Why the Economics of Adding a Network Engineer to the Cloud Engineering Team Doesn’t Add Up

neel
By Neel Kamal
Head of Sales, Aviatrix
September 18, 2018

Networking in AWS, Azure or GCP is complicated. (Just take a look at our Day in the Lifelist below.) Many cloud teams naturally assume they’ll need a network engineer with a traditional data center skill set to manage their cloud networking. But from both a skills and cost perspective, that’s just not the case. Let’s examine the business case and the alternatives, including the opportunity that this presents for cloud services consulting companies.

Why the Economics of Adding a Network Engineer to a Cloud Team Doesn’t Add Up

  • Skills Gap. Cloud networking is in fact far different from data center networking. Finding an engineer who knows cloud networking and data center networking is extremely difficult.
  • High Cost. Cloud network engineers are in short supply and high demand, which means they are expensive to recruit and compensate.
  • Not Enough Headcount. AWS, Azure and GCP are marketed as easy to manage, and so your execs are expecting a very lean team. When headcount is being prioritized, it’s difficult to justify a full head for a network engineer who brings nothing else to the team.

The Alternative: Networking as a Service

Networking delivered as a service helps change the value equation. By integrating with major cloud platforms’ native APIs and providing a centralized view from which to manage and monitor networking, a “Network as a Service” solution like the Aviatrix Hosted Service enables cloud engineering teams to take control of networking without the need for deep, traditional networking expertise.

A service offering may also make it appealing for cloud engineering teams to outsource networking to a trusted partner. Networking will require a fraction of the team’s routine tasks, making it an ideal piece to move to a dedicated partner resource.

The Numbers Add Up!

The fully loaded cost of adding a network engineer to a cloud team will be $200K in the U.S. The size of the cloud team is directly proportional to the cloud spend, and so if you embrace Networking as a Service as an alternative, at a fraction of the overall cloud spend, you have positioned yourself for the win.


A Day in the Life of a Cloud Network Engineer

We’re often asked what networking tasks a cloud engineer takes care of. Here is a short list.

Building and Maintaining Network Infrastructure
  • Landing Zone setup with a transit architecture
  • Build connectivity from on-prem to VPCs
  • Build connectivity from VPCs to other account VPCs, including security policies and isolation
  • Build egress controls from the VPC (fully qualified domain name filters for Internet access)
  • Build remote user access systems with policy-based enforcement of who can access what and at what time
  • Build connectivity from VPCs back to on-prem remote offices or partners
Monitoring
  • Monitor and alert on availability
  • Monitor and alert on latency and bandwidth
  • Monitor and alert on egress controls
  • Monitor and enforce user access
  • Monitor and govern route table updates
  • Monitor and govern CIDR block management
Troubleshooting
  • Troubleshoot connectivity issues – EC2 instance to another EC2 instance
  • Troubleshoot connectivity issues – EC2 Instance to an on-prem instance
  • Troubleshoot route table advertisement
  • Packet captures
  • Debug BGP parameters during IPsec build time
  • Identify and resolve overlapping CIDR block issues

Comments

Comments are closed for this post.

Latest Posts


Implementing a Secure Transit DMZ Architecture with Next-Gen Firewalls
By Josh Hammer, October 16, 2018

Talking Innovation, Disruption and Software Defined Cloud Routing with Steve Mullaney
By Frank Cabri, September 28, 2018

Why the Economics of Adding a Network Engineer to the Cloud Engineering Team Doesn’t Add Up
By Neel Kamal, September 18, 2018

Navigating the New Networking Landscape In the Era of Public Cloud Computing
By Frank Cabri, September 7, 2018

A Conversation with James Matsumura
By Sherry Wei, August 27, 2018


Top Tags


Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud GatewayCloud MigrationCloud NetworkingCloudOpsCSRDevOpsElon MuskEnterprise Strategy Group (ESG)GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVLANVMwareVPCVPC PeeringVPN