Cloud networking is all about removing internal concern for all or part of the networking function by farming it out to a third party. Done right, the advantages are faster delivery of content, lowered costs, and more time available for IT resources. That makes it a popular option for content providers, ecommerce operations, SaaS providers, and those already taking advantage of cloud services.
The appeal is simple, and similar to that of cloud services in general. Why continue to buy, maintain, and service routers, bandwidth, firewalls, and management software when someone else can take care of it?
The basic idea is for the cloud networking provider to help the user establish cloud-based networking services for areas such as centralized management, wider geographical availability and distribution, traffic monitoring, and lower latency. By piggybacking onto cloud networking services from a global provider, the organization can increase service quality across a wider area. Providers also bundle security services and load balancing into many of their offerings.
There are many different use cases for cloud networking:
- Speed: Cloud networking can drive agility, boost time-to-market, and speed up the deployment of networking expansion initiatives.
- Scale: Organizations can provide a stable, global network that can scale to many more users than internal IT teams can easily cope with.
- Redundancy: The cloud makes it easier to adopt a multi-data center strategy by leveraging network cloud resources from many cloud service providers.
- Deferring capital costs: Organizations with outdated network equipment in need of a refresh can move costs from Capex to Opex by opting for cloud-based networking.
- IT prioritization: With IT teams steadily shrinking, organizations want their remaining resources to concentrate on strategic objectives. Putting out networking fires or maintaining the networking infrastructure is rarely going to meet the cut when it comes to key strategic elements.
Cloud Networking Service Selection
Those in the process of selecting cloud networking services, should pay attention to several key areas:
- Current cloud service providers: Those considering cloud networking should first review the cloud services providers they are already using to see if their networking services fit the bill.
- Operational consistency across clouds: Few, these days, manage to standardize on only one cloud platform. Therefore, check how the intended platform will interoperate with other cloud resources.
- Geographical extent: If all users are within one country or one region, why pay more for a global network? And on the other side of the coin, those needing to provide global networking availability should avoid more localized cloud networking resources.
- Visibility: Some providers are better than others on providing visibility into networking resources. If the network is likely to experience major spikes or is integral to revenue generation, more visibility and management are required, not less.
- Security: Pay close attention to the security services that come with the network. Consistent and comprehensive security must go hand in glove with cloud networking resources.
- Scalability: Some cloud networks scale up and down easier than others. If the organization may experience spikes in demand, the ability to auto-scale rises in importance.
- Billing: Watch out for hidden costs or complicated pricing and tiers that make it difficult to predict monthly bills.
- Programmability: Cloud networking is all about automating routine and rote tasks to deliver reliably consistent outcomes. Ask the vendor about repeatable design patterns that can be reused in data centers, campus networks, and across multiple cloud providers.
- Reliability: The system design must embrace individual unit failures and be capable of recovering automatically from point outages without compromising overall availability.
Cloud Networking Providers
There are many options available for cloud networking. Here are our top picks, in no particular order:
Citrix offers multiple cloud-based application delivery and security solutions including Application Delivery Controllers (ADC) in AWS, Azure and GCP, SD-WAN & SASE solutions, a comprehensive, cloud-delivered security stack, and cloud web application and API protection. Citrix ADC enables IT organizations to deploy any application (monolithic or microservices based), where they want (on-premises, public cloud, or hybrid), and be confident of the user experience.
- Single code base across all form factors, clouds and on-prem to drive operational consistency.
- Fuels higher performance and lower latency compared to competitive offerings according to testing conducted by Tolly Group.
- Holistic analytics provide actionable insights for the entire ADC fleet across multi-cloud and on-prem environments to drive more informed actions.
- Pool capacity licensing enables IT to allocate capacity where they need it.
- Integrated single-pass application and API security stack drives simplicity and better performance.
Arista has been involved in cloud networking since 2008. It developed the Universal Cloud Networking architecture, a pattern-based deployment model that emulates the high radix leaf/spine models deployed in the largest cloud providers. Provides zero trust-based systems security, and a scope of offering addressing all aspects of the data center, campus, cloud, and wide-area networking requirements.
- EOS software for automation and extensibility while delivering networking reliability
- CloudVision management plane enables automated provisioning and change control
- State-streaming architecture compresses time-to-resolution of networking problems while enabling accurate root cause analysis on initial component or protocol failures.
- Ability to extend the boundary of the network to a multi-region and multi-provider cloud environment.
- The Arista DANZ Monitoring Fabric enables cloud-style network observability and programmatic packet and flow capture with automated machine-based analysis of network protocols and traffic to identify issues and guide towards resolution.
- Awake NDR – applying AI and machine learning technologies for the protection of the network as well as using network data to drive automated investigations and threat hunting.
