In the world where the CIOs have a ‘Cloud First / SaaS First’ manifesto, new applications and services will be prioritized for cloud deployment; existing on-prem applications will be candidates for migration to SaaS or Cloud-hosted alternatives, and cost savings will be a key driver. Where scalability and speed to deliver is in constant demand, the job of an enterprise infrastructure team is to deliver the (increasingly Cloud hosted) applications to their intended end-users in the most performant, reliable, and secure manner.  

Gartner predicts that:

• By 2028 70% of tech workloads will be running in a cloud environment, up from just 25% in Q4, 2023 (Gartner London IOCS 2023)
• In 2024, worldwide end-user spending on public cloud services is forecasted to total $679 billion and projected to exceed $1 trillion in 2027. 

While this shift in WAN landscape is a relatively new concept for enterprises, CDNs have fulfilled similar requirements for SaaS companies and content & media creators for close to two decades. For enterprise WAN, this shift in center-of-gravity of applications away from the legacy data centers and towards the cloud and edge demands a scalable and on-demand network infrastructure that can handle extensive data transfers and real-time communication seamlessly and securely. Traditional WAN solutions often fall short in providing the necessary agility and bandwidth efficiency required by modern applications.  

Top 10 ways CDNs are superior to traditional WANs: 

1. CDNs focus on application architecture and application flows
2. Map the geographies of the applications and end users 
3. Serve the content leveraging global high-speed networks 
4. Leverage SDN for agile/dynamic routing to meet real-time demands  
5. Leverage edge caching in multiple locations 
6. Use intelligent DNS design for failover and load-balancing 
7. Leverage TCP optimization options/technologies 
8. Leverage Anycast routing to provide optimized routing and n-level of fault tolerance 
9. Embed security in transport networks 
10. Provide near real-time scalability and observability 

 Out of these 10, the ones that matter the most for a CDN-like NextGen WAN are: 

Leveraging Global Middle Mile Networks 

A global middle mile network is the high-speed fiber optic infrastructure that connects local and regional networks to the larger internet or private backbone, enabling data transmission across long distances and facilitating global connectivity. It serves as the crucial link between the “last mile” networks managed by local ISPs and the global private or internet backbone. By implementing a global middle mile solution, enterprises can significantly enhance their network performance through optimized routing that traditional internet service providers (ISPs) cannot offer. This ensures higher reliability and lower latency for critical business applications, regardless of the geographical distances involved. 

The Role of Software-Defined (SD-WAN) 

SDN separates the network control plane and data plane, and in CDN world, SDN is a critical enabler for managing complex global backbones and edge networks. SD-WAN extends the principles of SDN to the WAN and brings an unprecedented level of flexibility and control over WAN traffic. It allows centralized administration, consistent policy enforcement, encryption and dynamic adjustment of routes and protocols to meet real-time demands. SD-WAN enables enterprise to use a combination of transport services, including DIA, Broadband, MPLS, LTE and LEO/GEO. By routing traffic based on the application’s requirements and current network conditions, SD-WAN can significantly reduce costs, increase reliability, and provide a more consistent network experience compared to the traditional WAN. Robust SD-WAN platforms like HPE’s Aruba EdgeConnect and Cisco’s Catalyst SD-WAN platform offer sophisticated mechanisms for integrating public cloud infrastructure as an extension to enterprise WAN, brining enterprise WAN and Cloud Networking management capabilities in a single platform. 

Optimize Location, Peering, DNS, Routing & TCP 

Advanced DNS configurations are crucial for enhancing the speed and reliability of a WAN. Intelligent DNS routing can reduce latency by resolving user requests from the nearest server location. 

Anycast routing allows multiple, geographically dispersed ‘front-doors’ to share the same IP address for specific application(s). The network routes user requests to the nearest or best-performing front-door, significantly reducing latency and improving response times by serving users from the closest content node. Incorporating anycast routing also bolsters disaster recovery as traffic can be rerouted to the next available node if one node goes down, ensuring continuous service availability.  

Moreover, TCP optimization technologies are essential for enhancing data transmission speeds across long distances. TCP optimizations adjust the rate at which packets are sent and acknowledge receipt, minimizing packet loss and effectively dealing with varying network conditions. Most mature SD-WAN vendors have some TCP optimization capabilities. 

Integrating carrier neutral facilities is an additional crucial element in building of CDN like WANs. Carrier neutral facilities provide the freedom to connect with many ISPs and Cloud Service Providers within a single location, enabling redundancy and competitive pricing. This flexibility is crucial for enterprises looking to optimize their network infrastructure based on cost, performance, and resilience without being tied to a single carrier. These facilities become strategic points where an enterprise can implement core network functions and house essential network equipment, leading to improved service quality and lower latency due to the proximity to internet exchange points. 

Together, these technologies fortify the enterprise WAN, offering a CDN-like distribution network that is robust, efficient, and capable of meeting the high-performance standards required by modern enterprises. 

Conclusion: Leverage CDN Principles to supercharge enterprise WAN performance 

As we push the boundaries of what enterprise networks can achieve, the integration of above-mentioned technologies is not just an upgrade; it’s a complete redefinition of network capabilities. This is not about keeping up, it is about leading and setting new standards. Adopting a robust WAN infrastructure modeled after CDNs with advanced network technologies not only prepares an enterprise for the demands of today but will set a foundation that anticipates the needs of tomorrow. 

1: https://www.gartner.com/en/newsroom/press-releases/2023-11-20-gartner-it-infrastructure-operations-and-cloud-strategies-conference-2023-london-day-1-highlights 

2: https://www.gartner.com/en/newsroom/press-releases/2023-11-29-gartner-says-cloud-will-become-a-business-necessity-by-2028  

According to the Enterprise Strategy Group, more than half of enterprises surveyed report at least 100 intercloud integrations across their application portfolios with the top 5% reporting 1,000 or more. Multicloud networking provides intercloud connectivity between these distributed environments, whether they are public clouds, private clouds, or hybrid clouds. This connectivity enables data and applications to seamlessly interact and communicate across these diverse cloud platforms.  

Key aspects of a multicloud connectivity platform include: 

1. Connectivity:

Multicloud networking includes establishing physical network connectivity between the organization’s on-premises infrastructure, if applicable, and the various cloud environments being utilized. This connectivity can be achieved through virtual private networks (VPNs) over the public Internet, dedicated connections, MPLS extensions, or cloud-native networking solutions provided by the cloud providers. Multicloud network connectivity increasingly also includes these same types of connections from cloud to cloud.                                                                                                                                                 

2. Data Transfer and Integration:

Multicloud networking facilitates the transfer and integration of data between different cloud environments, interconnecting the virtual private clouds, storage, and virtual machines serving the infrastructure for the applications. This includes ensuring data consistency, security, and compliance as data moves between cloud platforms

3. Traffic Routing:

Multicloud networking involves implementing traffic routing to optimize performance and resource utilization across multiple clouds. This may include dynamically routing traffic based on factors such as latency, cost, and availability of resources

4. Security and Compliance:

Multicloud network security is a critical consideration in multicloud networking. Organizations must implement robust security measures to protect data and applications across diverse cloud environments. This includes enforcing access controls, encrypting data in transit and at rest, and ensuring compliance with regulatory requirements

5. Management and Orchestration:

Multicloud networking requires effective multicloud network management and orchestration tools to provision, configure, monitor, and manage networking resources across multiple clouds. Automation and orchestration play a crucial role in simplifying management tasks and reducing operational complexity. There are a range of multicloud networking solutions, including specialized multicloud networking software, and SD-WAN features such as Cisco Cloud Onramp for Multicloud Connectivity, that simplify multicloud management and orchestration.                                                                                                          

6. Performance Optimization:

Optimizing performance is essential in multicloud networking to ensure that applications and workloads meet performance requirements across different cloud platforms and global geographies. This may involve leveraging content delivery networks (CDNs), edge computing, and other optimization techniques to minimize latency and improve user experience. 

Overall, multicloud networking enables organizations to leverage the unique strengths of multiple different cloud platforms while maximizing flexibility, scalability, and resilience. However, effectively implementing and managing a multicloud network architecture requires careful planning, expertise, and the right combination of tools and technologies. 

For a deeper dive on multicloud networking and security solutions, along with a short summary of multicloud networking companies offering multicloud networking services, see Gartner’s research report, Optimize WAN Architectures for Workloads That Span the Hybrid Cloud and the Multicloud, By Simon Richard, Sumit Rajput, 20 December 2022. 

Multi-cloud Application Deployment and Delivery Decision Making, Enterprise Strategy Group, February 2023 

Note: This Gartner research report is not available for reprint, a Gartner subscription is required. If you would like to schedule a deeper dive on the content covered by this research contact us. 

About Apcela 

Apcela provides software-defined, cloud-optimized networks for the digitally transforming enterprise.  Delivered as a service, we enable enterprises to easily deploy and operate a software-defined network and security architecture that was built for a multi-cloud world. 

Connect with us on Twitter #GoFaster or LinkedIn. 

Media Contact:
Jason Ameris
Apcela
[email protected]
845-414-4573

Some of the key drivers they found for multi-cloud adoption, driving the need for multi-cloud networking solutions, included redundancy, cost optimization, and access to specialized services, with industry-specific cloud platforms becoming increasingly important.  

Based on the state of multi-cloud application deployment, here are 6 of the top multi-cloud networking trends to keep an eye on in 2024: 

1. Interoperability and Standards: According to the ESG study, composable applications are clearly becoming the norm, with more than half of all enterprises reporting that their application portfolio includes 100 or more inter-cloud integrations. As these multi-cloud environments become more prevalent and complex, there is a growing demand for interoperability between different cloud platforms. With each cloud service provider and platform ‘speaking is own unique language,’ standards and protocols facilitating seamless communication and data transfer between cloud platforms will gain importance.

2. Edge Computing Integration: With the proliferation of edge computing and IoT devices, there is a growing need to integrate edge devices and edge computing platforms with a distributed multi-cloud network architecture. This integration will enable distributed applications to leverage resources from multiple clouds, edge locations, and IoT devices efficiently. Multi-cloud networking services will see increasing adoption as a result.

3. SD-WAN for Multi-cloud: Software-Defined Wide Area Networking (SD-WAN) will increasingly play a crucial role as the brains behind multi-cloud network management in 2024 and beyond, providing organizations with centralized control and management of their multi-cloud connectivity platform as an extension of their WAN. Solutions such as Cisco SD-WAN Cloud Onramp for Multi-cloud that are tailored to deliver the ‘language’ translations required for cloud connectivity and interoperability across multi-cloud environments will continue to gain traction. They will begin displacing standalone, niche multicloud networking software platforms from multi-cloud networking companies like Aviatrix and Alkira.

4. Security and Compliance: Security remains a top concern for multi-cloud deployments. In 2024, there will be a greater focus on implementing consistent security policies and controls across all cloud environments. Multi-cloud network security solutions such as Secure Access Service Edge (SASE) and Secure Service Edge (SSE), for improving security posture and ensuring compliance with regulations and standards across multi-cloud environments will see growing adoption.                                                                                                                                                                                                                                                              
5. Automation and Orchestration: Automation and orchestration will become increasingly important for managing multi-cloud network connectivity efficiently. Tools and platforms that enable automated provisioning, configuration, and scaling of network resources across multiple cloud platforms will grow in favor.

6. Cost Optimization: Cost optimization remains a key driver for multi-cloud adoption in 2024. What’s new is that IT organizations now must also focus on optimizing their multicloud connectivity platform costs. It will require dynamically routing traffic based on performance and cost metrics, while leveraging a mix of emerging cloud native transport offerings, public Internet and private cloud connectivity to optimize Wide Area Networking (WAN) and cloud service provider network egress costs.

Overall, the trends in multi-cloud networking are being shaped by the need for increased agility, scalability, security, and cost efficiency as organizations continue to leverage multiple cloud providers and platforms to achieve their digital transformation agendas in 2024. 

Multi-cloud Application Deployment and Delivery Decision Making, Enterprise Strategy Group, February 2023 

About Apcela 

Apcela provides software-defined, cloud-optimized networks for the digitally transforming enterprise.  Delivered as a service, we enable enterprises to easily deploy and operate a software-defined network and security architecture that was built for a multi-cloud world. 

Connect with us on Twitter #GoFaster or LinkedIn. 

Media Contact:
Jason Ameris
Apcela
[email protected]
845-414-4573

                           N=750 
                           Source: Flexera 2023 State of the Cloud Report 

As enterprises tap into multicloud, they are deploying workloads in myriad ways including: 

• Applications siloed on different clouds 
• Disaster recovery and failover between clouds 
• Data storage and integration across public and private clouds 
• Applications with workload mobility across public clouds 
• Individual applications spanning public and private cloud 
• Cloud bursting from private to public cloud 

Regardless of how the enterprise multicloud strategy evolves, one thing is certain, the increased use of multiple clouds and the expanding use cases makes managing networking a daunting task, requiring careful planning, implementation, and ongoing maintenance. In this blog post, we will delve into the intricacies of multi-cloud networking, exploring best practices and strategies to successfully navigate this complex terrain using a software-defined approach. 

To begin, it’s crucial to understand some of the fundamental concepts of multi-cloud networking along with the range of multi cloud connectivity options.  Gartner published a research report, How to Optimize Network Connectivity Into Public Cloud Providers, in which they cover a range of Internet and Non-Internet network connectivity options, outlined in Figure 1 below. 

                                                            Figure 1.

Source: Gartner: How to Optimize Network Connectivity Into Public Cloud Providers 

With the range of multi cloud networking services that exists across these domains, taming multi cloud connectivity is a challenge in itself. Other challenges include:  

• Each cloud service provider (CSP) has their own ‘network constructs’ which is their way of doing networking on their platform. It’s like each CSP speaks their own language and there’s no focus on interpreting the language of other clouds, as they’d rather keep you inside their cloud.
   
• Security and compliance are major challenges as you run applications across multiple clouds. Gaining insight and visibility into what’s happening to your applications on networks in other clouds is a significant challenge.
   
• In the cloud world, network capacity, connection topology, and bandwidth demand can be highly variable, requiring a more agile way to manage logical networks on demand, including providing auto-scaling, virtualization, and resiliency. 

To solve these challenges, you need a universal translator that not only speaks all of the CSP native networking languages, but also has the visibility to see across clouds, can service chain the appropriate security services when and as needed, and has the agility necessary to keep up with a constantly evolving environment.  

Within the multicloud networking realm, there is an emerging solution, which Gartner refers to as Software Defined Cloud Interconnection (SDCI, see Figure 2). SDCI includes a number of multi cloud networking services that begin to solve some of the challenges above. SDCI vendors offer standalone multi cloud connectivity services, but an enterprise can also deploy an SDCI framework as an extension of an SD-WAN overlay. 

                                                                    Figure 2.
Source: Gartner: How to Optimize Network Connectivity Into Public Cloud Providers 

The key is integrating Figures 1 and 2 above. One way to do this is to deploy your SD-WAN environment at the cloud edge in addition to the enterprise edge. Some enterprises are leveraging colocation vendors such as Equinix, Digital Realty, TierPoint, and Cyxtera among dozens of others globally to enable this. Identify the appropriate colocation facilities in your geographies that can provide direct cloud on-ramps, secure colocation space, deploy your SD-WAN breakout, and use it to directly connect to the CSP platforms.  

This leads to a more integrated SDCI platform than simply extending an MPLS or Ethernet Private Line (EPL) from your datacenter to an SDCI provider. Under this architecture any SD-WAN endpoint can interconnect with any CSP platform, regardless of whether the SD-WAN endpoint is transported over a performant MPLS or EPL connection, or over the public internet. 

It also provides improved visibility, and the ability to service chain premises or cloud-based security services, all controlled and routed by the SD-WAN policies. 

Alternatively, find a vendor that will simplify all of this for you by offering your native SD-WAN platform in the SDCI Provider Hub depicted in Figure 2. At Apcela we combine our Arcus Connect multi-cloud networking services to integrate natively with your SD-WAN environment. We also help you orchestrate local access and performant middle-mile connectivity via the API orchestration natively within your SDWAN platform. 

As businesses increasingly adopt multi-cloud strategies, understanding and effectively managing multi-cloud networking becomes vital for success. By implementing the best practices and strategies outlined here, you’ll be well-equipped to navigate the complexities of multi-cloud networking, enabling your organization to harness the full potential of a multi-cloud environment. 

