E-guide

Designing Your
Network for the
Hybrid Cloud
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 1 of 14
In this e-guide:
Cloud adoption has become a standard across many industries
in the last few years, but many businesses are still hesitant to
fully enter into a cloud-based network architecture for fear of
possible network security breaches.
The solution? The hybrid cloud.
Read on to uncover the paths to a hybrid cloud network
architecture, including SD-WAN and WAN cloud exchange, and
how you can overcome hybrid cloud bottlenecks by optimizing
your network.
Bonus! Check out an exclusive Q&A with ONUG co-founder
Nick Lippis on how the cloud was an apparent theme at
ONUG’s Spring 2017 conference.
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 2 of 14
The best path to a hybrid cloud network
architecture
John Burke, CIO and Principal Research Analyst | Nemertes Research
There are a variety of paths that lead to a hybrid cloud network
architecture. Learn whether SD-WAN, WAN cloud exchange or
some other option is best for your enterprise network.
Nearly all organizations now use software as a service to deliver some key
applications to most of their users. More than two-thirds use infrastructure
as a service to supplement internal data centers, and, on average, about
10% of the workload has shifted from in-house servers to IaaS. More than
half use platform as a service, or PaaS, to put a cloud infrastructure under
their custom application code. But in this new environment, far too many
companies rely on the same network architecture to serve their users as
they did when most of the services came out of their own data centers. In
the age of hybrid service delivery and cloud, the network needs some new
thinking: Organizations need to choose a path to a hybrid cloud network
architecture.
One key place to focus, to create a hybrid cloud network architecture, is
getting traffic to and from those external cloud resources. Most
organizations connect to their cloud providers over the public internet and
still backhaul all internet traffic through their data centers. This can lead to
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 3 of 14
huge increases in the amount of WAN bandwidth required and to
unacceptable impacts on application performance.
Action options multiply
Several new approaches to networking provide opportunities for
improvements. Direct internet access at the branch is one, most often now
discussed in the framework of an SD-WAN deployment. SD-WAN lets IT
pool multiple WAN and internet links in a branch to provide better
performance at lower costs. It also generally supports selectively splitting
traffic out at the branch and sending it directly to cloud destinations,
relieving the burden on private, more expensive WAN links -- usually MPLS.
This can be a great way to improve the performance of software-as-a-
service (SaaS) applications, especially for users in areas replete with
internet options and close -- geographically speaking -- to a major point of
presence for the cloud vendor.
Another important option to architect a hybrid cloud network is direct cloud
connect (DCC). In this scenario, the enterprise may have back-end traffic
flowing among applications running in the data center and some strategic
SaaS, PaaS or IaaS applications. The latency, and variation in latency, can
create poor performance for the system as a whole. To mitigate this, the
enterprise contracts with the cloud provider for direct network access to the
cloud service. (Amazon calls this Direct Connect, Microsoft calls it
ExpressRoute and other vendors have their own names for it.) It then
engineers a link from its infrastructure to the provider's. This can be in a
facility in which both the enterprise and provider host infrastructure, in which
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 4 of 14
case, the enterprise contracts to have a piece of cabling strung from a port
on a router in its equipment cage to one in their provider's space. Or it can
be done via a telecommunications provider's infrastructure; the client
essentially leases a port on the telecoms vendor's router in the facility,
extends its WAN to that router port and pays for a cable to be strung to it
from the cloud provider's router. In either case, traffic can now flow
predictably and at high speed from an enterprise data center to a cloud
provider data center.
Last, as a variation on the direct cloud connect approach to the hybrid cloud
network architecture, IT now has the option of engaging WAN-Cloud
Exchanges (WAN-CX) rather than engineering the whole direct connect
chain itself. The enterprise sets up a connection to an exchange
environment -- possibly provided in a colocation facility, possibly in an MPLS
or other network provider's infrastructure -- and then uses virtual pipes
across that connection to link to cloud service providers. The major benefit
here is that IT can set up one connection -- to the exchange -- and connect
to many providers through it instead of having to dedicate a port to and
engineer a separate connection for each. The exchange environment can
have a total cost of ownership advantage over a direct connect, especially
when a link is needed for a short-term project (e.g., absorbing an acquired
company or spinning off a new one) or the volume of traffic flowing to a
provider will be small.
Direct internet access, software-defined WAN, DCC and WAN-CX all offer
advantages in the right scenario, and variations and new options emerge
regularly. However organizations approach their strategy for creating a
hybrid cloud network architecture, most will have to re-evaluate and update
 E-guide

how they currently connect their systems and users to the cloud
In this e-guide applications that are becoming an ever-larger portion of the IT portfolio.