Dell Technologies Cloud helps organizations solve the challenge of managing networking across cloud environments by extending best practices across clouds and creating policies that can apply to any environment running VMware NSX-T. Software-defined networking enables microsegmentation to limit the attack surface of an application, and ensures that data is encrypted in transit. It is made up of Dell EMC VxRail hyperconverged infrastructure, VMware Cloud Foundation, and Dell Technologies partner clouds.
- Tight integration with VMware, EMC, and Dell products and services.
- Support for branch office, and client-side support with SD-WAN solutions.
- Guaranteed service levels by placing an SD-WAN between the users and the cloud service to monitor and ensure performance and QoS.
- Single operational hub for managing hybrid cloud solutions
- Scales on-demand.
- Leverages multiple clouds from all major providers: Amazon Web Services, Microsoft Azure, Google Cloud Platform, and more than 4,200 cloud partners.
The Akamai Intelligent Platform is a global cloud network for accelerating and securing web content and web application delivery. Its cloud architecture spans more than 160,000 servers in over 95 countries. The company boasts that 90% of internet users are a single network hop away from Akamai’s servers
- Manages a huge global network
- Akamai delivers from 15-30% of total global Internet traffic
- Real-time insight into the latest network security events
- Deep visibility into network traffic and performance
- Accelerates the delivery of web content and applications to any type of connected device from anywhere
- Detect and thwart cybersecurity threats such as SQL injection, cross-site scripting, and DDoS
The Extreme Cloud has a clustered, back-end infrastructure that can be independently adjusted as needed based on changing task load and distribution, with the ability to optimize the adjustments by monitoring operations for learned patterns of system performance. Its ExtremeCloud IQ network management system has features such as reactive stream processing, indexed search, and in-memory-data-grids to provide a clustered, task-distributed platform infrastructure.
- Scale up and out from a single device to millions, across a range of public cloud, private cloud, and on-premises platforms.
- API-accessible data insights and actions to integrate the network with business, partner, and technology provider ecosystems.
- Leverages indexing and caching techniques for rapid access to data stores, to let administrators experience faster data loading and execution of operational tasks.
The Google Cloud contains a wealth of cloud networking services. This includes high-performance options such as Dedicated Interconnect and Partner Interconnect to Cloud VPN for lower volume needs, and direct and carrier peering options.
- Provision, connect, or isolate Google Cloud resources
- Define fine-grained networking policies with Google Cloud, on-premises, or public cloud infrastructure
- Includes granular IP address range selection, routes, firewall, Cloud VPN, and Cloud Router
- Network Intelligence Center provides network monitoring and verification
Azure networking provides the scale, performance, high availability, and enterprise-grade security to meet extreme workload requirements. It offers a zero-trust security framework for global network operations. Tight integration with everything Microsoft and Azure speeds the deployment process and simplifies rapid scaling up or down.
- 165,000 miles of private fiber spanning 60+ regions and 170+ network PoPs across the world,
- Works across on-premises, multi-cloud, and edge location seamlessly.
- Predictable performance up-to 100 GBPS
- Optimized SaaS and SD-WAN connectivity
- Load balancing
Amazon Elastic Compute
AWS provides broad networking services with reliability, security features, and performance that can tackle the most demanding workloads. Security is built in and the company boasts the largest global infrastructure footprint of any provider.
- Can address enterprise applications requiring high availability, even those with the highest throughput and lowest latency requirements
- 80 availability zones and 25 AWS regions around the globe
- 100 Gbps network bandwidth available for many EC2 instances
- Tight integration with the entire AWS ecosystem.
The Juniper Mist Cloud Architecture is built on a microservices cloud which enables elastic scale. It has a broad portfolio of subscription services. Its cloud wireless solution delivers wired and wireless experiences for end users, IoT devices and clients while simplifying and automating operations for IT teams.
- API-based programmability, and end-user engagement through location-based services.
- Wi-Fi Assurance cloud service is machine learning driven by Mist AI to replace manual troubleshooting tasks with automated wireless operations.
- Visibility into WAN user experience with application-based context
- End-to-end impact analysis to user based on wireless, wired, WAN telemetry, states, and events
- Automatic corrections and identification of gateway misconfigurations and faulty interfaces
The VMware NSX Data Center is a networking and security virtualization platform aimed at bringing the public cloud experience to the private cloud. It enables IT to manage the entire network from one pane of glass. Its software-defined approach to networking extends across data centers, clouds, and application frameworks.
- Connect and protect applications across your on-premises and cloud infrastructure, including VMs, containers, and bare metal.
- Layer2-Layer7 networking and security virtualization
- Networks can be provisioned and managed independent of underlying hardware.
- Provision networks in seconds
- Protect applications with micro-segmentation at the workload level.
- Detailed application topology visualization, automated security policy recommendations and continuous flow monitoring.
- Lateral threat prevention on east-west traffic using threat prevention engine.