Remember, while multi-cloud networking can be challenging, the rewards are significant. Embrace the possibilities, and with the right knowledge and approach, your organization can thrive in the multi-cloud era. 

1. Flexera 2023 State of the Cloud Report is referenced subject to the Creative Commons Attribution 4.0 International License, no changes have been made. 

2. Gartner: How to Optimize Network Connectivity Into Public Cloud Providers, Refreshed 5 August 2022, Published 19 February 2021, By Lisa Pierce, Danellie Young, Jonathan Forest 

About Apcela 

Apcela provides software-defined, cloud-optimized networks for the digitally transforming enterprise.  Delivered as a service, we enable enterprises to easily deploy and operate a software-defined network and security architecture that was built for a multi-cloud world. 

Connect with us on Twitter #GoFaster or LinkedIn. 

Media Contact:
Jason Ameris
Apcela
[email protected]
845-414-4573

Connecting to the cloud has become an essential part of a modern organization’s cloud-ready Wide Area Network (WAN). According to Gartner1, “To support such rapid adoption, I&O leaders often must connect to cloud service providers (CSPs) quickly and on an unplanned basis, typically by adding incremental internet connections. This can result in suboptimal outcomes in the areas of cost, performance, security, and management.”  

Here we explore the role of private vs. public cloud connections and simplify the options to connect to cloud from the datacenter, WAN, or other private networks and infrastructure. 

What is a Cloud Connection?  

In hybrid cloud environments, where organizations use a combination of on-premises infrastructure and public cloud services, a cloud connection is the network connectivity between these interdependent environments. A cloud connection also enables any range of devices or networks, such as in Internet of Things (IOT) environments, to securely access and interact with remote cloud resources. 

Cloud connectivity is set up through various means, depending on the specific requirements and technologies involved. Here are a three of the primary cloud connectivity types: 

1. Public Internet-based Cloud Connectivity:  

The most prevalent method involves using the public internet to connect to the cloud. Devices or networks connect to the cloud service provider’s infrastructure typically using a Virtual Private Network (VPN). A VPN creates a secure and encrypted connection over the public internet. It allows devices or networks to establish a private, dedicated connection to the cloud, enhancing security and privacy.

2. Cloud Direct Connect:  

Most of the large cloud service providers offer a dedicated, private network connection between a customer’s on-premises infrastructure and the cloud service provider’s data centers. These connections bypass the public internet, providing low-latency, high-availability connections that enable you to reliably transfer data with better performance and resiliency. Examples include AWS Direct Connect, Azure Express Route, Google Cloud Interconnect, and Oracle Cloud Infrastructure FastConnect.  

3. Cloud Connect Services:  

A range of third-party networking services provide cloud interconnection via colocation-based cloud hubs, Multiprotocol Lable Switching (MPLS) based extended cloud WAN interconnects, or Software-Defined Cloud Interconnect solutions which all supply some level of private cloud connectivity between two interdependent environments. 

Connecting to the cloud across these three domains enables various use cases, such as data storage and backup, software deployment, virtual machines provisioning, data analysis, and more. They allow users and devices to access cloud-based applications, services, and resources remotely, offering flexibility, scalability, and on-demand access to computing power and storage without the need for significant local infrastructure. 

When connecting to cloud via Public Internet-based Cloud Connectivity, however, Gartner’s analysts noted 1, “Infrastructure and operations (I&O) leaders who use the public internet to connect with cloud service providers often report experiencing suboptimal WAN performance.” Gartner went on to report that1, “I&O leaders who rely exclusively on CSP public ports often experience performance and cost challenges, particularly when connecting into CSPs they consider strategic.” 

For these reasons, many enterprises have shied away from public cloud ports and internet connectivity, or they’ve started with public connections for the speed of delivery, but have rapidly migrated to Cloud Direct Connects, typically at the 1Gbps or 10Gbps line rate. This works well for connecting a single datacenter to a single CSP in a single region or two, but adding multiple cloud direct connects across multiple CSPs, data-centers, and regions, rapidly increases cost and complexity, while significantly over-provisioning the necessary bandwidth, leading to suboptimal results. Using a Cloud Connect Service often helps to optimize private cloud connectivity as requirements grow. 

In the end, some combination of public and private connectivity is best based on applications, geography, and use cases. Apcela’s global Arcus Platform supports cloud connectivity across all three domains, and we also integrate Software Defined Wide Area Networks (SD-WAN) at the cloud access points for increased agility, like enabling automation and self-service. This delivers the best performance and cost profile for the business across each use case as they connect premises-based resources and users to the cloud.

1. Gartner, How to Optimize Network Connectivity into Public Cloud Providers, Refreshed 5 August 2022, Published 19 February 2021, By Lisa Pierce, Danellie Young, Jonathan Forest 

About Apcela 

Apcela provides software-defined, cloud-optimized networks for the digitally transforming enterprise.  Delivered as a service, we enable enterprises to easily deploy and operate a software-defined network and security architecture that was built for a multi-cloud world. 

Connect with us on Twitter #GoFaster or LinkedIn. 

Media Contact:
Jason Ameris
Apcela
[email protected]
845-414-4573

As organizations continue to embrace cloud computing, the traditional wide area network (WAN) architecture is struggling to keep up with the increasing demand for fast, reliable, and secure access to cloud applications and services.  

