Navigating the Cloud Evolution with a Multicloud Networking Strategy

In the rapidly evolving realm of cloud computing, multicloud networking is witnessing a renewed surge in interest. Recent acquisitions by vendors previously lacking a comprehensive multicloud solution underscore the growing demand among customers for a streamlined solution to help them navigate the complexities of multicloud.

However, amidst this resurgence, it's becoming increasingly clear that the attempts by many of the players in the market are somewhat shortsighted, and they are missing the real opportunity to drive down the complexities customers are facing.

As cloud computing continues to evolve, multicloud networking is now emerging at the forefront of enterprise technology considerations. The proliferation of computing capabilities beyond traditional data centers, extending to remote edge facilities and physical branch offices, is forcing a new paradigm between physical and cloud environments. With the advent of containerization, microservices, and APIs, applications have become increasingly decentralized and dynamic, posing new challenges to conventional network architectures. These applications can now be deployed across highly distributed locations—no longer constrained by the need for massive server farms.

The vast majority of multicloud networking solutions available today predominantly focus on the network transport layer. The network as we know it today is not application-aware—that’s not what it was intended for. Additionally, the network was predominantly designed for site-to-site (north-south) connectivity and isn’t equipped to support the rise in east-west app service connectivity that extends beyond clusters in a single cloud or physical site. This is why we see problems arise when companies undergo significant mergers or acquisitions, where disparate IP addresses stored in network routing tables must now share the same infrastructure and inevitably run into challenges with IP overlap, increasing operational complexity.

Traditional networks are often perceived as "dumb pipes" and generate considerable operational overhead and inefficiencies that hinder development teams in highly agile organizations. Many try to resolve these issues starting with the network, only to discover the shortcomings of this approach. 

Kubernetes has emerged as an essential tool for orchestrating these distributed containerized ecosystems, enabling agility and scalability of massive proportions. Kubernetes, an open-source container orchestration platform originally developed by Google, has rapidly gained adoption as the de facto standard for containerized application deployment and management.

Kubernetes provides a platform for automating the deployment, scaling, and management of containerized applications. By abstracting away the underlying infrastructure, Kubernetes empowers developers to focus on building and deploying applications without being encumbered by the complexities of managing infrastructure resources. However, Kubernetes in and of itself (at least in its open-source form) brings a certain degree of complexity of its own. Hence the prevalence of commercial distributions that aim to abstract some of the complexity away.

But this brings us right back to where we started. Take for example one of the more widely commercially available distributions, Red Hat OpenShift. OpenShift is widely deployed in enterprise environments, predominantly in on-premises data centers. These same enterprises also deploy service clusters in the cloud, for example in AWS, and are more than likely using Amazon Elastic Kubernetes Service (EKS) and would like to integrate services into Red Hat OpenShift on AWS (ROSA). Discreet tooling environments that aren't designed to be integrated—the multicloud problem rears its ugly head once again.

Every multicloud networking solution available in the market today will bring some degree of inherent security, from advanced segmentation to native network firewall and service insertion capabilities. But again, we miss the driving factor of applications. These solutions fail to account for the malicious threats that employ business logic attacks that compromise distributed application services and API endpoints that span multiple cloud and edge sites. The network can be secure while still leaving the applications they service vulnerable to attacks. Enterprises are forced to deploy multiple point security solutions and apply a tremendous amount of governance by security teams to ensure that their entire distributed hybrid and multicloud application catalogs are protected.