Cisco Blogs

Every cloud needs a net

- November 6, 2009 - 1 Comment

Most enterprises have been exploring cloud computing to see how it might work for them.  Cloud computing offers the ability to run servers on the Internet on demand.  The storage, compute, and network functions are positioned and ready for use, so servers can be deployed within minutes, and paid for only for as long as they are in use.

An essential component of any cloud installation is its network.   When servers are deployed in a cloud, they need an external network to be usable.  The network services that they need are more than simple IP connectivity, and each customer of the cloud will need some customization.  Here are some key types of cloud network service.

  • Access:  Firewall and NAT are needed to allow selective access.  Some kinds of access may be offered to the public internet; some access may be restricted to among the virtual computers in the cloud; and a VPN is normally needed to allow system managers and developers to connect to all their vm’s. 
  • Elasticity:  Traffic managers or load balancers are needed to spread traffic among vm’s.  A central selling point of cloud computing is the ability to horizontally scale an application by adding and removing servers and distributing requests among the servers.  To do this some kind of traffic distribution is required.
  • Duplication:  Image transfer methods are needed to move the disks of virtual machines among storage services and between sites.  Any vm must be backed up from time to time, which requires disk transfers.  In addition, many cloud customers will want to transfer vm disks into and out of a cloud for development, legal archives, disaster recovery, or “cloudbursting” (scaling between sites).  These large transfers must be accommodated efficiently and consistently.

Naturally every cloud customer wants its own servers and network services to be logically isolated from others, consistent with the multi-tenant nature of cloud computing.   A customer’s decisions about access security, load management, and optimization should be kept private, and should work independently of all other cloud users.  Depending on the cloud vendor, the customer has three choices:

  • “Roll your own”:  Install virtual machines to do these functions and add them to your application
  • The cloud provider‘s invention:  Learn and adapt special functions implemented by the cloud vendor.
  • Take a slice of a conventional data center network:  Share facilities provided by standard network hardware, and rely on the hardware to keep customers separate.

These choices have a broad impact on the portability of an application and its scalability. They also have implications on the economics and the organization of the cloud itself.   Each enterprise that chooses a cloud design will want to study the cloud network services.  (If there are other network functions I should have mentioned, please feel free to add them in the comments below.)

Naturally, at Cisco we have a product line that supplies these functions for both public and private clouds.  And we’re happy to see these clouds, like those at Savvis, OpSource, and Terremark, available to enterprises now.

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. [...This post was reprinted on]