Gartner analysts Simon Richard and Sumit Rajput recently addressed these challenges in a Gartner for Technical Professionals research note, Optimize WAN Architectures for Workloads That Span the Hybrid Cloud and the Multicloud (1). Richard and Rajput note that “When they first started deploying workloads in the cloud, most IT organizations realized the WAN that they built when most of their applications were hosted in their datacenters was not fit for hybrid cloud and multicloud computing. They transformed their WANs to make them cloud-friendly.” They did this by extending their existing WANs to cloud service providers via dedicated cloud connections and MPLS-based extensions, but the datacenter was still the center of network gravity.  

We first published a blog covering this transformation, 5 Steps to a Cloud-Ready WAN, some years ago. Fast forward to present, and as enterprises reach the tipping point of hosting more applications outside of the datacenter than inside, and in many cases even shuttering legacy datacenters altogether, Gartner is now finding that “Today, enterprises want to optimize their cloud-friendly networks to make them cloud-centric.” 

The technologies needed to enable this next phase of evolution include software-defined WAN (SD-WAN), secure access service edge (SASE), and software-defined cloud interconnection (SDCI). So how do you bring these three technologies together with the right WAN architecture to move from a cloud-ready WAN to a cloud-centric WAN? 

Let us explore these technologies and how they underpin the recipe for achieving a more efficient and secure cloud-centric network. 

Step 1: Deploy SD-WAN 

SD-WAN is a technology that uses software to control the routing and prioritization of traffic over multiple network links, including Internet, broadband, MPLS, private lines, and wireless (LTE/4G/5G). It offers a centralized management console to orchestrate the cloud-centric WAN overlay. By optimizing routing for each application based on user and application policies, SD-WAN improves application performance, reduces latency, and optimizes bandwidth utilization. 

Step 2: Embrace SASE 

SASE is a networking and security architecture that combines the functions of SD-WAN and distributed security into an integrated service at the network edge. SASE provides a secure and seamless connection to cloud applications and services by integrating software-defined networking (SDN) with cloud-based security functions such as secure web gateways (SWG), cloud access security brokers (CASB), and zero trust network access (ZTNA). By integrating networking and security functions at the edge, SASE simplifies network management, reduces costs, and improves security posture. 

Step 3: Leverage SDCI to Aggregate Edge Access 

SDCI is a technology that extends the principles of software-defined networking to the cloud edge and interconnection. SDCI allows users to automate and orchestrate the deployment and management of physical cloud interconnections using software instead of manual processes and physical infrastructure. By abstracting the underlying infrastructure, SDCI offers a more flexible, scalable, and programmable cloud networking environment. SDCI interconnection points also serve as cloud-centric points of presence, supplying carrier-neutral edge access aggregation and interconnection. Apcela has deployed a global network of SDCI interconnection points. Our Arcus Multicloud Transit Hubs are deployed in 120 cities globally as software-defined points of presence in major carrier-neutral colocation datacenters. 

The final hurdle an enterprise’s IT team faces when moving toward a cloud-centric WAN is uncoupling the local access from their MPLS or Dedicated Internet Access (DIA) services and providers. Traditionally, enterprises have relied on their MPLS and DIA providers to source and manage the local access links at the edge. The service providers connect the local access to their proprietary points of presence (POPs), integrated as a part of the MPLS or DIA service, thus controlling access to all network services. The resulting WAN remains both datacenter and carrier-centric, rather than cloud-centric. Leveraging SDCI-based interconnection points to terminate local access decouples the access services from the network services, shifting the gravity of the WAN toward the cloud, while opening the entire market of network services to the enterprise, and eliminating control by a single vendor.  

Apcela’s Open Access Network further simplifies the process of decoupling access from network transit services. Our global transit hub network serves as the interconnections point for edge sites to interconnect with each other and the cloud, as well as cloud-to-cloud, in any-to-any WAN architecture, orchestrated by the SD-WAN overlay. At each transit hub, the Open Access Network orchestrates access connections such as Ethernet Private Lines (EPL), wireless (LTE/4G/5G), Broadband, and other edge access services across hundreds of local access vendors globally, with total price transparency. 

1. https://www.gartner.com/document/4022416

Written for ONUG Spring 2023: 3 Steps to an Open Access, Cloud-Centric WAN – ONUG | ONUG

About Apcela 

Apcela provides software-defined, cloud-optimized networks for the digitally transforming enterprise.  Delivered as a service, we enable enterprises to easily deploy and operate a software-defined network and security architecture that was built for a multi-cloud world. 

Connect with us on Twitter #GoFaster or LinkedIn. 

Media Contact:
Jason Ameris
Apcela
[email protected]
845-414-4573

In May of 2017, we published ‘5 Steps to Cloud-Ready WAN’, in which we highlighted the accelerated trends of public cloud adoption and shared a 5-step recommendation on how to build a Cloud-Ready WAN. Since having helped numerous large enterprises through the journey of planning and implementing the architectural blueprint we laid out, and reflecting on our recommendations 5 years later, we take pride in our keen industry insights and our foresight, as the principles proposed 5 years ago still hold true, and our recommended approach has become the de facto standard for agile enterprises.

The intent of this article is a deep-dive on one of those five recommendations – Direct Connections to Cloud platforms:

In their article titled Competitive Landscape: Private Cloud Connectivity Services, Gartner highlights, ‘The more enterprises pivot to cloud-based IT for mission-critical workloads, the more they recognize the need for predictability and high performance in their connections to the cloud that internet-based interconnects cannot always guarantee. 

This is reflected in the fact that as of June 1, 2022, AWS highlights 87 DirectConnect partners who provide private fiber extensions from AWS regions to customers’ hybrid/on-prem infrastructure. For Google Cloud, that number is 104 Google Interconnect partners, and Microsoft leads the chart, touting 126 ExpressRoute connectivity providers. 

