This document discusses how multi-cloud networking is impacting enterprises and the role of SD-WAN. It notes that most enterprises now use multiple private, public and hybrid clouds which adds complexity to managing networks and applications. It suggests that the traditional WAN approach does not work well for multi-cloud as the edge becomes more important for directing and prioritizing traffic between cloud environments. SD-WAN is presented as providing an abstraction layer and intelligent edge to effectively manage traffic in multi-cloud networks.
2. 2|
Coevolve overview
A leading global provider of telco-independent SD-WAN and cloud networking solutions
Coevolve was established in 2014 to drive enterprise adoption of next-generation networking technologies such as SD-WAN.
We currently provide services to global enterprises in more than 60 countries on six continents
Telco-Independent Integrated SD-WAN Solutions
Our fully integrated, co-managed SD-WAN and security solution for
enterprises of all sizes
SD-WAN Professional Services
Our Professional Services team provides assessment, planning, design
and implementation services to augment in-house capabilities
Cloud Networking Solutions
We can help extend the enterprise WAN into the public cloud, with our
comprehensive design, integration and management services
Team of SD-WAN specialists in US, Australia and SE Asia
Co-Managed by 24 x 7 x 365 Coevolve Response Center
More than 290 ISPs and telcos used for SD-WAN underlay
Advanced API-based reporting and analytics capabilities
3. 3|
Introduction
Multicloud means the use of multiple private, public and hybrid clouds for applications and infrastructure
How real is Multicloud? It is impacting enterprises of all sizes!
80-85% of cloud adoption
Multicloud
Added complexity
4. 4|
Why is Multicloud being adopted?
If it adds complexity, then why Multicloud? And how is it being adopted?
Multicloud is often not planned, but analysts agree that enterprises need to embrace, rather than restrict its use
Analyst perspective
Multicloud computing decisions usually rest on three
considerations:
Sourcing: The desire to increase agility and
avoid or minimize vendor lock-in. The decision
may be driven by a variety of factors, including
availability, performance, data sovereignty,
regulatory requirements and labor costs.
Architecture: Modern applications are, by
design, created in a more modular style. They
can span multiple cloud providers or consume
services from multiple clouds.
Governance: To ensure operational control,
enterprises want to unify administration and
monitoring of their IT systems. They want to
standardize policies, procedures and processes
and share some tools — especially those that
enable cost governance and optimization —
across multiple cloud providers.
Source: Gartner 2019
What type of Multicloud? Which providers are being used?
The consistent feedback we hear from enterprises is that the traditional
approach for the Wide Area Network does not work in this Multicloud model.
5. 5|
What will be expected of the enterprise WAN?
If the traditional approach no longer works, what needs to change?
It all starts with
the underlay
More intelligence
needed at the edge
Cloud providers offer
new architectures
Integrated security is
essential
• Maximize provider choice
• Leverage the best-
performing providers at
each location on the
network
• Optimize for bandwidth –
demand will continue to
rise in a Multicloud
environment
• Everything looks the same
to a traditional router
network – HTTPS traffic to
external IPs
• Need to be able to
differentiate between
critical business apps and
lower priority traffic
• Not just transactional
traffic – even demanding
real-time traffic is moving
to the cloud
• Backhauling traffic is no
longer viable when it
represents 80%+ of the
usage of the WAN
• Users expect to be able to
operate everywhere with
the same functionality –
not just in the office
environment
• Zero-trust model looks
increasingly viable for
more enterprises
• The ‘center of gravity’ of
enterprise WANs is
moving away from on-
premises data centers
• Cloud environments are
no longer considered as
spokes, but an integral
part of the environment
• Cloud providers offering
more products to keep the
traffic on their backbones
– Azure Virtual WAN, AWS
Transit Gateway, etc.
