The growth of hybrid and multi-cloud requires new thinking about virtual networks.
Everyone in tech probably thinks they know what cloud computing and networking mean, but they’re probably wrong, and their misconceptions about the former color their view of the latter. Yes, the cloud dominates computing, but most things don’t “move to the cloud.” This subtle point is already changing the way we think about networking.
I’ve worked with the cloud since the beginning, and while there’s been a bit of “moving this to the cloud” going on for server consolidation reasons, the overwhelming majority of things that businesses use in the cloud today is not an entire application at all. This is the presentation layer for legacy data center applications.
Enterprise transaction processing, data storage and retrieval, and analytics are all things that require security and reliability. Early on, business leaders told me that these businesses weren’t going to migrate to the cloud because they thought their requirements couldn’t be met and the cost would be higher than lower. My work with them proves this point of view. Despite all the hype around the economy of scale of cloud providers, the fact is that most companies achieve economies close enough to those of the cloud that the difference doesn’t cover cloud providers’ profit margins.
Cloud: the data center presentation front-end
OK, so why do we see enterprise cloud usage growing at around 40% per year? Because the cloud is used to do things that were never done in the data center, need to be done now, and would be more difficult and/or expensive in the data center than in the cloud. These things are all related to how core business applications interact with customers, partners, and even workers, and so they all involve the internet.
Everyone loves online shopping, even online shopping research. Over the past five years, companies have created “portals” that connect a glitzy online experience to the tedious applications in their data centers. At first, these were for customers, but quickly expanded to support wholesale and transportation partners. And even before working from home, they were increasingly being used to support remote workers.
Today, of the approximately 250 companies I know reasonably well, 244 of them rely on these portals, and all of them use the cloud to implement them. The cloud is the presentation front end of their data centers.
Presentation interfaces are very difficult to build in the data center. Retailer interest, from research to shopping, varies wildly from day to day and even hour to hour. Users don’t tolerate long lags and poor user interfaces, and trying to build that kind of highly interactive experience from data centers would mean maxing out and letting resources sit idle during slower times, maybe most of the time. The cloud, with its scalability, offers a cheaper strategy, and since cloud hosting is usually available in the same geographic area as each user group, it is also likely to perform better.
This cloud presentation interface isn’t just about avoiding the data center; it’s also avoiding corporate VPN. The cloud collects the activity of all these scattered users, the cloud networks connect all the front ends, and the cloud network transmits everything through one big pipe to the data center. If the cloud presentation interface is also used to support working from home, why not use it to support working from normal branch offices? If you do that, why do you need an expensive MPLS VPN connection to those branches? Why not just use SD-WAN or the same internet and cloud combination that supports customers and partners?
The cloud provides network services
We can already see the symptoms of the cloud presentation mission’s real-time interactive focus. Microservices, functional computing, and GPUs versus CPUs are all signs of event-driven thinking, and they’re all on the rise. But we can also see signs of the ongoing shift in networking. Cloud providers are beginning to offer network services within their clouds, encouraging the internet/cloud partnership with its only exit ramp to the data center.
The impact on networking does not stop there. The cloud is a virtual computing platform. Apps and app items float, grow and shrink under load, replace themselves when they fail, and change dynamically when needed, without changing other apps and items. Connecting this swirling complex mess is a job for a virtual network.
A real network is for network service access points (NSAPs), not people or applications. Your home or office is assigned a range of IP addresses, and anything sent to those addresses goes to the NSAP which connects to the location. In the data center, the same is true; applications have addresses which are the addresses of where they are hosted.
This breaks down in the cloud, with scaling and redeployments, and cloud providers have long offered address mapping features to allow an application to have a fixed address wherever it runs . This is fine for a cloud application, but it doesn’t work for applications that are distributed across clouds or move between cloud and data center. For this we need an address mapping capability that is not dependent on a single cloud provider. We need a real virtual network.
Virtual networks, what SD-WANs really are, rely on traditional IP networks but have their own connectivity rules. If an app or component in the cloud is moved because it’s being redeployed or scaled, the virtual address doesn’t have to change. Same if an application/component enters or leaves the data center. Because login rules are defined at the virtual level, some implementations may also support what used to be called closed user groups, where a user or application’s login rights were limited to boundaries of a defined group.
Virtual networks could be perfect for people who have multiple devices that they want to use interchangeably. A mobile worker can use a phone when away from the office and a desktop system when indoors. With virtual networking, it would be possible to connect to the worker regardless of the device used and define connection rules for the worker that apply whether they are on the phone or at their desk.
Virtual network thinking is the biggest gap in enterprise network planning. Even when companies actually use virtual networks (VPN, SD-WAN, cloud virtual networks like elastic IP and data center switching), they are not planning the technology, but the mission. I know half a dozen companies that have implemented four different virtual network implementations, and this is a major operational risk. How, after all, do you know if your virtual networks are connecting or colliding?
You will become an increasingly important consumer of virtual network technology. Now would be a good time to start requiring all your virtual network sources to clearly explain how they will fit into this new hybrid, multi-cloud world, and steer clear of those that don’t have a good strategy. The further down the virtual network path you go – and you will take it – the harder it will be to change.
Copyright © 2022 IDG Communications, Inc.