To enable dedicated site-to-cloud connectivity, AWS DirectConnect, Microsoft ExpressRoute, and such are delivered to customer locations as a private WAN (dedicated last mile access) and a cross connect at a colocation. Almost all enterprises start with one primary CSP, and one or two dedicated private cloud connections, and eventually grow more connections to the primary CSP, or add connections to additional CSPs, as they embrace multicloud.

Eventually, more applications and workloads are migrated to cloud, and more cloud regions are added for distributed application delivery platform and high availability. This results in enterprises procuring more and more single-purpose private cloud on-ramps, each of which has its dedicated tail/access circuit. 

Exhibit A: AWS DirectConnect Extended to a customer site, with a single function last mile access circuit

Exhibit B: Multiple private cloud extensions, each with their own single function last mile access

Apcela recommends converting the access circuits enabling AWS DirectConnect (or Azure ExpressRoute) into a multicloud link instead of a single purpose connection and levering existing SD-WAN or augmenting the connection with new SD-WAN for end-to-end multicloud connectivity orchestration.

Exhibit C: A DirectConnect or ExpressRoute converted to a Multi-Cloud Access

5 reasons to convert your AWS DirectConnect to a multicloud on-ramp: 

1. Cost efficiency: Achieve private connectivity to multiple regions of multiple clouds with a smaller number of overall connections. The access circuits are often the most expensive piece of private cloud connections, and by making each such link a multi-purpose link, the enterprises can significantly reduce the total number of last mile connections required for multicloud connectivity.
2. Greater visibility and control: The access connectivity augmented with SD-WAN enables QoS and app-aware performance-based routing, which further optimizes the ROI.
3. Better High Availability: With SD-WAN as an overlay technology the multicloud access links can be complemented with available Internet (DIA/Broadband) transport resulting in improved high-availability.
4. Encryption: Most SD-WAN platforms have overlay encryption enabled by default, which provides data confidentiality while in transit.
5. Extended reach: Reach any cloud region globally by leveraging Apcela’s latency-optimized global core network. 

Four triggers for decision making: 

1. Underutilized DirectConnect circuits
2. Higher costs due to number of DirectConnects
3. Lack of encryption
4. Lack of visibility and analytics across the DirectConnect circuits 

If you are an enterprise with existing private cloud connections, and rely on these connections for business-critical, performance-sensitive applications, Apcela offers a consultative approach for design services and customized solutions based on your requirements. 

At Apcela, we help with a minimal change, minimal disruption approach to converting a single-purpose cloud connection into a multicloud connection.

In 2022, the term “multicloud” is no longer a new one; by now, you are probably familiar with many of the advantages of this approach to cloud computing. Within this framework, an organization relies on cloud services sourced from more than one vendor. With multicloud, various Cloud Services Providers (CSPs) are utilized as opposed to a single provider, and they each contribute distinct resources and capabilities to meet the specific needs of their client. 

There are many advantages of multicloud computing, as indicated by its rapidly growing popularity. Because CSPs can differ greatly from one another in terms of capabilities, compatibility, and cost structures, a multicloud approach can allow companies to select a combination of those best suited to their needs. For organizations looking to increase the control they have of their data and its management, multicloud offers best-of-breed capabilities and helps avoid vendor lock-in. In addition, it offers users the power to select for themselves the most cost-effective provider for their needs. Gartner claims that by 2025, more than 90% of enterprises will pursue a multicloud infrastructure and platform strategy (1).  

Despite these significant and noteworthy advantages, the complexity of multicloud computing brings with it some as-yet unfaced hurdles. As you move towards the adoption of a multicloud approach, here are some challenges your organization might face and approaches towards dealing with them. 

Challenge 1: Reach  

Enterprises embracing cloud adoption require infrastructure workloads deployed globally in a truly distributed manner.   

One challenge to the broad implementation of a multicloud approach is the problem of global reach. Enterprises embracing cloud adoption and distributed microservices based application architectures must optimize the application delivery architecture and user experience through the consistent, global deployment of workloads. This imperative creates a need for reliable connectivity from users and developers to globally distributed CSP regions.  

In many ways, the global reach of multicloud is one of its largest advantages over the traditional single-cloud model. Where enterprises have, in the past, been forced to select a single CSP and limit themselves to locations offered by that one provider, they can now take advantage of the locations offered by several CSPs. For example, while Google GCP has a location in Buenos Aires that Microsoft Azure does not, Azure has one in Copenhagen that is not offered by Google. Where an enterprise would have been forced to choose between these locations in the past, multicloud enables them to benefit from both of these locations if desired, and many more. Essentially, instead of relying on the locations offered by a single provider, multicloud allows use of an expanded set of global network of locations across various providers.  

However, this advantage comes with the challenge of managing a larger network of locations. Because every location requires a degree of individualized management, the expanded set of possible locations available to enterprises can become inconvenient or even impossible to maintain without assistance. A third party can help to manage this network and launch changes at scale.  

Map of SaaS apps and Apcela AppHubs

Challenge 2: Transit Architecture 

Organizations must decide whether to rely on cloud native constructs or deploy a homogenous transit network architecture across CSPs. 

