyone else’s data by Multiple Protocol Label Switching (MPLS), a mechanism that basically establishes a virtual path for your data between your outgoing router and its final cloud destination. MPLS is the technical counterpart to the multi-tenant technology which keeps your data secure in its own virtual container in a public cloud environment.Downtime-Data-Centers

A Node on your WAN

Wide area networks connect multiple Local Area Networks(LANs) across an enterprise. Most WANs include virtual LANs (VLANs) that are connected by VPNs through local exchange carriers to the Internet. Here again MPLS protocol protects your data from mingling with other data within your WAN or on the Internet.

Organizations that adopt this option still take advantage of free Internet transmission of their data. Implementation, however, is more expensive and complicated. Accessing the cloud as a VPN extranet on your WAN is appropriate for mid-sized organizations that have a widely distributed WAN environment.

Point to Point Connections

If you can’t get comfortable with the idea of your data hopping around the Internet with everyone else’s, point-to-point leased line connections (also known as private circuits) provide dedicated, always-on, fixed bandwidth connectivity between your data center and your cloud environment.

All three network options are secure, but point-to-point connections are the most secure. They are also the fastest and by far the most expensive option.

Point to point connections are appropriate for large organizations that have critical need and/or compliance requirements that require an exclusive, direct connection to the cloud. These could include financial organizations that require very high speed bandwidth, government agencies and suppliers that require absolute security, and healthcare organizations that need to guarantee the privacy of patient data.

Mix and Match

There are many variations and levels of speed, quality and security within each of these three options. Drilling down into the pros and cons of those variations is beyond the scope of this column. Suffice to say, one, or some combination of them, can be tailored to adequately and securely get your data to your cloud environment.

Combining more than one option, in fact, is the only way to guarantee against downtime. Every connection has the potential to go down—even direct point-to-point circuits, so having more than one connection is the only way to protect against the risk of losing access to your data in the cloud.

Acceptable risk varies with the criticality of the use case. If you are just spinning up virtual servers for a test dev sandbox environment, you don’t have to worry about losing access to your data. If you are a hedge fund involved in high-speed trades, on the other hand, any risk of downtime is unacceptable.  (See Infographic: http://cloudtweaks.com/2013/09/cloud-infographic-data-center-downtime/)

Bandwidth and Latency

There are two other key considerations you need to address in your choice of network option: bandwidth and latency.

Bandwidth requirements depend on what you plan to do with the cloud services. If you are accessing IaaS in the cloud, it takes little or no bandwidth to manage monitor and maintain the virtual container a cloud provider provides you. If you are going to run a SQL database or do transactions in real-time or nightly backups in bulk, however, you are going to need additional bandwidth to accomplish your tasks within an acceptable timeframe.

Most application providers publish bandwidth guidelines. According to Microsoft, for example, a SQL database requires bandwidth ranges of 3 megabits per second (Mbps) (dual T1) and greater with latencies less than 100 milliseconds (ms) – operational range. You can quantify your bandwidth requirements by adding up the required throughput of the applications and services you intend to access from the cloud. If you are already accessing these services within your data center, you should know that number

Latency is basically a measure of the delay between when a packet of data is dispatched and when it arrives at its destination. Every medium of transmission—cable, optical fibre, etc.—causes latency. Latency limitations determine the distance you can be from your cloud environment.

Latency is also determined by the relative well being of your network environment. It’s not your ISP’s fault of data from your cloud is delayed unduly because your firewalls, routers and servers delay transmission once the data arrives at you door. With all the demands that virtualization, collaboration, BYOD and a host of other hot trends have made on your network environment, if you haven’t done a comprehensive assessment of the health and capacity of your network, making that a priority before your journey to the cloud would be an excellent idea

One World

Using the cloud metaphor for the underlying technologies involved in delivering IT as a service runs the risk of encouraging a sense that the cloud is some stack of servers out in the ether that belongs to someone else. As soon as you make a commitment to use cloud-based services, in fact, you expand your corporate environment to encompass your internal IT environment, your network connection to the cloud and the cloud itself. They are each mutually interdependent and need to be addressed as integral parts of a whole system. Nothing works, unless they all do. Leave one out of your overall IT strategy, as a result, and no matter how innovative, creative, and cost effective your cloud destination may appear, you still won’t be able to get there from here.

