BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Enterprise cloud deployments have quickly evolved from small scale uses -- often for short-term projects or test and development purposes -- to more diverse and broad-based applications supporting more important workloads. As cloud services have become more sophisticated, enterprise comfort level with the cloud model has increased. Most businesses are now using infrastructure as a service (IaaS). Of the 930 enterprises surveyed in research funded by SaaS provider Rightscaler, 93% are running applications or trialing IaaS.
With the push to use the cloud to support more critical enterprise application workloads, cloud implementations have become more complex, sometimes connecting on-premises applications with a third-party cloud or requiring the transfer of workloads between and among multiple third-party clouds.
This puts the spotlight on how critical secure cloud network services are in facilitating consistent performance and the secure movement of workloads between and among clouds and the customer's premises. Simply put, without the connectivity, there is no cloud.
By its elastic and often multi-tenant nature, the cloud poses some specific networking challenges. Beyond the usual networking concerns about data loss and jitter, enterprise customers may have concerns about the commingling of data in transit. Other issues that surface regarding secure cloud network connectivity include questions about unauthorized access to adjacent resources and applications, and the ability to adjust bandwidth to handle bursts and dips in traffic volume.
Where to find secure cloud network services
Connecting to a provider's cloud facility via the public internet may be the default option, but most cloud providers offer customers alternative connections via partners that promise a greater degree of control and cloud network security. For example, Amazon Web Services provides customers with AWS Direct Connect, a service that enables customers to connect directly via a virtual private connection to AWS' facilities from their own enterprise data centers or from a third-party colocation facility. Direct Connect is delivered via dozens of partners around the world.
Many of the top global telecom providers are offering their own secure cloud network services, typically delivered over their MPLS networks. These services feature varying degrees of integration between the provider's owned cloud networking pipe and the third-party cloud provider's facilities. Frequently the cloud network services are sold in conjunction with the IaaS, and the two partnering companies sometimes sell the bundled services as a joint offer.
AT&T was among the first telecom providers to market a secure cloud networking offer. When the company's AT&T NetBond service was originally launched in 2014, AT&T offered the MPLS-based service to clients through whom it could connect to its own cloud facilities and to those of its partner, IBM.
NetBond provides a secure connection to a dozen third-party clouds, including AWS, Salesforce and Microsoft Azure. NetBond connects the customer's VPN to the provider clouds using a combination of software-defined networking technology and proprietary IP. AT&T NetBond isolates the customer's traffic from other customers' workloads to protect it and ensure optimal performance. AT&T promises 50% lower latency than using a public internet connection.
Verizon uses a similar approach with its Secure Cloud Interconnect (SCI), which leverages the carrier's Private IP network that uses dynamic scaling to transfer client workloads between their premises and third-party clouds. Verizon supports usage-based billing that mirrors the model so popular with cloud users. Verizon SCI can connect customer workloads to a number of third-party clouds, including those run by Coresite, AWS, Google, Microsoft Azure and Salesforce.
NTT and BT also deliver similar secure cloud network services, helping clients avoid the public internet to move their application workloads via a protected connection between their own premises and/or multiple clouds. NTT's Multi-Cloud Connect provides a secure MPLS pathway to Microsoft Azure and Salesforce. At launch last year, the service was only available in Tokyo. NTT added connectivity in London later in the year and has plans to expand into other regions including North America this year.
BT takes almost a brokering role with its Cloud of Clouds strategy, aiming to connect customers to both its own cloud and third-party environments via a VPN. This approach mirrors what Cisco uses with its Intercloud strategy, where the company positions its technology as providing critical brokering capability to securely transfer cloud workloads between and among different environments. Cisco offers its Intercloud Fabric for Business that enterprises can use to move workloads between and among different clouds. The company also offers its Application Centric Infrastructure to automatically provision resources to meet individual workload requirements.
Each approach, as well as secure cloud network services being developed by others, provides customers with options to secure and connect their workloads relatively easily to their provider's resources. This facilitates the kind of portability, stability and elasticity that will help the cloud continue on its growth path.
Find out what building a cloud network means
Gain cloud benefits but eliminate cloud network security concerns
Check out these best practices for cloud security