Another of the most challenging problems faced by enterprises looking to adopt a multicloud approach is the implementation of a manageable and consistent architecture. With a single-cloud model, users could typically work within the context of the native architecture specific to their chosen CSP. Though cloud providers typically utilize distinctive and incompatible architectures, their incongruity was inconsequential because they were not in communication with each other. Now, multicloud requires both an understanding of the architectures specific to all selected cloud providers as whatever capabilities are necessary to synchronize the distinct architectures. Organizations can adopt a transit architecture which is homogeneous across all CSPs. With this strategy, the transit architecture is deployed within the CSP infrastructure or at a CloudHub at the edge of CSP region to abstract networking and security complexities from the Cloud private networks. This architecture allows for the user to adjust it to best meet their needs and accommodate existing technologies in a manner that one focused on cloud native constructs cannot. 

Challenge 3: Scale, Consistency, and Compliance 

The chosen architecture must be deployed at scale with high-availability, cost-efficiency and automation in mind.  

An additional problem in the implementation of multicloud architectures is that of implementing them at scale, in compliance, and with consistency across locations and cloud providers. Though these problems exist in some form even in single-cloud architectures, they are magnified by the larger task of distributing information not only across a larger range of locations but also with the added complications of working within the context of multiple CSPs simultaneously. Because of their complexities, multicloud architectures are singularly vulnerable to inconsistencies and vulnerabilities which can be costly and time consuming to resolve.  

As successful multicloud frameworks are much more complex but must still ensure implementation, functionality, and compliance across the board, it can be difficult to issue changes across all locations easily and accurately without inconsistencies. The best way to overcome these challenges is to utilize a unified management center which ensures that information is communicated quickly and effectively while the necessary conditions for compliance are met.  

Challenge 4: Performance 

Information should be communicated quickly and accurately. 

Another problem that arises with a multicloud approach is that of ensuring high performance. Specifically, a well-designed and successfully executed multicloud implementation will communicate information across the shortest, most reliable path with the required quality-of-service treatment for end-to-end connectivity between the users and applications. In order to guarantee high performance, organizations must ensure that the infrastructure equipment can support the throughput and encryption requirements of multicloud. 

One reason performance is complicated in a multicloud setting is that latency increases when information is moved between clouds via the internet. Where a single-cloud implementation can communicate information promptly within the cloud provider’s infrastructure, multicloud models incur a separate delay when they communicate externally with one another. The best way to manage this challenge is to design your multicloud implementation such that information is not stored in one cloud and processed in another except where absolutely necessary. However, as this problem is not always so easily avoidable, it is best to have systems in place to help minimize performance complications when they do arise. 

Challenge 5: CSP Standardization  

Each cloud provider’s implementation for networking stack is unique. 

Finally, a significant challenge being faced as organizations transition to a multicloud approach is that of the lack of standardization among CSPs. Each of the three major CSPs (AWS, Azure, GCP) has a set of control mechanisms and application programming interfaces (APIs) distinct to itself, and they are managed and developed in accordance with their established structures. Though there are architectural commonalities, the implementations differ from CSP to CSP. Because of this, each CSPs uses what is essentially a fully distinct language to operate its infrastructure, and implementing them in conjunction with one another can be excessively complex.  

One solution to this problem within the context of the multicloud model is to have a third-party vendor that exists in the middle of the various CSPs and translates the different languages into a simplified and unified version. Once converted, this information is passed by the translator to the end-user for ease of management.  

5 Ways to Solve These Challenges

The various complexities of multicloud listed above are challenging to address without expert intervention. A third-party provider can work with organizations to ease management of multicloud connectivity and orchestration; however, most solutions have only been solved in silos thus far. We recommend implementing an end-to-end solution utilizing the following recommendations:  

1. Connect to an edge location of a global middle-mile provider to reach from any corporate location to any cloud region globally, in a performant manner 
2. Deploy standardized transit architecture at the edge of the cloud regions (preferably at colocations) instead of inside every CSP environment, to achieve standardization and cost optimization 
3. Use Automation and Orchestration to achieve scale and consistency in configuration and management 
4. Employ SD-WAN and connect to distributed transit architectures at collocations to achieve the best performance 
5. Leverage API abstraction to decouple requiring interactions with each CSPs in their native language 

How Apcela can help you?

As multicloud connectivity becomes both increasingly complex and important in the modern world, there is a growing need for an evolved end-to-end solution. Enterprises require reliable and cost-effective means for connecting data centers, branch offices, and remote workers to Cloud and SaaS regions globally, while abstracting the physical and virtual networking complexities, and enabling a consistent distributed architecture. This is where Apcela comes in.  

The Apcela Arcus Multicloud Router was developed specifically to solve the challenges outlined here, and to provide a single managed service to help enterprises effectively use multicloud.  

Apcela Arcus Multicloud Router leverages modern SD-WAN tools, virtualized networking platforms, and orchestration technologies like Terraform and Ansible to deliver end-to-end orchestration of multicloud connectivity provisioning from a physical, on-prem device to public cloud providers like AWS, Azure and GCP, for site-to-cloud and cloud-to-cloud connectivity over the fastest private network available. The solution is augmented by Apcela Arcus Intelligence platform providing enhanced visibility and analytics for application awareness, fault detection and isolation, with an end objective of self-healing networks.  

Sources: 

1. https://www.eweek.com/cloud/predicting-cloud-trends-for-2022-migration-multicloud-and-esg/  
2. https://www.itprotoday.com/performance-management/multicloud-architecture-3-common-performance-challenges-and-solutions 
3. https://www.gartner.com/en/newsroom/press-releases/2021-08-02-gartner-says-four-trends-are-shaping-the-future-of-public-cloud 
4. https://www.gartner.com/smarterwithgartner/modernize-it-infrastructure-in-a-hybrid-world 
5. https://www.gartner.com/smarterwithgartner/why-organizations-choose-a-multicloud-strategy 

The phrase “multi-tenant cloud” refers to a cloud computing architecture that allows customers to operate in a shared environment, typically a public or a private cloud. Within this model, the tenants are physically integrated while logically isolated – meaning each customer’s data is invisible to others. Multitenancy in cloud computing can also refer to shared hosting, where server resources are shared among several applications. Most public cloud providers, such as Amazon AWS, Microsoft Azure, and Google GCP use a multi-tenancy model.  

