We see quite a few network teams treating networking inside the public cloud (i.e., AWS, Azure, GCE) as “not my problem”. The scary thing is that IaaS networking capabilities are relatively easy for non-networking personnel to consume, making it easier to make and proliferate sub-optimal network decisions. This doesn’t always end well. That said, it can be enticing – but also highly sub-optimal – to apply traditional proven network practices/technologies inside public cloud infrastructure. We just published research on this topic, and here’s a quick snippet on a few the key points.
- Don’t just forklift existing network technologies. Instead, exploit public cloud benefits by preferring the cloud-native capabilities of the provider.
- Don’t just forklift existing network policies/practices. Instead, modernize the notion of network “ownership” by shifting focus from control to governance within IaaS environments.
We recommend that enterprises exploit public cloud benefits by preferring cloud-native capabilities of the provider, versus forklifting existing data center networking solutions. Nearly all traditional vendors offer software-versions of their software that can be installed in public IaaS clouds, ranging from routers, switches, load-balancers, firewalls etc. However, instead we recommend starting out and preferring the cloud provider’s native networking capabilities. We believe it is a mistake to simply bring traditional stacks into the cloud, as the defacto choice because it limits ability to quickly access new cloud features, increases software costs, adds complexity and operational expenses, and limits agility.
This is not to say that third party tools are never required. Third party tools (which include the shiny new object known as multicloud – blog coming coon) should be used to address feature gaps that are mission critical to the business (i.e., VPN tunnel count limitations), or to enable consistent visibility across a hybrid/multiloud environment. But again, the approach is to fill gaps, support corner-cases, not as the default. And here’s a prediction for those that love predictions: By YE 2021, network teams will spend 3X more time working in public cloud infrastructure than they do today.
Full research is here: Best Networking Practices Inside the Public Cloud
Summary: It is enticing but suboptimal to apply traditional data center network practices within public cloud infrastructure such as AWS and Azure. This research identifies top recommendations for I&O leaders building or optimizing networks in public cloud IaaS.
Note: image via http://www.clker.com/clipart-2709.html