Multicloud Comparison

What we will cover

today
• Similarities and differences
between AWS, Microsoft Azure,
and Google.
• How multicloud environments
work.
• Pros and cons of Multicloud.
• Major cloud services comparison
for compute, networking, storage,
and monitoring.
• Hybrid and edge solutions.
 AWS Azure

What Cloud Google Cloud IBM Cloud

Vendors Do
You Use? Oracle Alibaba

Colocation / Company
3rd party data owned data
centers centers
• Public IaaS and PaaS Market Share
 Cloud Definitions
• Public Cloud - A cloud vendor supplies clients
with access to their data center infrastructure.
The cloud vendor is responsible for maintenance,
management, security and various upgrades.
• Old Private Cloud - Clients host their own data
center and manage, update, and secure the
infrastructure.
• Modern Private Cloud - Clients host their own
virtual resources at a public cloud provider. The
responsibility for managing, updating, and
securing the workload infrastructure is the clients
responsibility.
Cloud Definitions
IaaS - The cloud vendor provides clients
access to on-demand networking, storage,
and servers.

PaaS - The cloud vendor provides client

access to a cloud environment for developing,
managing, and hosting applications.

SaaS - Cloud hosted applications.

Public Cloud
Service
Layers
Magic Quadrant
for Cloud
Infrastructure
and Platform
Services
Magic Quadrant
for Cloud
Platform as a
Service
Magic Quadrant
for Cloud
Software Asset
Management
Tools
Magic Quadrant
for CRM
Customer
Engagement
Center
Name a third-party application
not available in the public cloud.
Name a third-party application
that doesn’t have a
comparable SaaS offering.
 Single Cloud

Application Public Cloud

Is This Multicloud?

Multiple applications
Hybrid Cloud: Is This Multicloud?

On Premises Public Cloud

• Is formed with both private and public clouds.

• All elements of the hybrid cloud work together.
• Data and processes interact.
 Options for On Premises Deployments

AWS Outposts Azure Stack Google Anthos

Unified management cloud/ on-prem X X X

Data encrypted at rest in transit X X X

Hardware installed and maintained by cloud provider X X X

Extends public cloud services on-premise X X X

AWS • Runs hardware managed by AWS and deployed on-prem.
• Resources deployed and managed using AWS Management Console.
Outposts • Supports EC2 instances, Containers, Elastic Beanstalk.
• EBS and EBS snapshots, RDS, S3 on Outposts.
Azure Stack
 Google Anthos
• Google Kubernetes Engine (GKE).
• Google Compute Engine (GCE).
• Clusters – Google, on-prem, Azure or AWS.
• Service Mesh (ASM) – communication
between services across public and private
clouds.
• Config Management – uniform consistent
container management across multiple
clouds with defined policies.
• Single or multiple public cloud, multiple
public clouds, and on-prem.
Multicloud Reality
• Containers and virtual servers can
be run anywhere: Public cloud
and on- premises .
• Applications can be run
simultaneously in a public cloud
and on-premises.
McAfee's 2019 Cloud Adoption and Risk Report
 Cloud Outages
2021

• October (2021) Facebook / WhatsApp / Instagram / Corporate – Router update – 6 hours

• December (2021) – US East 1 – Automation caused network failures – 11 hours
Cloud Outages
2022
• January - Apple iCloud – Storage – 3 days
• January – IBM Cloud – Network infrastructure – 5 hours
• January – IBM Cloud – Private network – 3 hours
• February – Slack – 5 hours
• March – Google Traffic Director – 2 hours 35 minutes ( Spotify – Discord
 Cloud Outages
2022
• Google Traffic Director – 2 hours 35 minutes ( Spotify – Discord
• March – Apple apps (App Store, Apps, TV) – 4 hours
• April – Atlassian – April 5th - 8th (Jira / Trello)
• May – Mimecast – (Cloud cybersecurity services) – NA datacenters power outage
• June – Google Cloud Middle East – Fibre optics cable cut – 2 hour outage
• June – Azure and M365 – East U.S 2 region – Power issues – 12 hours (Log Analytics, Managed
Identity Service, Media Services and NetApp Files
• June – Cloudflare – “internal errors” – 75 minutes – (Discord, Shopify, Grindr, Fitbit and Peloton)
Multicloud
Reliability
• If one cloud goes down, some
functionality may be available to
users from other deployed clouds.
• One public cloud could be used as
backup to another cloud.
• One public cloud could be used as
a DR /recovery site.
Multi-Cloud: Regional Redundancy
• Google, Azure, and AWS are
massive deployments on their
own.
• Each single public cloud provider
has lots of resiliency and
reliability.
• Google, Azure, and AWS are
expanding rapidly worldwide.
Microsoft Azure
Amazon Web Services
Google Cloud
Vendor Lock-in Concerns
• Spread systems and storage
across multiple cloud vendors.
• Separate clouds would not go
down at the same time.
• A second cloud provider for
disaster recovery needs.
• Different programming languages,
and application design
considerations.
• Reality: Lots of training and
skillsets needed.
 • Each public cloud provider has
Public specific functions and services
that differentiate them from
Cloud other providers.
Lock-in • Reality: AWS, Google, and Azure
APIs are propriety,
Google
Autoscaler
API
Azure
Autoscale
API
 https://autoscaling.amazonaws.com/?Action=CreateAutoScaling
AWS Group &AutoScalingGroupName=my-asg
&VPCZoneIdentifier=subnet-057fa0918fEXAMPLE%2Csubnet-
Auto Scale 610acd08EXAMPLE &MinSize=2 &MaxSize=10
&DesiredCapacity=2 &LoadBalancerNames.member.1=my-
API loadbalancer &HealthCheckType=ELB
&HealthCheckGracePeriod=120
&LaunchConfigurationName=my-lc
&MaxInstanceLifetime=2592000 &Version=2011-01-01
&AUTHPARAMS
“A developer who is deeply versed
in C # isn't going to magically be
productive in Java or React.”
Multicloud Cost Savings
• Potential cost savings: pick and choose the most
affordable services from different vendors.
• Example: Move archived storage to different cloud
providers when prices change.
• Moving any resource other than storage may be
difficult.
• Latency and data transfer costs.
• Reality: Calculating cloud costs is incredibly
complicated.
Multicloud Compliance Standards

