CoIP (Cloud over IP): The Future of Hybrid Networking

Similar documents
Data Center Migration Lift and Shift Use Case Scenario

Secure Bridge to the Cloud

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

Virtualization, SDN and NFV

Zentera Cloud Federation Network for Hybrid Computing

Vblock Systems hybrid-cloud with Cisco Intercloud Fabric

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

CLOUD NETWORKING FOR ENTERPRISE CAMPUS APPLICATION NOTE

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER

VIRTUALIZING THE EDGE

Data Center Networking Designing Today s Data Center

Using SouthBound APIs to build an SDN Solution. Dan Mihai Dumitriu Midokura Feb 5 th, 2014

Driving SDN Adoption in Service Provider Networks

Cloud Fabric. Huawei Cloud Fabric-Cloud Connect Data Center Solution HUAWEI TECHNOLOGIES CO.,LTD.

The High Availability and Resiliency of the Pertino Cloud Network Engine

maximum 2 lines Ultimate flexibility and control for enterprise cloud users plus infrastructure savings of up to 40%

5 Key Reasons to Migrate from Cisco ACE to F5 BIG-IP

Global Headquarters: 5 Speen Street Framingham, MA USA P F

U s i n g S D N - and NFV-based Servi c e s to M a x i m iz e C SP Reve n u e s a n d I n c r e ase

SOFTWARE DEFINED NETWORKING

Lecture 02b Cloud Computing II

Use Case Brief BUILDING A PRIVATE CLOUD PROVIDING PUBLIC CLOUD FUNCTIONALITY WITHIN THE SAFETY OF YOUR ORGANIZATION

Enhanced Enterprise SIP Communication Solutions

Use Case Brief CLOUD MANAGEMENT SOFTWARE AUTOMATION

VMware Hybrid Cloud. Accelerate Your Time to Value

Pluribus Netvisor Solution Brief

Increase Simplicity and Improve Reliability with VPLS on the MX Series Routers

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for On-boarding

Brocade One Data Center Cloud-Optimized Networks

Boosting Business Agility through Software-defined Networking

Cisco Intercloud Fabric for Business

Relational Databases in the Cloud

An Architecture Vision

Deliver the Next Generation Intelligent Datacenter Fabric with the Cisco Nexus 1000V, Citrix NetScaler Application Delivery Controller and Cisco vpath

Proactively Secure Your Cloud Computing Platform

Software defined networking. Your path to an agile hybrid cloud network

Data Center Virtualization and Cloud QA Expertise

The Impact of Virtualization on Cloud Networking Arista Networks Whitepaper

Migration and Disaster Recovery Underground in the NEC / Iron Mountain National Data Center with the RackWare Management Module

Extreme Networks: Building Cloud-Scale Networks Using Open Fabric Architectures A SOLUTION WHITE PAPER

Vyatta Network OS for Network Virtualization

Outlook. Corporate Research and Technologies, Munich, Germany. 20 th May 2010

Windows Server 2012 Hyper-V Virtual Switch Extension Software UNIVERGE PF1000 Overview. IT Network Global Solutions Division UNIVERGE Support Center

EVOLVED DATA CENTER ARCHITECTURE

Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack

Getting More Performance and Efficiency in the Application Delivery Network

Scalable Approaches for Multitenant Cloud Data Centers

The Advantages of Cloud Services

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

A Look at the New Converged Data Center

SDN PARTNER INTEGRATION: SANDVINE

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business

Hyper-V Network Virtualization Gateways - Fundamental Building Blocks of the Private Cloud

What is SDN all about?

Delivering Managed Services Using Next Generation Branch Architectures

VMware vcloud Networking and Security

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module

Cisco Unified Network Services: Overcome Obstacles to Cloud-Ready Deployments

How Solace Message Routers Reduce the Cost of IT Infrastructure

Migration and Building of Data Centers in IBM SoftLayer with the RackWare Management Module

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang Nov 13, 2014

Panel: Cloud/SDN/NFV 黃 仁 竑 教 授 國 立 中 正 大 學 資 工 系 2015/12/26

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

Unisys ClearPath Forward Fabric Based Platform to Power the Weather Enterprise

SOLUTION BRIEF Citrix Cloud Solutions Citrix Cloud Solution for Disaster Recovery

IaaS Cloud Architectures: Virtualized Data Centers to Federated Cloud Infrastructures

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES

Chapter 11 Cloud Application Development

STRATEGIC WHITE PAPER. Securing cloud environments with Nuage Networks VSP: Policy-based security automation and microsegmentation overview

