We see quite a few network teams treating networking inside the public cloud (i.e., AWS, Azure, GCE) as “not my problem”. The scary thing is that IaaS networking capabilities are relatively easy for non-networking personnel to consume, making it easier to make and proliferate sub-optimal network decisions. This doesn’t always end well. That said, it can be enticing – but also highly sub-optimal – to apply traditional proven network practices/technologies inside public cloud infrastructure. We just published research on this topic, and here’s a quick snippet on a few the key points.
- Don’t just forklift existing network technologies. Instead, exploit public cloud benefits by preferring the cloud-native capabilities of the provider.
- Don’t just forklift existing network policies/practices. Instead, modernize the notion of network “ownership” by shifting focus from control to governance within IaaS environments.
We recommend that enterprises exploit public cloud benefits by preferring cloud-native capabilities of the provider, versus forklifting existing data center networking solutions. Nearly all traditional vendors offer software-versions of their software that can be installed in public IaaS clouds, ranging from routers, switches, load-balancers, firewalls etc. However, instead we recommend starting out and preferring the cloud provider’s native networking capabilities. We believe it is a mistake to simply bring traditional stacks into the cloud, as the defacto choice because it limits ability to quickly access new cloud features, increases software costs, adds complexity and operational expenses, and limits agility.
This is not to say that third party tools are never required. Third party tools (which include the shiny new object known as multicloud – blog coming coon) should be used to address feature gaps that are mission critical to the business (i.e., VPN tunnel count limitations), or to enable consistent visibility across a hybrid/multiloud environment. But again, the approach is to fill gaps, support corner-cases, not as the default. And here’s a prediction for those that love predictions: By YE 2021, network teams will spend 3X more time working in public cloud infrastructure than they do today.
Full research is here: Best Networking Practices Inside the Public Cloud
Summary: It is enticing but suboptimal to apply traditional data center network practices within public cloud infrastructure such as AWS and Azure. This research identifies top recommendations for I&O leaders building or optimizing networks in public cloud IaaS.
Note: image via http://www.clker.com/clipart-2709.html
How to Evaluate Cloud Service Provider Security
Effective cloud security assessment processes require a very pragmatic and risk-oriented approach.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.