By Mike Johnson

mike-johnson

As Logicalis Director of Unified Communications Architectures and Solutions, Mike is responsible for managing a team of pre-sales engineers focused on the development and design of unified communications and networking, specifically mobility and security solutions. Mike has a 14-year track record of successful management of go-to-market strategies, customer solution design, implementation and pre/post sales support in the managed services, healthcare and manufacturing industries.

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as offer green/cleantech learning and consultive services around the world.

Our vision is to create awareness and to help find innovative ways to connect our planet in a positive eco-friendly manner.

In the meantime, you may connect with CloudTweaks by following and sharing our resources.

View All Articles

Sorry, comments are closed for this post.

Comics
Using Private Cloud Architecture For Multi-Tier Applications

Using Private Cloud Architecture For Multi-Tier Applications

Cloud Architecture These days, Multi-Tier Applications are the norm. From SharePoint’s front-end/back-end configuration, to LAMP-based websites using multiple servers to handle different functions, a multitude of apps require public and private-facing components to work in tandem. Placing these apps in entirely public-facing platforms and networks simplifies the process, but at the cost of security vulnerabilities. Locating everything…

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Despite Record Breaches, Secure Third Party Access Still Not An IT Priority

Secure Third Party Access Still Not An IT Priority Research has revealed that third parties cause 63 percent of all data breaches. From HVAC contractors, to IT consultants, to supply chain analysts and beyond, the threats posed by third parties are real and growing. Deloitte, in its Global Survey 2016 of third party risk, reported…

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Picking Up – Legacy Security Losing Ground

Cloud Native Trends Once upon a time, only a select few companies like Google and Salesforce possessed the knowledge and expertise to operate efficient cloud infrastructure and applications. Organizations patronizing those companies benefitted with apps that offered new benefits in flexibility, scalability and cost effectiveness. These days, the sharp division between cloud and on-premises infrastructure…

How To Overcome Data Insecurity In The Cloud

How To Overcome Data Insecurity In The Cloud

Data Insecurity In The Cloud Today’s escalating attacks, vulnerabilities, breaches, and losses have cut deeply across organizations and captured the attention of, regulators, investors and most importantly customers. In many cases such incidents have completely eroded customer trust in a company, its services and its employees. The challenge of ensuring data security is far more…

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises: It’s About More Than Just Dollars

Cloud-Based Services vs. On-Premises The surface costs might give you pause, but the cost of diminishing your differentiators is far greater. Will a shift to the cloud save you money? Potential savings are historically the main business driver cited when companies move to the cloud, but it shouldn’t be viewed as a cost-saving exercise. There…

Cyber Criminals Are Business People Too

Cyber Criminals Are Business People Too

Cyber Crime Business You’re on the morning train on the way to work and take a look at the guy next to you. He’s clean-cut, wearing a crisp suit and holding a leather briefcase just like dozens of others. Just another worker headed to the office, right?. Yes, but not in the way you think…

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart Change-Induced Network Outages and Breaches

How Formal Verification Can Thwart  Breaches Formal verification is not a new concept. In a nutshell, the process uses sophisticated math to prove or disprove whether a system achieves its desired functional specifications. It is employed by organizations that build products that absolutely cannot fail. One of the reasons NASA rovers are still roaming Mars…

Digital Identity Trends 2017 – Previewing The Year Ahead

Digital Identity Trends 2017 – Previewing The Year Ahead

Digital Identity Trends 2017 The lack of security of the Internet of Things captured public attention this year as massive distributed denial of service attacks took down much of the internet. The culprits? Unsecured connected devices that were easily accessed and manipulated to do the bidding of shadowy hackers. When you can’t access Netflix anymore,…