Public cloud ecosystem adoption journey for new start-ups and small businesses has a very different trajectory and challenges than those faced by midsize and big enterprises undergoing cloudification of their enterprise systems.
Start-ups and small businesses organisations moving to public cloud ecosystem is comparatively easier since they have very less or nil baggage of existing on-premise infrastructure. But for midsize and big enterprises full transformation is not beneficial from cost benefit analysis. However other concerns like security of the sensitive data also prevents organisations from moving everything from on-premise to public cloud ecosystem.
Hence truth of the time is that on-premise ecosystems cannot be replaced by public cloud ecosystem, both are here to stay together. For example, an organization can store sensitive data on local data centre and simultaneously leverage the robust computational resources of a public cloud.
Biggest question enterprises are looking at modern cloud ecosystems is “how I do good cloud connectivity strategy that will allow me to leverage my already existing on-premise investment and public cloud ecosystems in secure and efficient way”.
Enterprise Cloud Connectivity is the interoperability between on-premise resources and public cloud environments. Enterprise Cloud Connectivity uses a variety of secure and fast connection protocols to allow organizations to integrate with network, storage, compute and user environments. In past any such connectivity was established manually and required lot of administration.
Traditional connectivity mechanisms and challenges:
There are multiple options available for example, using VPN over the internet provider’s connection or using dedicated links between the on-premise using custom or old protocols and public cloud ecosystems.
Internet:
This is the most trivial solution for data transfer, however it has attached risks. Internet is a best-effort network which means the speed is not stable or guaranteed. Routing of the data is not fixed, and varying latency can be introduced, which means that this option is not suitable for some applications. Another major issue with internet is the security and privacy. The data over internet can be tracked, intercepted, stolen or even modified during transit.
Internet + VPN:
To overcome some of the issues, enterprise can connect to public cloud environment using internet but apply an IPSec based VPN connection. This solves the issue of data security and privacy issue by encrypting the data in transit. However, this doesn’t solve the issue speed, stability and latency of the connection which are typical characteristics of internet.
Direct connection using leased lines:
The alternative to using public internet is to use private/leased direct connection between to cloud provider which are enabled by 3rd party partners. A direct connection between in-premise and public cloud mitigates both performance (speed and latency) and security risks. But reliability and SLA cannot be guaranteed because of presence of 3rd party partners.
Some of the other challenges are as follows:
- Protocol compliance: These communication protocols may not comply with protocols supported by the public cloud environments or may not be comply with market standards.
- Reliability and Redundancy: reliability of connectivity is dependent on the internet provider or leased connection provider. Whereas redundancy is majorly on physical layer.
- Security concern for network connection: The protocols used by enterprises may not be updated time to time according to the latest attacks / threats.
- Dynamic scaling of bandwidth: The bandwidth is totally dependent on the internet providers hence dynamic scaling of bandwidth may not be seamless operation or may take many days.
- Cost of data transfer / Broadband cost: For data hungry application cost of data transfer may increase since most of the internet providers changes for in/out-bound traffic.
- Simplicity: Configuration and Setup of communication between in-premise and public cloud generally takes lots of efforts and manpower.
- Integration with Cloud applications: Due to lack of conversion protocols the integration of in-premise and Cloud environment may not be seamless.
Solutions by public cloud providers:
Today there are many providers offering easier ways to integrate on-premise ecosystem with their cloud resources and these offerings covers most of the challenges. Thus, enterprises don’t have to worry about these. Some of the top offerings are “AWS Direct Connect” and “Microsoft Azure ExpressRoute”.
AWS Direct Connect:
Amazon Web Service is the most popular cloud provider in the market. AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your datacentre, office, or colocation environment.
AWS Direct Connect lets you establish a dedicated network connection between your network and one of the AWS Direct Connect locations. Using industry standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. This allows you to use the same connection to access public resources, such as objects stored in Amazon S3 using public IP address space, and private resources, such as Amazon EC2 instances running within an Amazon Virtual Private Cloud using private IP space, while maintaining network separation between public and private environments. Virtual interfaces can be reconfigured at any time to meet your changing needs.
AWS Direct Connect comes with following benefits:
- For bandwidth-heavy workloads AWS Direct Connect can reduce network costs by transferring data to and from AWS directly which is charged at the reduced AWS Direct Connect data transfer rate rather than Internet data transfer rates.
- AWS Direct Connect can establish a private virtual interface from your on-premise network directly to your Amazon VPC, providing a private, high bandwidth network connection.
- AWS Direct Connect utilizes the dedicated connection which can provide a more consistent network experience over Internet-based connections.
- AWS Direct Connect is an AWS network service, and works with all AWS services that are accessible over the Internet, such as Amazon Simple Storage Service (Amazon S3), Elastic Compute Cloud (Amazon EC2), and Amazon Virtual Private Cloud (Amazon VPC).
- AWS Direct Connect provides 1 Gbps and 10 Gbps connections, and if more capacity is requird then multiple connections can be easily provisioned.
- After signing up for AWS Direct Connect service can be configured quickly and easily using the AWS Management Console. The console provides a single view to efficiently manage all your connections and virtual interfaces.
If you’re looking at integrating with an AWS environment, make sure to look at Direct Connect. It allows your organization to directly align with a specific cloud strategy, which can be an all-encompassing extension into the cloud, or you can utilize a specific AWS service, like integrating into the Amazon S3 storage ecosystem. The good part is that Direct Connect helps ease the adoption of your specific cloud use case.
Microsoft Azure ExpressRoute:
ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure, Office 365, and Dynamics 365.
Connectivity can be from any-to-any (IP VPN) network, a point-to-point Ethernet network, or a virtual cross-connection through a connectivity provider at a co-location facility. ExpressRoute connections do not go over the public Internet. This allows ExpressRoute connections to offer more reliability, faster speeds, lower latencies, and higher security than typical connections over the Internet.
Azure ExpressRoute comes with following benefits:
- Layer 3 connectivity between your on-premises network and the Microsoft Cloud through a connectivity provider. Connectivity can be from any-to-any (IPVPN) network, a point-to-point Ethernet connection, or through a virtual cross-connection via an Ethernet exchange.
- Connectivity to Microsoft cloud services across all regions in the geopolitical region.
- Global connectivity to Microsoft services across all regions with the ExpressRoute premium add-on.
- Dynamic routing between your network and Microsoft via BGP.
- Built-in redundancy in every peering location for higher reliability.
- Connection uptime SLA.
- QoS support for Skype for Business.