By WAN AHMAD KAMAL (Juniper Network Malaysia Managing Director)
IT CAN be a daunting task to interconnect a growing number of virtual and physical devices while trying to simplify the network to manage these resources at scale. This article looks at three critical areas that companies should focus on.
Cloud computing represents a new way to deliver and consume services on a shared network and IT infrastructure. Previously, IT hardware and software were acquired and physically provisioned on site.
With cloud computing, the value of these same software and hardware products are delivered on-demand in the form of services over the network.
Cloud computing is not only relevant to network service providers or Internet-based service providers offering cloud services to customers. Enterprise or public sector IT organisations are becoming acutely aware of cloud computing's relevance to their own internal operations.
It is now possible for IT to build out private clouds or augment their resources with public clouds that enable their datacentres to benefit from this powerful computing model.
The lessons learned from cloud computing can vastly improve the scale, agility, and application service levels of enterprise datacentres as well as reduce costs. Achieving these results requires close examination of the network itself, which is the foundation of the cloud-ready datacentre.
Management complexity increases exponentially as more devices are added. This often necessitates physical segmentation, which runs counter-intuitive to building large, shared resource pools that maximise economies of scale.
Overcoming these obstacles requires a fundamental shift in the way enterprise IT organisations build-out their legacy datacentre networks. Success in building a scalable, cloud-ready datacentre network requires following three critical steps: (1) Simplify, (2) Share and (3) Secure.
Simplify
Simplification starts with reducing the number of autonomous devices. In the future, a single logical switch will be able to scale securely and reliably across the datacentre to connect all servers, storage and appliances.
Until that happens, interim measures can be taken to consolidate network layers, increase scale and performance without adding complexity and reduce costs:
Leverage device density to reduce the number of physical devices;
Employ technologies that enable multiple physical devices to act as one logical device;
Reduce layers of switching to two or less;
Ensure reliable routing connections into and out of the datacentre; and
Maintain a common operating system and a single point to monitor and manage the network with open APIs.
Share
With a simpler, scalable network to support large resource pools, the next step enables the dynamic sharing of resources for greater agility. This necessitates virtualisation at two levels - the virtualisation of servers, storage and appliances, and the virtualisation of the network itself.
Virtualisation minimises the need for physical segmentation, allows capacity and bandwidth to be shared efficiently and flexibly for multi-tenancy and high quality of service. VLANs, zones, MPLS and VPLS offer effective ways to virtualise the network within and between enterprise datacentres.
Secure
Another challenge involves maintaining trusted environments and scaling security for pooled resources. To complement the simplification and sharing of the cloud-ready datacentre, the security services should also be consolidated and virtualised. It is vital to secure data and services at rest and in transit using these and other security measures:
Secure flows into the datacentre. Authenticate and encrypt connections to network endpoints (SSL) and enterprise devices (IPSec) while reducing device proliferation. It is also essential to prevent denial-of-service attacks and deploy firewalls to guard the edge and perimeter;
Secure flows within the datacentre. Segment the network with VLANs, zones, virtual routers and VPNs, and use firewalls to protect application-to-application traffic - between servers, between virtual machines and between pods. Also employ application aware and identity-based security policies; and
Set network-wide policies from a central location to ensure security compliance. Centralised reporting engines provide historical and real-time visibility into applications and data, and enable IT to perform scheduled vulnerability assessments.
Conclusion
By rethinking traditional legacy approaches and preparing for the advent of cloud computing, it is possible for IT organisations to build datacentre networks that offer greater economies of scale, improved application service levels, simpler management and lower costs.
Simplifying, sharing and securing the network are critical to achieving success in building-out cloud-ready datacentres.
As Moore's Law ensures that technological advances continue to make cloud-ready datacentre networks a reality, IT organisations can take decisive steps today that drive businesses closer to the promise of tomorrow.
(Wan Ahmad Kamal is the managing director of Juniper Networks Malaysia, an information technology and computer networking products company)
++++