Cloud has been around for the last 15 years, and it seems that many of us are still “migrating” to it. Rather than a one-time lift-and-shift, deploying to the cloud has become another option in the app deployment lifecycle, and applications are evolving to make better use of resources by being “cloud-native.” As organizations are increasingly adopting multiple clouds and mutli-cloud, it’s important to ask what other aspects also need to change in the apps and operations realm. Here are some tips to consider when deploying, mostly around what to avoid…
Don’t Apply a Slow Process to an Agile System
The complexity of modern IT and data center operations have largely depended on project and process management to track the skills and steps required for rollouts and changes to occur smoothly. Deploying a new service like a database required physical installation, network setup, application configuration, and security audit, often from different teams. Depending on the backlog for each team, a server setup could easily take two weeks—but the process was an efficient way to assure that each step was executed properly and avoided conflicts.
With cloud, all of these steps can potentially be performed automatically, simultaneously, nearly instantly, and, most important, non-disruptively. When agility is key, such as during development or in a mature CI/CD deployment pipeline, a dependable process can be replaced with dependable code attached to a lightweight process. When it took time and skill to perform a complex action, it made sense to plan, measure, and apportion. For cloud, an operation can be performed quickly with limited consequences, so planning and tracking should be adjusted so they don’t take more resources than the operation itself.
Don’t Insert Old Management Techniques into New Technology
Another legacy concept pulled into cloud is vertical silos of skills. In local area networks (LANs), it can make sense to have separate teams for networking and security. For technical and historical reasons, networking provides access, and then security restricts it. This separation runs deep within IT, with each discipline having its own separate specialized hardware, monitoring, and often even separate operations centers (NOC vs. SOC).
Inside clouds, networking is linked tightly to security for each endpoint, with a default of no access for most services. While there are constructs in clouds to simulate the behavior of legacy LANs, the primary effect is to remove the security between nodes. That lack of security must then be remediated, often by installing a virtual edition of a third-party firewall—exactly like LANs. In contrast, cloud-native orchestration can implement dynamic security policies per workload, creating micro-segmentation automatically to allow all necessary traffic and block everything else, tightly securing the network.
Don’t Treat Cloud Like a Data Center
If organizations treat cloud like physical-world IT, with legacy practices, it will re-create the associated legacy disadvantages. Silos between IT functions carry forward process delays and miscommunications, rather than the agility of orchestrated workloads. Separating networking and security re-introduces the legacy possibility of a gap in coverage—a spot where there is networking but not external security—and legacy-style policies based on location ignore the identity-based advantages of a zero trust model. None of these problems exist natively in cloud.
Don’t Approach Cloud and Legacy Network Connections the Same Way
Looking toward multi-cloud, one more aspect of current IT and operations practices will need to change: a perspective shift away from “connecting users to cloud” in favor of “connecting applications between clouds.” Most of the current cloud access networking products are derived from technology to connect branch to branch, re-applied with cloud as a destination. However, customers have told us they’ve encountered problems when trying to use simple Layer 3 IP-based solutions to cross-connect clouds, including connectivity issues like IP overlap and security issues like losing native identity metadata in transit. These are fundamental problems that can’t be solved by analyzing Layer 3 traffic for best guess “app detection.” Multi-cloud networking requires a cloud-native approach: orchestration of networking and security between clouds.
If you’re looking for a solution, F5 Volterra is a multi-cloud solution to orchestrate networking, security, and application delivery across public and private clouds. You can try it today by going to: Pricing | Volterra
About the Author
Related Blog Posts
F5 accelerates and secures AI inference at scale with NVIDIA Cloud Partner reference architecture
F5’s inclusion within the NVIDIA Cloud Partner (NCP) reference architecture enables secure, high-performance AI infrastructure that scales efficiently to support advanced AI workloads.
F5 Silverline Mitigates Record-Breaking DDoS Attacks
Malicious attacks are increasing in scale and complexity, threatening to overwhelm and breach the internal resources of businesses globally. Often, these attacks combine high-volume traffic with stealthy, low-and-slow, application-targeted attack techniques, powered by either automated botnets or human-driven tools.
F5 Silverline: Our Data Centers are your Data Centers
Customers count on F5 Silverline Managed Security Services to secure their digital assets, and in order for us to deliver a highly dependable service at global scale we host our infrastructure in the most reliable and well-connected locations in the world. And when F5 needs reliable and well-connected locations, we turn to Equinix, a leading provider of digital infrastructure.
Volterra and the Power of the Distributed Cloud (Video)
How can organizations fully harness the power of multi-cloud and edge computing? VPs Mark Weiner and James Feger join the DevCentral team for a video discussion on how F5 and Volterra can help.
Phishing Attacks Soar 220% During COVID-19 Peak as Cybercriminal Opportunism Intensifies
David Warburton, author of the F5 Labs 2020 Phishing and Fraud Report, describes how fraudsters are adapting to the pandemic and maps out the trends ahead in this video, with summary comments.
The Internet of (Increasingly Scary) Things
There is a lot of FUD (Fear, Uncertainty, and Doubt) that gets attached to any emerging technology trend, particularly when it involves vast legions of consumers eager to participate. And while it’s easy enough to shrug off the paranoia that bots...