Comparing Your Multicloud Connectivity Options
In the Gartner® report “How to Optimize Network Connectivity into Public Cloud Providers,” Gartner found WAN to cloud connectivity needs are changing. We write about what you should do about it.
In the recent Gartner report entitled “How to Optimize Network Connectivity into Public Cloud Providers,” Gartner finds that “I&O leaders’ requirements for WAN-cloud connectivity are changing, which requires a greater degree of agility and multicloud interworking than their current solutions can support.”1 Their recommendations for enterprises is to “Use Software-Defined Cloud Interconnection (SDCI) to enable multicloud use cases or to improve connectivity flexibility, management simplicity and performance.”
It’s no longer a mystery that multicloud has become the norm in digital infrastructure. Earlier this year, IDC projected that 2021 would be the year of multicloud, with 90% of enterprises around the world relying on a mix of multicloud and legacy platforms to meet their infrastructure needs. SDCI has some key advantages to connecting to multicloud that the other network connectivity methods to public clouds don’t have. We’ll cover some of the pros and cons in this blog post.
Public internet connection to CSP
The most common way to connect your WAN to the cloud is to use a public internet connection to a cloud service provider. There are two ways to do it and both use a VPN. The most basic method is to run a VPN tunnel from your on-premises infrastructure to the cloud service provider’s network VPN.
The other way is to deploy a virtual SD-WAN image within a CSP’s network and connect to that image using a VPN tunnel from the enterprise network location. The benefits of this method include visibility of traffic types that travel from the enterprise WAN to the cloud, and end-to-end performance of network policy/configuration management.
There are many potential pitfalls to running VPN tunnels over the internet to the public cloud. Chief among these weaknesses are scalability and complexity. Gartner writes that this method gets “increasingly complex when dealing with many CSPs.” When you’re managing hundreds of applications in a half dozen or more clouds in many sites, you’re very quickly talking about hundreds of VPN tunnels to manage, as we pointed out in our recent post about “The Hidden Costs of Running Cloud-Hosted IaaS.” Gartner writes that the public internet connection to CSP method “doesn’t scale well with many CSPs, and it has limits in terms of visibility and control.”
Private cloud ports
Another way to connect your WAN to the cloud is to purchase private cloud ports from the CSPs. Using private cloud port services like AWS Direct Connect or Microsoft Azure ExpressRoute can provide better performance and security than the public internet connection to those clouds. The connections are private, direct, and managed by the hyperscaler, and therefore less vulnerable to BGP hijacking over the public internet or other cybersecurity risk.
The major limitation of this method is for multicloud. The connections are one to one, meaning that you must configure a private connection on your end of the infrastructure in the form of an MPLS circuit, an Ethernet connection, or a digital cross-connect service inside a data center or provided by a carrier. The use case for private cloud ports is really best suited for high-traffic applications that are best hosted with one cloud.
If you’re part of the 90% of enterprises that use multiple cloud services, you might need a method that is 1) more flexible and 2) more scalable. This is where private cloud hubs and SDCI providers come in.
Private cloud hubs
There are numerous private cloud hubs to choose from in the colocation industry. Many of the large data center operators claim to offer easy, pre-provisioned private connections to multiple cloud providers.
The catch is, of course, you have to colocate within the four walls of the data center operator to access their private cloud hub. If you’re connecting to numerous CSPs, you’ll have to manage security, billing, and SLAs with each of those cloud providers. The data center operator won’t be able to help you.
In short, you’ll likely be paying a fairly high price for the flexibility of connecting to multiple clouds in one place if you’re not already colocated in the private cloud hub’s data centers.
Private Software-Defined Cloud Interconnection
A similar method to using private cloud hubs is using SDCI instead. With SDCI, you can establish short-term or long-term private connections to many different cloud providers in a point-and-click manner. These network connections are pre-provisioned across numerous data center operators, so you’re not limited to the four walls of a single colocation provider.
When it comes to SLAs, SDCI providers essentially act as network service providers offering their own SLA so their customers don’t have to deal with numerous cloud providers with different technical and administrative needs. The SDCI provider’s network is tightly integrated with the networks of the major CSPs, making it easy for customers to quickly turn up multicloud connections.
According to a recent Gartner survey, “multicloud use cases are one of the top three challenges for I&O leaders who are migrating to CSP services.” In the report, they’ve provided a helpful list of key SDCI evaluation criteria in the appendix. We highly recommend you download the full report to read more about your muticloud connectivity options for your enterprise’s changing WAN to cloud needs.
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.