Network Design Considerations for Hybrid Clouds

With so many cloud networking options available today, virtually no two hybrid clouds will be built the same way. It takes a keen understanding of the business, as well as of the available networking options, to create the hybrid solution that's best suitable for your specific goals.

Here are some of the more common technical network design considerations to consider when designing or expanding a hybrid cloud.

Cloud WAN connectivity choices

Likely one of the first major decisions that will need to be made is which WAN connectivity choice is best to connect your private and public cloud infrastructures. The most widely used choice is a classic site-to-site virtual private network (VPN) tunnel across the Internet. VPNs are affordable and easy to setup. They do, however, have drawbacks. The most obvious being you have no control over dedicated throughput and latency due to a lack of quality of service (QoS) capabilities over the public internet.

If you require dedicated bandwidth and low latency/jitter, a better option is to choose one of the many dedicated cloud connectivity options that most cloud service providers offer.

Also, consider redundancy of cloud resources. You can choose to spin up multiple VPN tunnels, leverage two or more dedicated direct connect links, or a combination of the two. Modern software-defined WAN (SD-WAN) platforms can be used in multi-link scenarios to improve performance and uptime.

hybridcloud.jpg

Routing vs. switching between public and private clouds

Depending on your WAN connectivity choice, you may have choose between routing or switching across cloud instances. There are pros and cons to each.

Switching between public/private clouds allows you to extend VLANs between data centers, which can provide numerous benefits from a high availability (HA) and a business continuity and disaster recovery (BC/DR) perspective. Network overlays can assist with bridging WAN links if necessary.

Alternatively, many opt to route between data centers to provide completely separated and isolated IP subnets. Benefits here include improved security due to L3 separation and ease of growth.

Virtual networking options

The most obvious choice when it comes to virtual networking is to use the built-in networking tools provided by default from the cloud provider. However, if you are looking for seamless integration with your existing, private network, you may want to install your own virtual network switches, routers, firewalls, and load balancers as virtual machines. These third-party virtual appliances allow network architects to extend the private-side network into one or more clouds. The benefit here is that you can also extend the same application and security policies across both the public and private clouds without having to recreate them.

While choosing to deploy third-party network appliances is certainly the more expensive choice, the reduced amount of administration overhead can quickly recoup the cost on medium-to-large hybrid deployments.

Designing a multi-cloud hybrid architecture

If your cloud roadmap includes a pathway toward a multi-cloud architecture, you should also take these plans into consideration. Most of the popular infrastructure as a service (IaaS) providers use at least some proprietary processes and techniques when it comes to virtual networking. Thus, to streamline and create a uniform, end-to-end multi-cloud network, you have two choices. The first is to use third-party virtual networking appliances as described above.

The second is to use some form of multi-cloud management platform to provide unified networking capabilities across all private and public cloud infrastructures. The primary decision point between the two is whether your organization requires the additional tools built-in and offered by a multi-cloud management platform.