The term “cloud” has this amorphous, ethereal feel to it to many non-technical audiences. Like something that’s out there, but not fully grasped. Some sort of magical place where a user sends and receives applications and data from somewhere out there. But as a technical person, you know it’s not so magical. It’s about making the right connections.
The challenge is that each cloud—whether public, private, or SaaS—has its own connectivity standards. And the complexity represented by those standards multiplies as the number of clouds increases. With 97% of companies using multiple clouds, connectivity becomes a big issue.
This is where Cisco can help.
Due to the breadth of Cisco’s portfolio, we’re uniquely positioned to help you harness the power of your clouds. Cisco solutions align with the way you use your clouds to deliver a consistent experience to all users, connect multiple clouds, support the future of work, secure your cloud workloads, and simplify cloud operations.
In this blog, the fourth in a series of five, we’ll take a look at the challenge of connecting to multiple clouds and how Cisco can help.
Over the next few weeks, we’ll roll out more blogs to highlight other ways you manage your cloud ecosystem.
Connectivity That’s Not Too This or That
Connectivity is a constant dance between providing easy user access and securing the network. This is especially difficult when, as we mentioned, you have multiple clouds and each cloud has its own standards. And add the internet, which carries your cloud workload, and the challenge that it is generally outside of your control.
Connecting the Clouds
Think about the various cloud connections you may have in your organization. Whether you’re using AWS, Google Cloud, Azure, your own private cloud, or any of hundreds of SaaS clouds, you must contend with the unique connection standards for each. With a herculean effort, it might be possible to manually write scripts to connect to each of those clouds. Possible, but not easy.
Unfortunately, those cloud standards don’t remain static. Cloud providers continually introduce new and modify old APIs. That may be great for improved service and performance, but it wreaks havoc on your connectivity issues. That’s why you need to automate these interconnects based on common policies. You need to be able to define what you expect from your clouds, the level of service the workload requires, and who can access the data and/or applications. While the clouds may differ, the policies should be consistent.
And finally, because change is as constant as the need for consistency, the entire operation should be centrally managed.
Cisco® Cloud Application Centric Infrastructure (Cisco Cloud ACI) https://www.cisco.com/c/en/us/solutions/data-center-virtualization/application-centric-infrastructure/cloud-aci.html provides this type of multicloud connectivity. It is a comprehensive solution for simplified operations, automated network connectivity, consistent policy management, and visibility for multiple on-premises data centers and public clouds or multicloud environments. The solution captures business and user intents and translates them into native policy constructs for applications deployed across various cloud environments. It uses a holistic approach to enable application availability and segmentation for bare-metal, virtualized, containerized, or microservices-based applications deployed across multiple cloud domains. The common policy and operating model will drastically reduce the cost and complexity of managing hybrid and multicloud deployments. It provides a single management console to configure, monitor, and operate multiple disjointed environments spread across multiple clouds.
Connecting the Users
There are two levels of user connectivity when it comes to the cloud. The first is the process for the user to gain access to their connection. This is typically handled through some type of policy-driven network access control. For our purposes, we’ll focus on the second level of connectivity—users connecting to their cloud workload, primarily applications. This is typically handled through the SD-WAN edge.
In this case, it is the SD-WAN solution that automatically establishes the connection based on enterprise policy and designates the needed QoS for the application. Solutions that support visibility of application and infrastructure performance beyond the WAN edge help ensure the appropriate user experience.
Cisco SD-WAN https://www.cisco.com/c/en/us/solutions/enterprise-networks/sd-wan/cloud-onramp.html provides this secure, cloud-scale WAN for companies that support thousands of endpoints across branch offices, colocation centers, and clouds. The solution’s on ramps and interconnects make it easy to access multiple clouds while providing the same level of security and application performance as they do with their on-premises solutions.
The recent integration of Cisco SD-WAN with ThousandEyes Internet and Cloud Intelligence https://www.cisco.com/c/m/en_us/solutions/enterprise-networks/sd-wan/internet-cloud-intelligence-sdwan-infographic.html?oid=ifgetr025581 enhances your cloud capabilities by providing deep insights from the enterprise campus across internet, cloud, and SaaS infrastructures. The integration enables rapid and scalable deployment of ThousandEyes vantage points on Cisco Catalyst 8300 and 8200 Edge Platforms as well as Integrated Service Routers (ISR) 4000 Series for the branch and campus WAN edge.
ThousandEyes Enterprise Agents run natively on eligible Cisco routers with IOS XE network software stack (17.6.1) as a container application. That means there is no need for extra compute resources at each branch site for ThousandEyes, thereby eliminating the need for IT expertise at the branch level and reducing the cost to install and manage any additional resources. An additional leap in productivity results from the ability for Cisco vManage to orchestrate the deployment and initial provisioning of ThousandEyes agents across all the SD-WAN branch routers anywhere in the world from a centralized console.
Securing the Connection
Because of the distributed nature of the cloud, the connection becomes a critical element of end-to-end security. To be truly effective, this security must be robust without imposing cumbersome processes that might encourage users to work around the measures. As such, security that is integrated into the SD-WAN edge and delivered as a service tends to be simpler and more effective.
If this combination of security and network edge sounds familiar, it should. Secure access service edge combines networking and security functions in the cloud to deliver seamless, secure access to applications, anywhere users work. Core functions include software-defined wide area network, secure web gateway, firewall as a service, cloud access security broker, and zero-trust network access. The SASE model aims to consolidate these functions in a single, integrated cloud service.
With Cisco SASE https://www.cisco.com/c/en/us/products/security/sase.html , you get the benefits of a SASE model from a single vendor who is the leader in networking and security. As result, you get best-in-class networking, security, and observability—while offering the flexibility and investment protection to transition to the cloud at your pace. Cisco provides all the building blocks of a SASE architecture today, brought together in a single offer.
Ultimately, that’s what makes Cisco such a powerful choice for cloud connectivity. We’ve been a leader in securely connecting users since the very early days of networking and the internet. No one has the breadth and depth of cloud solutions, experience and expertise. That’s how we make all your clouds work smarter.
Blog 2 – Security in the Age of Cloud
Blog 3 – Cloud and the Hybrid Future of Work