internal network topology
Don't Touch Your Routers! Extend Your Internal Network Topologies into the Cloud
Digg
Reddit
Delicious
StumbleUpon
Facebook
Twitter
LinkedIn
BuzzBy Pavan Pant
One of the questions foremost in the minds of our customers is related to how their internal network topology will translate to the cloud. Every enterprise has a unique network infrastructure which includes specific addressing (subnets), services like DHCP/DNS, identity and directory services like LDAP, firewalls rules and routing rules – all reflecting your specific requirements. Public and private clouds also have unique networking infrastructures that are distinctly different from your enterprise networking architecture, design, and addressing. All this means that applications in your data center will need to be modified before moving to the cloud which incurs additional costs.
CloudSwitch’s isolation technology eliminates the need to re-architect your applications or change your networking infrastructure by allowing you to securely move or provision applications with the cloud provider of your choice. We also provide a secure, layer-2 connection or a network bridge to the data center which means that you don’t need to change any network configuration data and can maintain the same IP address, MAC address, subnet information, etc. Once you have moved applications to the cloud you can operate and manage them just as you would in your data center, and network connectivity will work exactly as it always did in your data center. Most importantly, we provide full network encryption which ensures that malicious users cannot snoop/eavesdrop on traffic being sent between your applications in the cloud, or traffic being sent back to your data center. All of this is delivered automatically as part of the CloudSwitch solution – no special software or configuration is required either in your application or by the cloud provider.
A common request from our customers is to configure their subnets in the cloud based on their specific requirements while still communicating back to the data center in a secure fashion. Here’s an example of a DMZ and an application tier migrated to the cloud from a data center environment using CloudSwitch, where customers have the flexibility to selectively decide which of these tiers can communicate back to the data center:
In this scenario, CloudSwitch has replicated an enterprise’s internal network topology in the cloud. The application tier has been moved to the cloud without any modifications and can communicate back to the data center to authenticate against the Active Directory domain controller. You can also have subnets span across multiple zones, regions and clouds which is the type of flexibility other solutions do not offer. There are absolutely no limitations enforced on building your network topology in the cloud – servers can have multiple NICs associated with different subnets even when the native cloud provider does not support such capabilities. It’s important to note that none of this requires making any changes to your edge devices – no modifications to your router configuration or routing switches, which is not always the case with other technologies.
These are the types of sophisticated networking capabilities that enterprises are looking for to extend their internal network topologies to the cloud and build out their hybrid cloud models. We have seen a growing number of customers express an interest in these capabilities as they get serious about moving production workloads to the cloud. However, most cloud providers have yet to figure out how to meet these networking requirements without requiring investments of time and money to modify applications and networking gear. At CloudSwitch we firmly believe that migrating to the cloud should not require any modifications to your applications (or the need to run them through VM conversion tools), nor should it require any work on your part to change your networking configuration or your edge devices. We’ve built a solution that eliminates the need for any of that work while adhering to strict security standards so your data and network traffic stays safe even when deployed in a multi-tenant environment.
