I think every network engineer has already seen that applications are moved to the cloud on a massive scale in recent years. Some apps are even developed and deployed directly in the cloud. These are known as Cloud-native applications or "born in the cloud". This industry shift has created a lot of new challenges to network architectures such as the following:
- How do you ensure that apps are taking the most optimal path to the Cloud? Since most networks have multiple Internet circuits and eventually a direct connection to the particular cloud environment, the best-path selection on a per-application basis is a complex task.
- How do you provide a flexible and secure connection to the Cloud from every remote site? Since most traditional WAN architectures do not allow direct connections from branches to the Cloud over the Internet, the traffic is routed from remote sites to a regional hub/datacenter and then out to the Internet. This adds additional latency and creates bandwidth bottlenecks.
Yes, migrating apps to the public cloud presents new challenges to network engineers. However, there is another, more rare unicorn - interconnecting multiple clouds, that creates an even harder challenge.
The Business Need
Inevitably, when multiple business-critical applications are migrated to the same public cloud, some fundamental questions start to arise:
- What if the cloud fails? - Yes, even public clouds experience large-scale outages. Many enterprises have decided to create instances of their most critical apps in an alternative public cloud for redundancy and disaster recovery.
- Vendor lock-in - Overtime, using only one provider makes the company heavily dependent on that vendor. Also as a consumer, an enterprise may want to have the freedom to demand custom pricing and have legroom for negotiations. This inevitably leads to a multi-cloud model.
- Different geographies - Not every public cloud provider is available in any geographical area in the world. For example, at the time of writing this article, AWS does not have an infrastructure region in Switzerland. This forces some enterprises into the multi-cloud model.
Some companies end up with a multi-cloud operation just naturally. This typically happens when some departments move workloads into one cloud provider and other departments migrate other apps to a different provider.
Cisco SD-WAN as Multi-Cloud Interconnect
Cisco SD-WAN provides the ability to extend the company's WAN to the public cloud, ultimately connecting any WAN location to any cloud platform in a secure and automated fashion. It ensures the connectivity requirements by using enhanced routing techniques such as application-aware routing to the cloud IaaS applications and adjusting the IPsec routes in real-time based on the pre-defined quality metrics (packet loss, latency, and jitter).
- Automated connectivity provisioning - Cisco SD-WAN extends the overlay fabric to public clouds. This provides the ability to choose the most optimal entry point for all data centers and hub locations in real-time.
- Application and network telemetry in and out of all clouds for reporting - Cisco SD-WAN provides the ability to unify the network management by creating a single pane infrastructure that has visibility across the entire enterprise network for more sophisticated management of network resources and services. This single-pane view can provide a unified centralized management of all resources including physical, virtual, and cloud.
- Dynamic routing, multipathing, and deterministic failover behavior using OMP - Because the enterprise overlay fabric basically includes the virtual WAN edge routers hosted in the clouds, all network settings could be managed in a centralized fashion using the SD-WAN control plane. This gives the ability to create custom network topologies based on the company's needs.