Providing network connectivity in the cloud gets progressively complex as the cloud environment grows over time. Single region, single cloud environments typically require the least amount of effort. The cloud native capabilities offered by the cloud providers oftentimes are sufficient to address the need. AWS Transit Gateway (TGW), Microsoft Virtual Hub (vHub) and Google Network Connectivity Center (NCC) can cover the basics for the three major public cloud providers.
As more cloud regions are added, the network becomes more complicated and cloud-native limitations start becoming more apparent. Some of these limitations are lack of comprehensive support for dynamic routing protocols, restrictive route table limits, lack of end-to-end segmentation capabilities and so on. Additionally, many traditional IT teams lack sufficient cloud expertise to operate a network relying purely on the cloud-native capabilities.
Ultimately, when multi-cloud becomes a business imperative, multi-cloud network connectivity turns into a monumental challenge. Public cloud providers do not offer cloud-native options for multi-cloud network connectivity. Each public cloud provider’s infrastructure operates differently, which also creates significant operational challenges for the multi-cloud network environments.
There are three major solutions to provide multi-cloud network connectivity – colocations, software-defined WAN (SD-WAN) and cloud backbone.
Colocation facilities are operated worldwide, and they allow enterprises to establish private high capacity cross-connects between on-premises networks and the cloud workloads. Each public cloud provider supports their own flavor of cross-connect. AWS offers Direct Connect, Microsoft Azure offers ExpressRoute, Google Cloud offers Dedicated Interconnect, and Oracle Cloud offers FastConnect.
Multi-cloud network connectivity is achieved by leveraging the cloud cross-connects to reach the cloud workloads and an on-premises network between the colocation facilities in case the multi-cloud workloads are distributed across multiple regions. If multi-cloud workloads are in the same region, they may be connected to the same colocation facility.
Figure: On primesis Network
The use of colocations typically carries high upfront cost due to the investment in colocation space and the network (and security) equipment that needs to be procured, installed, configured, and operated. It is also not uncommon for have these projects last many months, which is not compatible with a promise of cloud agility. A more modern approach to colocations allows employing software-defined controls for provisioning cloud cross-connect. These solutions are called Software-Defined Cloud Interconnects (SDCI).
Software-Defined WAN (SD-WAN)
SD-WAN has gained great momentum since its inception allowing enterprises to migrate their wide area networks from costly MPLS service to leveraging both MPLS and Internet or at times relying only on Internet. SD-WAN achieves that by building a secure overlay network on top of the physical transports. In case of multi-cloud network connectivity, SD-WAN virtual appliances (routers) are instantiated in the cloud. These virtual appliances become part of the overall SD-WAN overlay fabric, effectively connecting the multi-cloud workloads.
Figure: Software-Defined WAN (SD-WAN)
SD-WAN fabric offers centralized management capabilities, to simplify network provisioning and operation in multi-cloud environments.
Cloud backbone offers the most innovative approach to multi-cloud network connectivity. Unlike SD-WAN that uses on-premises transports (MPLS, Internet and cellular) for connectivity and virtual appliances to extend connectivity to the cloud workloads, cloud backbone is built entirely in the cloud, and it leverages the infrastructure offered by the cloud providers to deliver high speed low latency global connectivity. It does not require provisioning of any additional software or hardware and instead uses points of presence situated in the cloud to attach the multi-cloud workloads to the network.
The highly elastic nature of the cloud workloads allows enterprises to consume virtually unlimited capacity and the as-a-service delivery model allows enterprises to pay only for the capacity consumed.