Moving Past the “Denial Phase” of Cloud Networking Problems

karthik
By Karthik Balachandran
Cloud System Engineer, Aviatrix
June 6, 2017

IT organizations have consistently overlooked one risk category that has haunted their cloud projects and agility aspirations: Operational connectivity to your cloud provider. An analyst put it this way: “Cloud providers built a beautiful highway, but left the on-ramps for the drivers to figure out.”

Amid all the excitement around Cloud-powered scalability, Network Engineers are still responsible for operating this organically growing animal that started off as a small pet (project). I have heard hours of grievances from networking professionals about Public Cloud implementations. The most common ones are:

  • Having to operate in a networking model built by an elite group of software engineers.
  • Lack of a networking console/CLI/UI for all-things cloud (across providers and regions).
  • Poor visibility for troubleshooting (like packet captures or advanced logging).

Does our industry acknowledge that we have a case of “lopsided Cloud agility” where networking is left far behind App development, Compute and Storage? There is a long list of capabilities that will help make Connectivity to the Public Clouds more reliable and consumable for enterprises. Numerous blogs document the unofficial wish-list of IT professionals. Here a few recurring questions:

  • How to design networks where the center of gravity is shifting to the public cloud? (CIDR allocations, multi Availability Zone implementations, cross-region strategy etc.)
  • How to handle overlapping IP addresses during migration to the cloud? (Application owners want to preserve IP addresses into the cloud)
  • How do we manage and monitor this framework with agility that the business demands?

I was pleasantly surprised last week when a series of incidents and announcements started addressing this issue:

Are we finally moving past the denial phase of the problem? Is this the beginning-of-the-end of lopsided agility? Comment below with your thoughts. Let’s share our collective learning and build connectivity and networking models that don’t get in the way of business goals.


Comments

Comments are closed for this post.

Latest Posts


Aviatrix Now Provides FIPS 140-2 Validated Encryption
By Sam Ghardashem, June 14, 2019

How Aviatrix’s intelligent orchestration and control eliminates unwanted tradeoffs encountered when deploying Palo Alto Networks VM-Series Firewalls with AWS Transit Gateway
By Sam Ghardashem, June 7, 2019

How to Use Aviatrix SD Cloud Routing to Build Azure Networks
By Karthik Balachandran, March 20, 2019

The Cloud in 2019 and Beyond: More of the Same, Only Better
By Steven Mih, December 6, 2018

Understanding AWS VPC Egress Filtering Methods
By Khash Nakhostin, November 14, 2018


Top Tags


Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FireNetAviatrix Firewall Network ServiceAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS Transit Gateway (TGW)AWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud Gatewaycloud governanceCloud MigrationCloud NetworkingCloudOpsCSRDevOpsEgress TrafficElon MuskEnterprise Strategy Group (ESG)FIPS 140-2GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNext Generation Firewalls (NGFW)NiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPCI CompliancePci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSafeLogicSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSquidSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringUse Casesvalidated encryptionVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVMwareVNet ConnectivityVPCVPC PeeringVPN