6. 6|
Cloud Providers are changing the WAN topology
Products like Microsoft’s Azure Virtual WAN provide alternatives to traditional backbone designs
• For many enterprises, the ‘center
of gravity’ of the WAN is moving
toward cloud providers
• New models are emerging to
leverage Cloud Provider
backbones to replace inter-region
MPLS connectivity
• Automation options available
including API-based integration
with several SD-WAN vendors
• Some challenges with this model,
particularly relating to
consumption model – usage-based
vs. traditional fixed cost for circuits
7. 7|
Addressing security in the layered enterprise WAN
Analyst perspective – best practices
Monitor across all “clouds” to detect erroneous
behavior as far as configurations and user activity.
Implement the latest patches and set up a SIEM
environment with tiered structure severity levels.
Monitor and keep a record of all logs into the
system with unified threat management (UTM)
functionality such as intrusion detection system
(IDS) /intrusion prevention system (IPS).
Automate as much as possible to minimize the
number of manual tasks (which are prone to error).
Work with the cloud provider to ensure alignment
on its responsibilities of securing the cloud
environment versus the customer’s responsibility to
secure everything else.
Implement periodic vulnerability scans (depending
on your security requirements, typically each week
to each month).
Source: Gartner 2018
The WAN must be able to provide the right level of control and filtering for each type of traffic
Source: https://medium.com/taslet-security/cyber-security-framework-for-multi-cloud-environment-e7d35fd32bd6
8. 8|
SD-WAN as the intelligent edge
With a variety of cloud destinations, the edge becomes critical in directing and prioritizing traffic
Several key trends are emerging:
• SD-WAN provides the abstraction layer between the
underlay and overlay – use any underlay, and design the
network at the overlay layer
• Application-level and user-level policy management is
critical for traffic classification, prioritization and steering
• Advanced analytics help identify trends and anomalies in
the network, even in complex Multicloud environments
• Local compute is increasingly important in more industry
verticals as enterprises seek to reduce remote site
footprint
Global
backbone
9. 9|
Summary
The changes being driven by Multicloud will likely impact enterprise WANs within the next refresh cycle:
• Communicate effectively with several cloud environments in a single WAN, with a decrease in the use of dedicated private interconnects
• Increase use of Internet-based connectivity at the edge where applicable
• Prioritize critical application traffic flows to/from, and between Multicloud environments
• Leverage newer, cost-effective alternatives for inter-region private network connectivity
• Consider whitebox deployments at the edge to increase flexibility and support additional service requirements
• Identify functions that can be performed by service providers / partners vs. performed in-house
Multicloud environments will require a more sophisticated edge, and SD-WAN can provide a foundation for this
Increasingly common
Arises organically
Differences between:
Multicloud
Hybrid cloud
Intercloud
Reasons for Multicloud adoption
Redundancy, avoid vendor lock-in
Shadow IT --> Ease of deployment deployed by lines of business directly
Purpose-specific segregation of workloads; e.g. development and production environments
Hybrid cloud extremely common due to on-prem to public cloud progressive migrations
Traditional networks cannot handle easily the added complexity of Multicloud environment
Complex to integrate
Increased cost
Poor user experience
Underlay
SDWAN success depends on this
True redundancy is critical
OVERLAY: Edge Intelligence
App/user aware routing towards SaaS, CSP, SCG
Edge compute emerging
MORE OVERLAY: Cloud provider changes
Not only the spoke but also the fast lane infra
Not only CSP but also cloud exchange providers
Allows for multiple overlays
Relies on Edge for intelligent path selection
OTT SERVICES: Security
Moved to the cloud
80% traffic going there anyway
No more backhauling for security reasons
Zero trust model appealing for inbound
Realistically, VNFs FW quite common
Orchestration as key to:
Consistency (orchestration)
Platform-wide patching
Automate as much as possible reduce human error
Next level:
Analytics to feed AI/ML engines
SO… WHERE DOES SDWAN FIT?
SDWAN providing
Intelligence at the edge
App recognition
Best suited path as opposed to just ‘best path’
Automation and orchestration
Analytics
Benefits of TRUE SDWAN solution
Easy to implement and operate
Secure
Programable
Future proofed (potential to go even further)
All this facilitates progressive adoption
SDWAN adoption as fundamental step