Cisco Secure Network Container: Multi-Tenant Cloud Computing

Improving the Microsoft enterprise. network for public cloud connectivity

Cisco Unified Data Center: The Foundation for Private Cloud Infrastructure

Securing Virtual Applications and Servers

SDN Software Defined Networks

Cost Savings Solutions for Year 5 True Ups

Extreme Networks Solutions for Microsoft Skype for Business Deployments SOLUTION BRIEF

Network Function Virtualization Primer. Understanding NFV, Its Benefits, and Its Applications

White Paper. BTI Intelligent Cloud Connect. Unblocking the Cloud Connectivity Bottleneck. btisystems.com

THE THINKING NETWORK. Software Defined Networks will provide the intelligence the network needs to keep up in a cloud centric world.

Hyper-V Private Cloud Virtualization & Optimization

Cloud Computing - Architecture, Applications and Advantages

Network Virtualization for Large-Scale Data Centers

Data Center Network Evolution: Increase the Value of IT in Your Organization

Global Headquarters: 5 Speen Street Framingham, MA USA P F

Data Center Network Virtualisation Standards. Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

SOFTWARE DEFINED NETWORKING: INDUSTRY INVOLVEMENT

Modern App Architecture for the Enterprise Delivering agility, portability and control with Docker Containers as a Service (CaaS)

STRATEGIC WHITE PAPER. The next step in server virtualization: How containers are changing the cloud and application landscape

Accenture Cloud Platform Unlocks Agility and Control

Transcription:

CoIP (Cloud over IP): The Future of Hybrid Networking An overlay virtual network that connects, protects and shields enterprise applications deployed across cloud ecosystems The Cloud is Now a Critical Part of Enterprise Computing How the Cloud is Being Used Today The cloud is seemingly everywhere these days. For enterprises, the cloud offer advantages in DevOps (i.e., development and operations of applications) as well as meeting the demand for elastic computing. Additional drivers of cloud adoption are the need for high-performance computing, datacenter wholesale or partial migration, i.e., lift & shift, and secure hybrid applications that combine enterprise and cloud computing. The Public Cloud Lowers Infrastructure and Operations (I&O) Costs Dramatically One approach to leveraging the cloud is to create a private, enterprise-only implementation. However, private cloud implementations have been constrained by their need for deep expertise, IT resources and capital investment. Consequently, enterprises are leveraging public cloud datacenter offerings to avoid expensive capital investments (CapEx) as well as to accelerate the time-to-production of applications. Widely-used IaaS cloud vendors such as AWS and Microsoft Azure can offer low-cost cloud resources due to their large aggregated datacenter volumes and aggressive pricing, allowing enterprises to treat the cloud as an operating expense (OpEx). The Cloud Ecosystem is Rich and Growing The overwhelming business benefits of cloud adoption are driving the emerging cloud ecosystem, which is helping enterprises migrate their applications and datacenters to public or outsourced facilities. For instance, MSPs (Managed Service Providers), VARs (Value Added Resellers), SIs (System Integrators), and cloud market place and brokerage vendors are supporting enterprises in moving their on-premise applications to managed hosted datacenters, multi-tenancy cloud datacenters, or hybrid implementations. The cloud industry is becoming a sophisticated ecosystem, and it calls for new technologies. 1

The Cloud Ecosystem Faces Technology Challenges As companies start to leverage this emerging cloud ecosystem, they are encountering a number of challenges. Hybrid cloud infrastructure (IaaS) deployments require significant re-engineering and customization of corporate network, compliance and security infrastructure. Today, enterprises may spend many months, depending on their existing network and information security (InfoSec) infrastructure complexity, to complete a single hybrid deployment for one or a few applications, much less multiple deployments. This section describes the network and InfoSec challenges that the cloud ecosystem must address to make hybrid cloud adoption less complex and time-consuming as well as more reliable and secure. Enterprises Do Not Control Infrastructure Within Cloud Islands The public cloud vendors have evolved disparate and unstandardized infrastructures, which operate as segregated Cloud Islands. Furthermore, these cloud islands are controlled by different service provider administrations, which do not make their proprietary infrastructures directly accessible to enterprises. Within these cloud islands, enterprises have limited control over the lower-level physical or virtual cloud infrastructure, due to service providers security and SLA constraints. The enterprise controls are at the virtual machine (VM) level and above, as shown in Fig. 1, below. The lower-level infrastructure the physical IP network, the cloud orchestration layer, and the virtualization hypervisor controller is accessible only via cloud service provider-specific APIs. Figure 1.Cloud Infrastructure Currently Operates as Disparate Islands Rather than having to manage cloud islands with limited and differing access controls, enterprises want a virtual single-tenancy solution, under enterprise control, that operates consistently on any public cloud. This would allow companies to apply their best network, compliance and InfoSec practices while simplifying cloud adoption. 2