• Compliance standards must match

CSP offerings.
• Different cloud providers offer
different compliance standards.
• Global and local compliance
standards may solve a companies
compliance issue in the country
where they operate.
Multicloud Security
Management
• A multicloud deployment means
interfacing with several different
vendors, each with different
processes and technology.
• Flexera CMP for centralized
management
• VMware
Multicloud Latency
• If services in multiple clouds need
to talk to one another in order to
fulfill user requests; latency could
be an issue.
• Depends on how tightly the cloud
services are integrated.
• How far apart are the data centers
geographically?
• Reality: How often do the multiple
clouds need to interact.
Multicloud Increases the Attack
Surface
• Multiple clouds increase the
attack surface.
• Vulnerabilities will need to be
managed carefully.
Cloud Hacks: Uber
“It appeared from leaked screenshots that the
intruder got into Uber's AWS account, SentinelOne
security dashboard, VMware vSphere control
panel, and other critical parts of its IT
infrastructure. It was also said that the miscreant
got access to private source code repositories,
internal documents, and more.”
“"The attacker then repeatedly tried to log in to
the contractor's Uber account," Uber claimed.
"Each time, the contractor received a two-factor
login approval request, which initially blocked
access. Eventually, however, the contractor
accepted one, and the attacker successfully logged
in."
Multicloud Performance
• Difficult to balance workloads
across different public clouds.
• Data centers are far apart
geographically.
• Choose a cloud provider with data
centres / edge locations that are
geographically close to customers.
• Cloud performance is inversely
correlated with the number of
network hops between servers.
Managing Shadow IT
• Independent deployments
outside of IT departments.
• McAfee's 2019 Cloud Adoption
and Risk Report
• 1,400 IT professionals in 11
countries were asked to estimate
the total number of cloud services
in use in their organization and
came up with an average of 31.
• The actual average figure was
1,935.
Multicloud Data Compliance
• Data governance requirements --
such as the EU’s GDPR will require
customer data to remain in
particular geographical locations.
• Compliance standards must be
reviewed.
 IT Ops - Infrastructure as Code; many sets of
tools and programming languages.

Security differences - Security management,

Multicloud credentials, data at rest / in transit.

Deployment Network latency - Ingress and egress traffic.

Issues
Developers - what APIs and runtime to use
for which job?
Comparing AWS, Azure
and Google Cloud
• Dominant market position
• Over 200 services
• Mature offerings – since 2006
• First service: Simple Storage Service
• Integration with Microsoft
tools and software
• Adapted Windows Server,
Office, SQL Server,
SharePoint, Dynamics
Active Directory, .NET
• Was available in 2010
• Azure DevOps was
available in 2005
• Designed for Cloud Native
• Committed to open source
• Containers (Kubernetes), Big Data,
machine learning, analytics
• DevOps expertise
• Started in 2008
• First Service: App Engine
Cloud Fiber Connectivity Options
• AWS – AWS Direct Connect
• AZURE – Azure ExpressRoute
• GOOGLE - GCP Cloud Interconnect
Cloud DNS Comparison

• AWS - Route 53
• AZURE – Azure DNS
• GOOGLE Cloud DNS
CDN Comparison
• AWS – CloudFront
• Azure – Azure CDN
• Google - Cloud CDN
Mobile Applications
at Telco Edge
• AWS - AWS Wavelength (Embed AWS
compute and storage services within
telco data center)
• Azure - Edge zones (Azure services are
connected directly to 5G networks in a
telco’s data center)
• Google - Global Mobile Edge Cloud (5G
solutions with telecoms companies
deployed on a global distributed edge)
Network Services Comparison
VPN Services
• AWS –VPN Services
• AZURE – Azure VPN Gateway
• GOOGLE – GCP Cloud VPN

Virtual Networking
• AWS – VPC – Regional
• AZURE – VNET – Regional
• GOOGLE – GCP VPC – Global
Load Balancing Comparison

• AWS – ELB, Route 53 Traffic policies

• AZURE – Traffic Manager
• GOOGLE – Cloud Load Balancing
Connecting AWS and Azure
Environments
VPN Tunnel – public internet connection
between AWS and Microsoft Azure.
• Limited throughput
• Cost – AWS and Azure data fees – per Gig per
egress.
AWS to Azure Site to Site VPN

• Services required at both AWS and Azure.

