In my past couple of blogs, I discussed the challenges and impediments Enterprises face on their journey to a cloud-first business. As part of the Viptela Fabric launch, we announced a suite of new capabilities called Cloud onRamp that allows our customers to connect their branch users to applications in the cloud, whether it is for SaaS or IaaS. In this blog I will highlight this turnkey solution for cloud consumption and discuss more on this topic in the Cloud Transformation for SaaS and IaaS webinar.
Requirements for Cloud Connectivity
From our experience working with Enterprises making the transition to cloud, the following are some basic requirements:
- Resiliency: High availability of applications must actually improve when moving to cloud since it’s a value proposition of cloud-hosted services. Resilience to transport failures in case of multi-transport on the WAN is also a requirement.
- Branch-to-cloud connectivity: Avoid cloud traffic tromboning through the data center. Direct internet offload is desirable for optimal cloud access.
- Security: Branch users must be able to securely connect to their SaaS and IaaS applications over the internet. Security policies applied at the branch must extend to cloud instances.
- Visibility: Ability to monitor SaaS application performance across all branches to ensure optimal user experience.
- Operational simplicity: A single pane of glass to configure and manage branch and cloud instances.
With our Cloud onRamp solution, we address the above requirements and make it consumable to the user through the Viptela management platform (vManage).
Cloud onRamp for SaaS
Cloud onRamp for SaaS gives Enterprises visibility into the availability and performance of SaaS applications from designated internet exit points. These exit points can be the branch vEdge for Direct Internet Access (DIA) or remote internet gateways hosted in the Data Center or regional DMZ. Visibility to SaaS performance is provided through a Viptela Quality of Experience (vQoE) score for over 20 well-known applications. The vQoE score utilizes performance data from real-time probes sent by designated vEdge routers towards the SaaS provider.
Utilizing this vQoE score we are able influence routing decisions on the branch vEdge towards the SaaS provider. The SaaS performance data across all branches is available to the Enterprise through a single dashboard on the vManage platform.
Take the case of an Enterprise utilizing a combination of DIA and remote internet gateways for SaaS offload. The primary path is DIA because it offers the best performance. If the local internet carrier has a brown out, the branch vEdge router is now able to detect this failure and switch traffic to utilize an alternate better path. The end result is that branch users can continue to utilize their applications with little to no interruption.
Cloud onRamp for IaaS
Cloud onRamp for IaaS gives Enterprises the ability the extend the Viptela Fabric into their public cloud instances. The traditional approach of making public cloud an extension of the data center goes away and you are able to connect branches directly to public cloud providers.
This capability is exposed as a new application on the vManage platform. The Cloud onRamp application is able to discover a customer’s private cloud instances in a cloud region allowing the admin to select which instances they want available in the Viptela overlay. Once the necessary selections are made, the vManage application automates the bring-up of a pair of virtual routers within the customer’s public cloud account and connects their private cloud instances to these virtual routers in that region. The process takes less than 10 minutes to complete.
The deployment model we have chosen for this solution ensures we do not have to interfere with the customer’s private cloud instances, making it easy for brownfield deployments, and we make use of all the native redundancy capabilities offered by the public cloud provider. All configuration and policies applied at the branch will also apply to instances in the cloud. The end result is direct branch-to-cloud connectivity across any branch in a secure and redundant fashion.