The best path to a hybrid

cloud network architecture p.2
Next article

Optimize your enterprise

network design for hybrid
cloud p.6

ONUG Spring 2017

conference issues include
barriers to cloud adoption p.9

About SearchNetworking p.14

Page 5 of 14
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 6 of 14
Optimize your enterprise network design
for hybrid cloud
Paul Korzeniowski, Freelance Writer
Public and hybrid cloud adoption has a major ripple effect on enterprise
network design. New bottlenecks arise, and some businesses need to alter
their network configurations -- particularly those for wide area networks --
to ensure they get the performance they need.
With hybrid and public clouds, in particular, the networking focus shifts
heavily to wide area network (WAN) connections. Businesses need to link
their data centers to their public cloud provider's sites, and often rely on
their existing internet lines to do so. But this approach has shortcomings.
First, bandwidth is an issue. Traffic that used to roam about the data center
now needs to move off-site, often increasing WAN traffic. Consequently,
organizations may need to upgrade their internet lines, which can be
expensive; pricing depends on a business' location and amount of bandwidth
needed.
But in some cases, higher speed lines may not be available. Carriers only
deploy lines in densely populated areas with high demand. Urban businesses
usually have plenty of network choices, but rural offices may have trouble
finding high bandwidth links.
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 7 of 14
Also, public internet bandwidth is given on a first-come, first-serve basis, so
network availability is not guaranteed. Delays in freeing up bandwidth can
cause transmission troubles; in some cases, files may not reach their
destination in the public cloud and have to be resent. If users need to
exchange large, complex files, such as engineering documents or videos,
public internet connections may not be a good choice.
Consider private options for enterprise network
design
Rather than deploy a public internet link, businesses can use a private
network line that serves as a direct connection from their network to their
cloud provider's network. Some cloud providers offer these links directly to
users for additional costs.
"Increasingly, we see cloud vendors, like Amazon Web Services, work more
closely with carriers, like AT&T, to provide customers with high-speed
network connections," said Brad Casemore, research director, Datacenter
Networks at IDC.
One option is to set up an Internet Exchange Point, a high-speed link
between the two networks. Such connections eliminate internet delays,
improve network performance and increase transmission reliability.
Leased lines, such as frame relay or Asynchronous Transfer Mode lines,
represent another option for enterprise network design. These connections
increase network complexity, as users need management tools and visibility
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 8 of 14
into a vendor's connections, but improve network availability because
outside traffic can't disrupt exchanges.
Virtual private networks offer another choice, and come in two varieties.
Some are based on layer-three protocols, such as Multiprotocol Label
Switching (MPLS) and Border Gateway Protocol, which operate at the
router level. Others rely on Layer 2 services, such as Ethernet-over-MPLS
and Overlay Transport Virtualization, which function at the switch level.
As businesses adopt new WAN services, they need to know what the costs
will be. Vendors often offer variable pricing models: bandwidth is charged
per megabyte; network appliances are charged for CPU consumption; and
data logging requires varying amounts of storage. Total monthly charges
can vary significantly from month to month.
Fixed pricing is easier to budget because a corporation pays a set fee each
month. However, with this option, a business may pay for network bandwidth
that it doesn't use each month.
Next article
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 9 of 14
ONUG Spring 2017 conference issues
include barriers to cloud adoption
Jennifer English, Assistant Site Editor
Twice a year, the Open Networking User Group, or ONUG, hosts a user-
focused conference, where IT executives and analysts come together with
the same purpose in mind: to advance open networking.
Each conference features an impressive lineup of keynote speakers and
sessions, addressing topics ranging from software-defined WAN and hybrid
cloud to IT infrastructure and automation. Founded by Ernest Lefner and Nick
Lippis in 2012, ONUG offers the chance for IT leaders to share goals and
concerns. The ONUG Spring 2017 conference will be hosted by Gap Inc. in
San Francisco, April 25 and 26.
SearchSDN assistant site editor Jennifer English talked with Lippis to discuss
the major topics that will be discussed at the spring conference.
What will be the broad theme of the upcoming ONUG Spring 2017
conference?
Nick Lippis: I think most people will come away from ONUG Spring 2017 with
three major themes. One is that we've come to the realization that the way
we do IT today will be fundamentally and totally different in three to five
years. We're in a really accelerated pace of change, and I think the way that
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 10 of 14
will manifest itself is in the types of tools that are used and the skills needed
to use them. All the ways and processes in which IT was done before are
being rewritten.
The second theme is the architecture of choice is very much grounded in
automation. It's also an infrastructure that is a lot more dynamic, versus the
static one from the last 20 or 30 years. It's hard to put a name on this, but
I've started to call it software-defined cloud -- or a more elaborate term like
a cloud-based software-defined infrastructure. Automation and the dynamic
behavior of the infrastructure really identify this.
The third theme -- and you could argue that it should have been the first -- is
around what's driving all this: digital transformation. It's about how
companies now have to be digital. What it means for IT people is that this is
a once-in-a-career opportunity. It allows them and enables them to become
key business creators for their companies. I think every industry defines
digital transformation uniquely, but it's really the manifestation of both
mobile and cloud computing, and how the ways in which companies now
interact with customers and deliver products and services to customers is
digital.
Why did ONUG choose 'Do network engineers need to understand
programming?' as the subject of the great discussion?
Lippis: That's fundamental to the third theme of digital transformation, but it
transcends all three themes. The way IT organizations are structured is that
IT operations tends to be the biggest group with the largest budget. Those
folks who do design, procurement and capacity management are the ones
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 11 of 14
who, more than likely, will not make this transition. We think the operational
group will shrink by at least a third over the next couple of years.
The new group that will really rise is the group of infrastructure DevOps
people, or full-stack engineers. The way the vendors have been selling to the
enterprise marketplace over the last couple of years has been around one
size fits all, and enterprises then have to spend money trying to customize.
Now, what's happening is it's all about APIs and stitching together the fabric
-- whether it's monitoring, security or infrastructure fabric. To do that, you
need programming skills.
While we think a third won't make it, we think this is a great opportunity for
others. You have to get new skill sets, but the bottom line is that it's going to
pay.
What new topics should attendees expect at ONUG Spring 2017?
Lippis: On the second day, it's all about cloud consumption -- in particular,
hybrid cloud. For the first time at ONUG, we have Amazon, Microsoft, IBM,
Google and Equinix coming. The ONUG hybrid cloud working group
aggregated some of the biggest barriers of entry for cloud adoption, and we
shared that with all of the cloud providers. Each of them will be responding
to that. They will all get a certain amount of time to tell how they're
approaching these problems, how they can be solved and how cloud
consumption can increase. That ends with a discussion of, 'What did we
learn?' and next steps. I think this is the beginning of a journey in which the
cloud providers are fully engaged with ONUG, which is really exciting.
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 12 of 14
What have the other ONUG working groups been doing?
Lippis: The software-defined WAN group is going to publish its first API that
will enable a cloud connectivity component with the SD-WAN space. This
API can be used for cloud providers supporting SD-WAN connectivity, as
well as for corporations and service providers that want to connect multiple
SD-WAN networks together.
The security group has taken an abstracted architecture and is now
publishing a framework focused on how to secure assets in a software-
defined world, regardless of whether the workload is on premises or off
premises. They've done a deep dive into components of their security
framework and will be publishing a paper.
What else has caught your attention in the networking industry?
Lippis: What's been interesting over the past couple of years is the language
vendors and IT execs use to communicate has become broken. What I mean
by this is when an IT exec talks to a vendor about a problem they're having
that needs a solution, the vendor usually hears something to the effect, 'This
IT exec wants me to open up my solution and open source it so they can use
it for free.' And when a vendor talks about its solution for a particular
problem an IT exec has expressed, the IT exec usually hears, 'They're just
trying to lock me in for the next five years into an architecture that's too rigid
and won't be able to change.'
Now, IT execs have cloud providers and open source software they can use
as leverage against the vendors. There's a new dynamic and language
happening in the industry that isn't necessarily helpful. We want to start to
 E-guide

