BLOG

Navigating the Cloud Evolution with a Multicloud Networking Strategy

Derek Yee Miniatur
Derek Yee
Published March 19, 2024

Is multicloud networking really magic?

In the rapidly evolving realm of cloud computing, multicloud networking is witnessing a renewed surge in interest. Recent acquisitions by vendors previously lacking a comprehensive multicloud solution underscore the growing demand among customers for a streamlined solution to help them navigate the complexities of multicloud.

However, amidst this resurgence, it's becoming increasingly clear that the attempts by many of the players in the market are somewhat shortsighted, and they are missing the real opportunity to drive down the complexities customers are facing.

The network is fundamental but limited

As cloud computing continues to evolve, multicloud networking is now emerging at the forefront of enterprise technology considerations. The proliferation of computing capabilities beyond traditional data centers, extending to remote edge facilities and physical branch offices, is forcing a new paradigm between physical and cloud environments. With the advent of containerization, microservices, and APIs, applications have become increasingly decentralized and dynamic, posing new challenges to conventional network architectures. These applications can now be deployed across highly distributed locations—no longer constrained by the need for massive server farms.

The vast majority of multicloud networking solutions available today predominantly focus on the network transport layer. The network as we know it today is not application-aware—that’s not what it was intended for. Additionally, the network was predominantly designed for site-to-site (north-south) connectivity and isn’t equipped to support the rise in east-west app service connectivity that extends beyond clusters in a single cloud or physical site. This is why we see problems arise when companies undergo significant mergers or acquisitions, where disparate IP addresses stored in network routing tables must now share the same infrastructure and inevitably run into challenges with IP overlap, increasing operational complexity.

Traditional networks are often perceived as "dumb pipes" and generate considerable operational overhead and inefficiencies that hinder development teams in highly agile organizations. Many try to resolve these issues starting with the network, only to discover the shortcomings of this approach. 

The Kubernetes dilemma

Kubernetes has emerged as an essential tool for orchestrating these distributed containerized ecosystems, enabling agility and scalability of massive proportions. Kubernetes, an open-source container orchestration platform originally developed by Google, has rapidly gained adoption as the de facto standard for containerized application deployment and management.

Kubernetes provides a platform for automating the deployment, scaling, and management of containerized applications. By abstracting away the underlying infrastructure, Kubernetes empowers developers to focus on building and deploying applications without being encumbered by the complexities of managing infrastructure resources. However, Kubernetes in and of itself (at least in its open-source form) brings a certain degree of complexity of its own. Hence the prevalence of commercial distributions that aim to abstract some of the complexity away.

But this brings us right back to where we started. Take for example one of the more widely commercially available distributions, Red Hat OpenShift. OpenShift is widely deployed in enterprise environments, predominantly in on-premises data centers. These same enterprises also deploy service clusters in the cloud, for example in AWS, and are more than likely using Amazon Elastic Kubernetes Service (EKS) and would like to integrate services into Red Hat OpenShift on AWS (ROSA). Discreet tooling environments that aren't designed to be integrated—the multicloud problem rears its ugly head once again.

The cloud network security gap

Every multicloud networking solution available in the market today will bring some degree of inherent security, from advanced segmentation to native network firewall and service insertion capabilities. But again, we miss the driving factor of applications. These solutions fail to account for the malicious threats that employ business logic attacks that compromise distributed application services and API endpoints that span multiple cloud and edge sites. The network can be secure while still leaving the applications they service vulnerable to attacks. Enterprises are forced to deploy multiple point security solutions and apply a tremendous amount of governance by security teams to ensure that their entire distributed hybrid and multicloud application catalogs are protected.
 

Making the case for secure multicloud networking

Video excerpt: Defining secure multicloud networking with Kyndryl and F5

Forward-thinking enterprises are rising to the challenge and reshaping the landscape. Take McGraw Hill, for example. Faced with an urgent need to migrate critical applications to the cloud, McGraw Hill prioritized application needs and security requirements, selecting F5 Distributed Cloud Services to meet their stringent demands. With F5, they can seamlessly extend their on-premises network to any cloud environment, ensuring consistent application-level security across any cloud.

Similarly, the Agriculture and Rural Economy (ARE) Directorate of the Scottish Government recognized the necessity for a new paradigm to address modern application architectures. Leveraging Distributed Cloud Services, ARE effortlessly transferred workloads between OpenShift and EKS, embracing the flexibility and agility of multicloud environments. As Neil Smith, Head of Infrastructure, put it, "Multicloud environments are here to stay. With F5, we can pivot and take advantage of a containerized, Kubernetes environment with a full complement of services and solutions that support this move."

These success stories exemplify a shift towards an application-centric and security-focused approach to multicloud networking. By prioritizing application needs and security requirements while complementing pre-existing underlying network infrastructure, enterprises can navigate the complexities of multicloud environments with confidence and efficiency. Secure multicloud networking, not “magic,” will help organizations that are built on modern application architectures harness its power to drive innovation and success in the digital age.