Network Centric Cloud

Public cloud infrastructure-as-a-service (IaaS) was introduced to the market more than eight years ago as a way to provide computing capacity at a lower cost than deploying actual physical servers. Many other cloud service providers have jumped on the bandwagon to offer low cost, best-effort cloud services. While a market for these services clearly exists, most of these services don’t meet the enterprise requirements for a more reliable and secure computing platform. The problem lies in the fundamental challenge that end users have in using a server-centric cloud approach to solve problems better addressed by networks.

The public cloud IaaS market is booming and expected to grow by 47% from USD 6 to 9 billion from 2012 to 2013. The overall public cloud computing market, including SaaS, PaaS, IaaS and other related services, will grow from USD 110 to 131 billion over the same period with a CAGR of 41.3% through 2016. While significant, cloud computing still represents less than 3% of the USD 3.7 trillion spent on IT per year.

It begs the question, “If cloud computing is so hot, why is it still just 3% of the overall IT industry?”

In spite of the growing use of public cloud IaaS, the late majority adopters are still concerned about reliability, risk and security. Early adopters have leapt forward to use the public cloud IaaS for testing and development, web and SaaS hosting, analytics and big data processing, applications that are not mission-critical and certain enterprise IT workloads. Still, cloud platform reliability, Service Level Agreements (SLAs), security and control prevent broader adoption.

Limitations of server-centric clouds

The early cloud platforms were developed using a server-centric architecture that makes it more difficult to secure and assure uptime due to a lack of true network control. The initial focus of cloud IaaS was on spinning up virtual servers quickly and at low cost. Using a more grid computing model for horizontal scale, the early clouds were built using a relatively flat network topology and very little control over where your servers were deployed. Networking came in the form of networking appliances or proxies setup on a virtual machine to act as a firewall, load balancer or other network device. Sometimes automated, sometimes not, cloud service providers made it easy to spin up a server and difficult to tailor security and networking to an organization’s specific requirements.

Without being able to configure networks at the “networking layer,” early public cloud IaaS users had to either BYOS (bring your own security) or engineer a more complex deployment to have the reliability and security required by the application.

This server-centric model still is the dominant approach today, which makes it more difficult to build truly scalable, highly reliable and secure multi-tier web applications. Not impossible, just more difficult. Even SLAs are impacted by architecture. Just take a look at our white paper that compares public cloud SLAs or read a bit more in a recent blog post, The State of Public Cloud SLAs.

Our network-centric cloud approach

A more network-centric approach to cloud is necessary. It seems almost absurd to think that it is easy to spin up virtual servers on physical servers and add storage on actual storage devices and almost impossible to spin up a firewall or load balancer on an actual network device in the cloud.

While a sysadmin or network engineer would never think of deploying a virtual server on a flat network and adding security and load balancing later, this is actually how most people deploy cloud applications.

Until cloud service providers provide automated, self-service provisioning of actual networks in the cloud, their end users will struggle (and overpay) to deploy applications with the reliability and control they require of mission-critical applications. Software-defined networking (SDN) holds promise; however, implementations should control network devices rather than network proxies on a virtual machine.

Unlike other cloud providers, Dimension Data enables users to setup cloud networks just as easily as a cloud server. We enable our users to deploy VLANs, firewalls and load balancers all on a Cisco switch. Rather than having to deploy a host- based firewall on VM or subscribe to multiple security services, organizations can deploy network capabilities using our web-based UI or REST-based API.

Once a VLAN is deployed, end users can assign cloud servers (with customizable CPU, RAM and storage) to the VLAN and customize firewalls for additional security. This makes it easy to deploy multi-tier web applications with segmented VLANs for cloned web, app and data tier servers.