The multicloud era is here. There is no denying that businesses large and small are accelerating the pace of moving applications and data to not only private and public clouds, but multiple clouds. It’s a strategy that holds a lot of promise but is not an easy one to pull off, in either the move to the cloud or managing mission-critical digital assets once they’re in the cloud. At Cisco, we’re rapidly building out a portfolio of products and services designed to ease the transition to a multicloud environment and the managing of that environment once it’s in place.
We are running a series of three blogs laying out what is involved in creating a multicloud strategy and how Cisco can help. In the previous blog, we talked about the demands on CIOs and IT executives to embrace public clouds to help drive greater agility, efficiencies and cost reductions throughout their businesses and help their companies become more competitive. We also outlined the considerations that need to be addressed and choices made when developing an effective multicloud strategy.
However, as we mentioned, while the cloud can deliver improved agility, speed and cost efficiencies, operating in such a distributed environment comes with its share of obstacles that need to be overcome. In this blog, we’ll outline some of the key challenges organizations face when moving to a multicloud environment and steps to take to overcome those challenges.
Multicloud Network Challenges
Bringing the public cloud into the IT mix means not only dealing with requirements inherent in the cloud, but also with how a company’s IT assets in the public cloud securely connect to on-premises network (including data centers, branches, campus and co-location facilities). Businesses also need to determine the granular application-centric networking requirements. When IT connects new a new data center or branch site, they have control over how the networking works at the new site, which creates consistency in the implementation. However, when the public cloud is added into the IT mix, IT does not have much control over how the networking core in the cloud is designed. They can only access available networking services via APIs most likely not consistent with how their on-prem networking works. It is essential to consider the following networking-related requirements:
- Establish connectivity across on-prem and public cloud domains
- Identify what on-premises aspects – such as the data center, branches and/or campuses – need to be connected to the public clouds
- Establish secure cloud access and perimeter security – Active Directory, key management, certificates management, VPC (virtual private cloud) and on-prem firewall adjustments
- Monitor network link performance, such as bandwidth and latency
- Find an optimal network path to access applications running in the newly added public clouds
- Identify networking needs for secure access to the internet (DIA), SaaS apps and data from branches
- Identify the need to have a CoLo presence for faster and bigger bandwidth to the public clouds and determine when to go through the CoLo site and when to go directly to the public clouds
- Optimize secure network connectivity to multiple public clouds and paths from data centers, branches, CoLo and other clouds
Multicloud Security Challenges
Security rightfully so has been a long-standing concern of many IT folks when using a public cloud. Multicloud security entails not only perimeter security but also the security of access, users, applications running on a public cloud, SaaS apps and data. Access and user security also includes securing mobile devices as perimeter security does not cover many aspects of adopting multicloud. It is essential to consider the following security related requirements:
- Establish non-cloud-native security, such as SaaS, application, data and user security
- Monitor security threats by gaining real-time visibility into anomalies and analyze the access by users and apps in the clouds and on-premises
- Establish secure cloud access and perimeter security
- Reduce the complexity of design and implementation of a layered security model that covers end users, multiple cloud environments, branches, applications, SaaS data and data centers
- Reduce number of fragmented security solutions from disparate vendors that make the security implementation complex
- Implement consistent security policies and automation between on-premises environments, SaaS and multiple clouds
Multicloud Consumption Challenges
Public clouds bring additional and new dimension to provisioning applications on their environments, managing app performance SLAs, employing governance policies and performing application lifecycle management. In general, IT staff has processes when it comes to using on-prem IT environments for governance and lifecycle management. When a public cloud is added, the IT applications operating processes, compliance, governance, lifecycle management and, above all, performance SLAs do not go away, but they are critical to consuming multicloud. Organizations need to consider these consumption requirements:
- Define target application architecture, such as VMs, PaaS and containers, for apps that are intended to run on them
- Identify management needs for deploying applications on multicloud environments, including autoscale and bursting
- Employ multicloud management with governance and lifecycle management, as well as visibility and control over the costs of multicloud resources used
- Optimize performance SLAs along with consistent performance management tool for apps running on multicloud
- Address complexity in building a hybrid cloud application deployment
There is no shortage of challenges when moving to the multicloud, as we’ve outlined above. However, a clear understanding of what those challenges entail and of concrete steps that should be taken can help minimize them. Cisco has the tools and expertise to help customers overcome the barriers and reap the benefits of a multicloud strategy. Our final blog in the series will outline the myriad solutions and services in our multicloud portfolio.