Section 2: The benefits of using a multi-tenant cloud solution 

Multitenancy has many advantages, as the sharing of resources can allow for an exponential increase in productivity. A multi-tenant architecture enables far more use from a single hardware or software platform by chunking cloud capabilities for sale to multiple customers. Oftentimes, cloud computing users do not consume the full bandwidth available, so sharing this among multiple customers can maximize the use of available resources.  

With this model, cloud vendors can provide increased storage and greater accessibility for a lower price compared to single tenancy. Thanks to modern sophistication of multitenancy, this greater access to resources by a larger group of people does not sacrifice privacy and security or slow down applications.  

Section 2.1: Manageability and scalability  

A multi-tenant architecture provides high levels of agility and scale. Capabilities can be rolled out across all customer locations easily through cloud services and turning up new services is much faster through virtualization than physical infrastructure. Further, cloud providers using multi-tenant architecture can manage multiple platforms simultaneously, allowing faster service and lower down time.  

Multitenancy eliminates the need for individual users to manage infrastructure and handle updates and maintenance, especially if they use a Managed Service Provider (MSP) to act as a single pane of glass. 

Section 2.2: Security  

Historically, a single-tenant architecture was regarded as the most secure as this architecture delivered the application in isolation from other customers sharing the cloud. With multiple tenants, there is more perceived risk of data loss, data theft, and hacking as multiple customers have access to the same environment. However, customers in the same multi-tenant space are not aware of other ‘tenants,’ and data is kept entirely separate. Security problems migrating from one tenant to another is possible, but very rare. Many MSPs also offer additional security services for cloud computing. 

Section 2.3: Benefits for IaaS, PaaS, and SaaS 

Multi-tenant architecture is a key component for various types of public cloud services, including Infrastructure as-a-Service (IaaS), Platform as-a-Service (PaaS), and Software as-a-Service (SaaS). Architecturally, IaaS and PaaS are inherently multi-tenant, as these incorporate shared services at the infrastructure layer, allowing users to create, manage, and launch apps. PaaS, which provides the framework for developers to work in a cloud environment, utilizes multitenancy to give users scalable flexibility with reliable hardware and software. A SaaS vendor can use multitenancy to host their application in a data center and provide web access to multiple tenants. For example, Salesforce is a CRM SaaS Platform that uses a multi-tenant architecture in order to simultaneously provide service to thousands of customers. 

Section 3: The cost-benefit analysis of a multi-tenant cloud   

Most importantly, multitenancy is cost-effective. An organization who needs to access multiple cloud providers with a range of products will save money by working with a multi-tenant MSP compared to working independently with a single vendor, such as AWS. A flexible approach like this is perfect for organizations that are growing rapidly, especially as a provider simplifies management and saves time with multitenancy.  

However, an enterprise who deals exclusively with a single private cloud provider and needs to transport large data sets with strict security requirements may wish to pursue a single-tenant contract. This use case is becoming less and less frequent in the age of distributed cloud. Another possible downside is if one tenant consumes more than their ‘fair share’ of compute, it can throttle performance for other tenants. Again, this is a rare occurrence, but it can be avoided with single tenancy or with proper management of a multitenancy environment.  

Section 6: Multitenancy architecture  

A multi-tenant architecture works because of the physical integration of data combined with virtual logical separation. Imagine an apartment building. There are multiple tenants managed by the same landlord, but the living spaces are separated. These tenants pay less for a portion of a building than they would pay for a stand-alone house and can access a set of shared amenities with individual keys. They are physically located under the same roof, but logically, live separately and are unaware of the ongoings of other tenants. Multitenancy in cloud computing is much more complex (you can’t hear loud neighbors!) but operates similarly. 

Section 7: How Apcela can help you? 

The Apcela Arcus Platform multicloud connectivity and orchestration solution enables enterprises to seamlessly integrate core data centers, regional offices, and remote users with SaaS and IaaS Providers, all as a service. With a software-defined approach and the ability to push security to the edge, the Apcela Arcus Platform extends the traditional enterprise WAN to the cloud. 

Our multi-tenant cloud solution incorporates private fiber connectivity to Cloud/SaaS regions (cloud on-ramps), and orchestration of standardized network and security transit architectures at the AppHubs and in public CSP infrastructure to offer the most cost optimal means of achieving multi-cloud connectivity while maintaining security and compliance requirements.  

We at Apcela want to help enterprises avoid the pitfalls of single-vendor reliance and have relationships with several cloud providers right at the source. Our AppHubs can lift and shift existing stacks to avoid changes within vendor relationships and can manage this all with minimal changes in your teams’ day to day while fulfilling the improvements you seek. To learn more, visit https://www.apcela.com/contact/  

Sources: 

https://www.techtarget.com/searchcloudcomputing/definition/multi-tenant-cloud  

https://www.datamation.com/cloud/what-is-multi-tenant-architecture/ 

https://www.cloudsavvyit.com/11484/what-is-multi-tenancy-and-how-does-it-impact-saas-applications/ 

https://www.computerworld.com/article/2517005/multi-tenancy-in-the-cloud-why-it-matters.html