Enterprises Want a Unified Network Fabric to Support Application Portability As part of corporate best practices, most enterprises have customized their internal L2/L3 IP networks as a unified fabric to support applications with network transparency. When enterprises extend their network and computing infrastructure to the public cloud, establishing network transparency is difficult; most cloud vendors provide their own, non-standard methods and controls for setting up L2/L3 networks. Therefore, moving applications to the cloud requires additional customization efforts. These efforts are required to maintain perimeter-based security, sometimes referred to as hard shell, soft core : protecting the enterprise with a strong ( hard ) network boundary and a flat ( soft ) internal network fabric. These perimeters can surround hundreds or thousands of applications, supported by networks that were not designed to allow cloud-based access. Therefore, it is difficult to allow one hybrid application to access the cloud without compromising the security of the rest of the applications the breaking hundreds while moving one problem. The customization efforts needed to avoid this problem can be substantial enough to prohibit widespread cloud adoption. How can these challenges be addressed elegantly and cleanly? In the next section, virtualization is presented as the way to controlling the hybrid network infrastructure and provide a single unified network fabric in hybrid cloud environments. Cloud over IP The New Network Virtualization In the computing industry, abstraction and virtualization have played an important role in the commercial adoption of new, more efficient and straightforward uses of computing resources. Virtualization technology has made great advancements in the past decade, from server virtualization, to IO virtualization, and then to network virtualization, as shown in Fig. 2. Figure 2. Virtualization Enables New IT Functionality These virtualization technologies have significantly improved efficiency within a datacenter by virtualizing the lower level stacks. When enterprises migrate applications to the cloud, there is a need for cross-domain virtualization technology that abstracts the enterprise and cloud network infrastructure into a unified network 3

plane and is agnostic to the underlying infrastructures. Cross-domain virtualization is starting to appear; for example, container technology is a recent virtualization solution that allows applications deployed inside a container to run on top of any hypervisor in any cloud. The next piece of the puzzle is the virtual network that extends across cloud ecosystems. The solution for cloud ecosystems is the next generation virtual network, Cloud over IP (CoIP), which spans across the boundaries of cloud datacenter administrations, using but not changing the underlying IP networks as the forwarding fabric. CoIP presents one unified network fabric to applications, as if all resources were deployed in one enterprise network. CoIP is controlled and managed by the enterprise. It applies to cloud datacenters and enterprise onpremise environments across hybrid cloud ecosystems. CoIP is Like VoIP for the Cloud VoIP (Voice over IP) technology revolutionized phone technology starting in the early 2000s. VoIP is an L4/L5 session and transport layer network that overlays on top of IP networks for phone connection and voice transport. Its ease of deployment and range of functionality significantly improves enterprise productivity while simplifying deployment and lowering costs. Similarly, CoIP is an L4/L5 session and transport layer network that overlays on top of segregated IP networks (i.e., cloud islands), connecting endpoint servers, VMs and containers while using IP networks to transport clientserver packets across cloud ecosystems. CoIP does not require any southbound protocol integration or IP network reconfiguration. Table 1 compares VoIP and CoIP. VoIP CoIP Network Technology L4/L5 Session and Transport Network L4/L5 Session and Transport Network Network Port 5060, 5061 for SIP 443 for CoIP WAN, 9797 for CoIP LAN System Boundary Network Endpoint IP PBX Border Session Controller IP Phone CoIP Controller Virtual Transport Switch Server, VM, container, edge gateway Addressing Portable IP phone number Overlay IP address & private routing Content Voice Any L4-L7 application packets Security Call control Policy control, private routing & transport encryption, chamber firewall Deployment Extremely fast Extremely fast Table 1. VoIP and CoIP Comparison 4

