Networking in the cloud: Do it right or just don't bother


Networks play an important, but often overlooked, role in any cloud implementation. Inded, how the network is designed for the cloud can make a world of difference to how efficiently you are able to offer services to your end users.

Some 53 per cent of decision makers - according to a recent poll by Claranet - said that cloud’s dependency on internet access was a cause for concern during the migration process. “Services are only as reliable and secure as the network down which they are delivered.” adds Michel Robert, Claranet’s UK managing director.

It's clear then, that having the right network architecture in place as a solid foundation is important to ensure uptime and allay fears from the rest of the business that access to cloud services is flaky. So what are the elements of a good cloud network?

Designing the cloud network

Designing, managing, monitoring and securing the cloud requires a very different approach to that of the physical world, according to Trevor Dearing, Gigamon's marketing director for Europe, the Middle East and Africa (EMEA).

“As information and applications are moved from the confines of private data centres and into the cloud, many organisations can suffer from a reduced level of control and visibility of their data,” he says.

“Compounding the problem is the explosion in the amount of data that is crossing the networks every day and that monitoring tools are struggling to keep up – this increases the risk of blind-spots and outages.”

For operational efficiency, it is necessary to provide a reliable, secure and stable network and, while a range of tools are available to help, such as network analytics and security monitoring systems, they are only as effective as the information feed into them.

“The only way to solve the problem is through the use of visibility fabric architecture,” adds Dearing. “This bridges the gap between the world of physical, static infrastructure to the world of dynamic environments.”

Traffic visibility tools identify and appropriately direct traffic to the relevant management, analysis and security tools based on user-defined rules, alleviating congestion and using under-used devices.

“By prioritising critical traffic flows over non-essential ones, one application over another, as well as optimising packet information, visibility tools are able to address issues of over-subscription and deliver the appropriate, relevant and critical information to centralised security, monitoring and management systems,” Dearing says.

Switching and routing

For Chris Harding, director of interoperability at The Open Group, the most interesting aspects of networking in the cloud are routing and switching.

End users must be able to connect to applications running in the cloud and application providers must be able to configure the network so that they can do so. They may also wish to configure the network so that applications can communicate with each other. Finally, one or more of the cloud owner or user organisations may wish to control access to applications by users, or to optimise traffic flows or costs.

“Achieving these goals will require configuration of the cloud infrastructure and of the network routers. The facilities available will depend on the particular products concerned,” says Harding.

A simple scenario is that the cloud infrastructure has a concept of "elastic" or "floating" IP address that can be assigned to a virtual server. In this scenario, access to an application is configured by assigning such an address to the virtual server on which the application is loaded, and establishing the relationship between the application and the address in the internet domain-name service (DNS).

“In more complex scenarios, load balancers might be used to apportion traffic to different virtual servers, and routers might be programmed to re-direct traffic, to filter out traffic from unwanted sources, or to prioritise particular traffic flows,” says Harding.

Harding adds that in traditional corporate network infrastructure set-ups, these types of tasks are perfromed by dedicated network professionals.

“They know about the applications, and the servers that they run on, and configure the network to achieve corporate cost, performance and security goals,” he adds.

With cloud, the situation is different, according to Harding. This is because the network professionals do not know about the applications, which are installed and configured by various users. At the same time, these users know nothing about the servers, or about the applications installed by other users.

“The challenge in this situation is to give the users the ability to configure the network to meet their cost, performance and security goals,” Harding says.

Planning for continual change in the cloud

Another thing to consider is planning for continual change. You might need to move workloads and you'll want to be able to take advantage of the various cloud players out there in order to do so. “Don’t put all your eggs in one basket by relying on a functionality that you can only get on a specific server,” advises Chris Patterson, cloud and hosting services product manager at NaviSite.

He adds that you have to be careful when it comes to hard-coding IP addresses. “If you move a VM somewhere else with a different IP scheme then you have to go back in and find that code and change it. Avoid hard coding network information and use DNS names instead of IP addresses,” he says.

Ronan David, sales manager at EfficientIP, believes that a high performance DNS service is the cornerstone of any cloud infrastructure.

"The DNS is the single point of failure when accessing all the applications hosted in the cloud for users (it is not possible to use the IP address associated to the application server)," he says. "It is therefore imperative to have instantaneous and transparent failover mechanisms to ensure an always-on service. Fast and easy disaster recovery mechanisms and plans need to be put in place as well.”

Is SDN the future of cloud networking?

The cloud will inevitably evolve, which will in turn lead to changes in the way it is used by organisations and end users. But, due to the nature of the delivery model and supporting infrastructure and processes, any cloud implementation you have is future-proofed as far as possible.

“Software Defined Networking (SDN) looks at this point to be the best bet for a standard approach that will be supported by future products and services,” adds Harding.

He adds that this decouples the routing control from the data transport, and should enable the routing within a cloud network to be configured from a single point.

“It will hopefully lead to the identification of a standard set of features that will be supported across a range of products and services. It is not consistently supported yet, and it is still evolving, but is definitely something to watch for the future,” Harding concludes.

Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.