• Tunnel connections between AWS and
Azure.
• Azure – VNet Gateway.
• AWS – VPN Site-to-Site VPN.
• GOOGLE – Cloud VPN.
 AWS
Networking
Setup
 Azure
Networking
Setup
Azure ExpressRoute / AWS Direct Connect
AWS Direct Connect
Google Cloud Interconnect
Aviatrix
Nutanix
Compute Services Comparison
• AWS – EC2 instances
• Amazon Machine Image
• Placement Groups
• AZURE – Virtual Machines
• Virtual Machines Scale Sets – Fault /
Update domains
• GOOGLE – Computer Engine
Containers Comparison
• AWS – Elastic Container Service
(Docker) – ECS for Kubernetes –
with Fargate management.
• AZURE – Azure Container Service
– Docker on Azure - Azure
Kubernetes – Container instances
with Azure management.
• GOOGLE – Kubernetes – with
Anthos management.
Container Services
Multicloud container
workloads can
seamlessly run across
any cloud provider or
your own data
centers.
Serverless Comparison (FaaS)

• AWS – Lambda – Supports many

programming languages.
• AZURE – Azure Functions - .NET,
Node.js, Java, Python, PowerShell.
• GOOGLE – Functions - .NET, Node.js,
Java, Python, Ruby.
Data Backup Services Comparison
• Azure – Azure Backup
• AWS – AWS Backup
• Google – Cloud Backup
DR Services Comparison

• Azure – Azure Site Recovery

• AWS – AWS Elastic Disaster Recovery
• Google – Disaster Recovery
Data Transfer Services Comparison
• AWS – Snowball devices,
Snowmobile.
• AZURE – Data Box.
• GOOGLE – Transfer Appliance.
Monitoring Services Comparison

• AWS – CloudWatch, CloudWatch Logs.

• AZURE – Application Insights.
• GOOGLE – Cloud Monitoring.

• Audit Logging
• AWS – CloudTrail
• AZURE – Log Analytics
• GOOGLE – Cloud Audit Logs
Object Storage Comparison
• AWS – S3, S3 Glacier.
• AZURE – Blob Storage.
• GOOGLE Cloud Storage.

Reduced Availability Storage

• AWS – S3 Infrequent Access.
• AZURE – Cool Blob Storage.
• GOOGLE – Cloud Storage: nearline /
coldline.
 AWS S3 to GCP Storage Connector

Lambda Function that will handle creating an

S3 Event on an existing S3 Bucket.
• S3 Event for your Bucket.
• Lambda Function triggered by the S3 Event
that will ship the new file from S3 to GCP.
Use AWS Lambda to maintain backup of S3 to Azure Blob storage
Block Storage Comparison

• AWS – Elastic Block Storage,

Ephemeral.
• AZURE – Azure Managed Disks.
• GOOGLE – Persistent Disk Local
SSD.

• Block storage is private storage.

• Can be encrypted with AES 256-bit.
Shared File Storage Comparison

• AWS – EFS (Linux), FSx (Windows).

• AZURE – Azure File Storage.
• GOOGLE – Firestore.
Hybrid Storage Comparison
• AWS – Storage Gateway – Elastic
File System (NSFv3 mount points),
FSx (SMB).
• AZURE – Azure File Storage (SMB,
NSFv3 mount points).
• GOOGLE – Firestore (NSFV3
mount points).
 AI and Machine Learning

AWS Azure Google

SageMaker Machine Learning Vertex AL / Auto ML

Alexa Skill Kit Bot Framework Dialogflow

Polly Speech Services Cloud Natural Language

Rekognition Cognitive Services Vision AI

SQL Database Services Comparison
• AWS – Amazon Relational
Database Service (RDS) and
Amazon Aurora (Global).
• AZURE – Azure SQL Database,
Azure Synapse Analytics
(Active geo-replication).
• GOOGLE – Cloud SQL, Cloud
Spanner (Global).
NoSQL Database Services Comparison
• AWS – DynamoDB
• AZURE – CosmosDB
• GOOGLE – Firestore
In Memory Database Comparison
• AWS – ElastiCache for Redis.
• AZURE – Azure Cache for Redis.
• GOOGLE – Memorystore.
Pricing Tools Comparison
• AWS – Billing Dashboard,
Budgets.
• AZURE – Azure Billing.
• GOOGLE – Cost Management.