In this e-guide
The best path to a hybrid
cloud network architecture p.2
explore that at this ONUG and look at a way we can communicate with one
another. How do we move forward as an industry with these new elements,
like open source, cloud providers and so forth? It's not something that gets
headlined, but it's something that happens every single day between buyers
and sellers.

Optimize your enterprise Next article

network design for hybrid
cloud p.6

ONUG Spring 2017

conference issues include
barriers to cloud adoption p.9

About SearchNetworking p.14

Page 13 of 14
 E-guide
In this e-guide
The best path to a hybrid
cloud network architecture p.2
Optimize your enterprise
network design for hybrid
cloud p.6
ONUG Spring 2017
conference issues include
barriers to cloud adoption p.9
About SearchNetworking p.14
Page 14 of 14
About SearchNetworking
SearchNetworking.com is one of the largest and most active online
communities dedicated to the enterprise network.
IT professionals in almost every industry rely on SearchNetworking.com for
industry news, technical tips and valuable best practices on topics like routing,
switching, network security, network/systems management, convergence/VoIP
and wireless LANs, so they can keep their networks up to date and cope with
constant change.
For further reading, visit us at
http://SearchNetworking.com
Images; Fotalia
©2017 TechTarget. No part of this publication may be transmitted or reproduced in any form or by any means
without written permission from the publisher.