CoIP Provides Hybrid Network Benefits CoIP enables several critical benefits as described below. Enterprises Can Control CoIP Virtual Networks Across Cloud Ecosystems CoIP operates in the OS (operating system), one layer above the virtualization hypervisor, and as a result it is similar to container technology: it is agnostic to the cloud datacenter and operates within the enterprisecontrolled layers. Figure 3 illustrates the cloud stack with the CoIP layer. Figure 3. Cloud over IP is the Next Level of Cross-Domain Virtualization CoIP is a High-Performance Overlay Virtual Network CoIP is an overlay network that is completely decoupled from the underlying L2/L3 IP network fabric. It performs high-speed transport forwarding and does not replace or disrupt the underlying IP switch network. The datacenter physical network fabric has its own critical scalability requirements for high performance switching; CoIP is architected to align with those present or future high performance requirements without replacing L2/L3 switching and routing. Note that this architecture is fundamentally different from hypervisor networks such as Open vswitch. Figure 4 presents the CoIP network stack and where it applies to northbound applications and southbound L2/L3 networks. Applications are Portable Using CoIP Many enterprise legacy applications are coupled with physical network and security settings. As a result, the physical network implementation can limit the portability of applications to the cloud. CoIP has a unique capability for private network routing with its own IP addresses above the cloud; therefore, it can easily support application portability. This is similar to VoIP, which enables any IP phone number to operate anywhere in the world, decoupled from the location constraints of phone numbers tied to physical telecom 5

equipment. As a result, CoIP allows straightforward assignment and routing for any public or private IP address anywhere in the world without constraints due to IP collisions or routing table configurations. CoIP s overlay virtual network model enables applications to be ported, or migrated, to any cloud. Figure 4. CoIP Overlay Network Architecture CoIP Allows Extremely Fast Hybrid Network Deployment CoIP is decoupled from the underlying IP networks and it involves no hardware. CoIP does not require enterprises to open firewall ports or use VPNs. It is an add-on software network and therefore can be deployed extremely quickly. Enterprises can deploy a CoIP network in days, rather than months or years, to connect applications across a cloud ecosystem. In addition to the benefits described above, CoIP also supports enterprise-grade security for hybrid networks, as addressed in the following section. Using CoIP Securely Shields Cloud Deployments Security is a critical consideration when enterprises are deploying IT infrastructure to the cloud. As described above, maintaining perimeter security when setting up a hybrid network using conventional methodologies is a significant and costly challenge. Furthermore, security can be compromised in this process in subtle and damaging ways without being detected. CoIP as the new virtual network paradigm offers an additional layer of security on top of its fundamental capability of maintaining existing security for both the enterprise network and its applications while migrating to the cloud. 6

CoIP Features Support the Application Shield in the Cloud CoIP allows an enterprise to easily shield an application by allowing only specified IP addresses to connect with the overlay network. These IP addresses include the endpoints implementing this application and the IP addresses that the application connects to within the physical network. Other applications in the same enterprise network cannot get into, or hack through, the CoIP implementation; as well, the application running inside the CoIP implementation cannot connect to endpoints on the enterprise network unless specifically permitted by the CoIP network. The key CoIP features that support the application shield are as follows: Private routing on the CoIP network plane Specified physical IP addresses allowed to bridge to CoIP routing via CoIP Edge Gateway CoIP transport encryption for LAN and WAN traffic Firewalls automatically enforced on all CoIP endpoints CoIP is fundamentally a virtualization technology that is scalable. The CoIP application shield is decoupled vertically from the underlying network infrastructure. It is also decoupled horizontally from other CoIP implementations. Since each CoIP implementation is closed and private, enterprises can build multiple CoIP implementations on the same physical network environment without worrying about CoIP address conflicts among them. CoIP Keeps Enterprise Physical Security Perimeters Intact An enterprise perimeter-based firewall system the hard shell, soft core described above is a critical element in protecting enterprise boundaries. As discussed in an earlier section, when enterprises start to migrate applications to the cloud, it is important to maintain the existing security implementation without disrupting the status quo. CoIP technology allows enterprise IT to meet this goal without having to open any pinholes on corporate firewalls. CoIP WAN transport initiates outbound traffic using just port 443. CoIP architecture is designed to work with most existing enterprise firewall policies without change. When the CoIP implementation is ported over a hybrid cloud environment, it is totally under secure control by the enterprise that owns it. The CoIP implementation is a closed, private network that is securely shielded for specifically allowed applications. 7

CoIP is the Next Paradigm for Cloud Ecosystems Figure 5. The Cloud over IP Network Cloud over IP (CoIP) is the next-generation virtual overlay network that is secure, portable, easy to implement, and does not disrupt the existing enterprise network or perimeter security infrastructure. CoIP implements an overlay network for hybrid cloud applications that enables migration from the enterprise to the cloud while shielding applications running in a hybrid cloud environment. In sum, CoIP provides the cloud ecosystem with the security, ease of deployment and accelerated time-to-production that will drive widespread cloud adoption. The future is CoIP and it is here now, as shown in Fig. 5, the CoIP network. Authored by Jaushin Lee, Ph.D., and CEO, Zentera Systems All trademarks herein are the property of their respective owners. 8

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information