Designing Networks and Services in the Cloud
Read Designing Networks and Services for the Cloud: Delivering business-grade cloud applications and services and more than 24,000 other books and videos on Safari Books Online. Start a free trial today.
In this chapter, you learn about the following:
- Networks helping to overcome barriers to cloud adoption
- Increased relevance of the network and network services
- Monetization of network services
- Evolution of networks toward meeting the challenges of the cloud model
- Map of the subsequent sections of the book
The CIO’s Dilemma
The cloud has created a paradigm shift in the way IT resources are provided and consumed. The previous chapters discussed how virtualization has proven to be the disrupter that has accelerated the journey to cloud. Cloud deployments have brought about game-changing benefits for both the providers and the consumers but continue to be challenged by certain inhibitors to adoption. Consider the case of an enterprise’s chief information officer (CIO) contemplating a move to the cloud. The cost and agility benefits offered by cloud deployments make it an attractive option for the organization. It allows the IT group to focus its limited resources on the core business of the company, enabling it to fund and undertake new projects with business impact. Figure 4-1 illustrates how the majority of IT budgets are spent on maintenance, resulting in unfunded new projects, which ultimately result in missed business opportunities.
Figure 4-1. CIO’s Dilemma
The elastic nature of the cloud allows IT to rapidly respond to changing business conditions, scaling up and down on demand. The cloud can help the IT department to cater to demand elasticity and avoid outages/unavailability of business-critical resources such as the company’s e-commerce website during the crucial holiday shopping season, for example. The resulting loss of revenue and negative customer sentiment could be avoided by leveraging the nearly unlimited scale offered by the cloud. Clearly, CIOs have a lot to gain by moving workloads to the cloud and enabling IT to focus on providing competitive differentiation for the organization.
However, the CIO has several concerns that impede the migration to cloud. Security and privacy of the organization’s data in the cloud is a primary concern for CIOs. The multitenant nature of cloud deployments come with intricate concerns about competitors running workloads on the same shared infrastructure and potentially gaining access to proprietary applications or sensitive data belonging to other tenants. Organizations have different regulatory requirements to comply with depending on their industry and the jurisdictions under which they perform business. CIOs need assurance of compliance to internal and external regulations as they move workloads into the cloud. Can the IT organization still have the ability to run audit reports on their cloud assets? In addition, CIOs need visibility of their workloads in the cloud. Can the cloud resources consumed by the organization be accurately measured?
Service level agreements (SLA) are another key area of concern for the CIO, who is responsible for ensuring a certain level of performance and availability for the organization’s service consumers.1 IT organizations in over two thirds of enterprises provide some form of internal SLA to their customers (the various business and functional units within the company). Can the CIO continue to offer equivalent SLAs after migrating to the cloud? What is the impact to the uptime metrics for the organization’s mission-critical applications? And how will performance metrics such as latency, jitter, and loss affect the end user’s quality of experience when delivered from the cloud?
How can cloud providers assuage such concerns from the CIO and enable the organization to migrate to the cloud with confidence? The network is uniquely positioned to help address these challenges and accelerate the adoption of cloud services toward fulfilling the mission-critical needs of the organization. Let’s take a look at how networks and network services enable the cloud provider to address each of these inhibitors:
- Security: Today’s multitenant cloud deployments leverage shared infrastructure, causing most organizations to have concerns about securing their data and isolating it from other tenants of the cloud. The ubiquitous nature of the network and its role in connecting physical and virtual cloud resources—inside data centers and beyond—positions it appropriately for providing comprehensive security, from the infrastructure all the way to the application. The network provides an ideal platform to consistently enforce security policies from physical to virtual stacks, from local data center to remote virtual data centers.
- Visibility and compliance: The network is inherently aware of user interactions, connected resources, and data traversing service provider networks or the Internet, and even inside and between cloud data centers. This awareness, combined with the powerful capabilities of network analytics, positions the network as an ideal platform for monitoring and providing visibility into the cloud service and infrastructure. Cloud providers could then make relevant pieces of information available to the tenants, allowing them visibility into their current share of cloud resources. Cloud consumers gain deep insights into their services, such as performance statistics, accurate resource use, and location information.
In addition, this tenant-level visibility enables the generation of event logs and the production of audit reports. This is particularly useful toward verifying compliance with regulations such as Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry (PCI), and others, which still need to be adhered to as organizations move to the cloud.
- User experience/SLAs: Cloud consumers, especially enterprises, are looking for cloud providers to offer certain levels of availability and performance SLAs. As described previously, the network is naturally suited to monitoring cloud services and infrastructure. This allows the network to intelligently re-orchestrate resources and redirect workloads in the event of failure or performance degradation. Such actions based on policy-driven automation allow the network to improve the resiliency and as a result the availability of the cloud service.
It also allows protecting the user experience with the cloud service, which is dependent on the latency, jitter, and packet loss that the distributed cloud service is subjected to. In this regard, cloud service providers who also own or have access to IP Next Generation Network (NGN) assets are uniquely positioned to offer end-to-end cloud SLAs to their customers, providing them significant differentiation. (Chapter 12, “End-to-End Cloud SLAs,” explores these end-to-end SLAs in detail.)