Cloud Networking DIY vs Aviatrix Multi Cloud Networking
Targeted audience for business decision makers, CIO’s, CTO’s & Cloud Architects responsible for driving strategy.
Moving workloads to the cloud is massively on the rise and in majority of the cases an enterprise will work with a Cloud Service Provider (CSP) of their choice to plan moving their workloads. If enterprise is new to cloud, then most of the early strategy and decision making can be influenced by what CSP prescribes and can very much be influenced by the provider products.
Needless to say, some of the key decision’s enterprise leaders will need to make in their cloud journey relate to network architectures — should I “Build or Buy” my cloud networking infrastructure? And later, they often ask themselves, “if I knew what I know now, would that have changed my decision”?
In this paper, Build refers to DIY, i.e., an enterprise that chooses to build its own cloud networking infrastructure using CSP cloud native constructs. Think of this option as similar to going to Ikea and filling your basket with off the shelf items from different aisles and then figuring out how to put those items together yourself. Then repeat this process each time you want to use a different cloud provider but follow each provider’s build instructions.
Buy refers to buying a cloud native+ product such as Aviatrix’s secure Multi Cloud Network platform, a turn-key solution that adopts a common repeatable architectural pattern for all public clouds. No need for customers to understand the differences from each cloud provider because Aviatrix Multi Cloud Network Architecture (MCNA) software abstracts away the native underlying complexities and differences to enable simplified rapid cloud deployments, with constant upgrades and innovative improvements whilst providing a common set of instrumentation capabilities.
Moreover, the platform provides additional advance networking capabilities that CSP does not provide but enterprises very much require such as end to end encryption, visibility, traffic engineering, simplified hybrid cloud connectivity and more.
Although the answer to the Build or Buy question may now seem clearer, leaning towards a Buy, some customers still choose a Build DIY option. Why? Mostly because:
· I want to use the cloud provider because they know best, and my job depends on this
· They are unaware of Aviatrix, cloud provider does not make them aware
· They feel more comfortable using cloud native until it’s too late to change
· Too far into the cloud journey to course correct
· Changing direction after a decision is made would be a challenge
· Cloud provider wants to “sell what’s on the truck” encouraging lock-in
My Cloud Networking Journey
From my own real-life journey into public cloud and as an ex-customer, the decisions I made back then would be very different now. Why? because hindsight is a wonderful thing, and I didn’t know then what I know now.
Needless to say, from a business perspective we were pushed hard to get to cloud and take advantage of some of the exceptional cloud native services that AWS & other CSPs provide for application workload hosting, compute, hyper-scale, load balancing, storage etc., and cloud networking decisions I made at the time were to some degree influenced by the culture of the technology organization I worked within.
The culture was generally build using off the shelf products from well-established network vendors, then customise those products for our organizational needs, test, certify, build and manage ourselves. In other words, a Build, DIY approach
The Challenges
Starting our cloud journey into AWS, we decided to use AWS native networking and security constructs. We worked hard internally to figure out how to integrate these with on-premise systems, making sure that we could rely on secure and automated deployments via CI/CD pipelines. This took a considerable amount of time, trial and error and required upskilling our resources whilst also satisfying BAU activities. Attempting to recruit and build a dedicated cloud network team and attract new talent proved to be very difficult, in short demand and very expensive. Trying to satisfy security, audit and compliance teams that we have cloud controls in place whilst building the guardrails was another challenge.
Disappointing Realities
On top of this we gradually started to realize that cloud native networking and security constructs lacked certain advanced capabilities, critical networking and security features/functions that we have on-premise and needed in the cloud, but the gap awareness came piecemeal, at different times and sometimes too late to change direction. The net result of this was a struggle, leading to business frustration and lengthy cloud enablement delays.
Note: Just to level set for audience, this is not CSP fault as their focus is not networking. Their focus is selling compute and other great services with reliance on their ISV partners to bring on the enterprise capabilities while they provide the basic constructs, catering to millions of customers.
Making the Best of a Bad Job
In the end, we decided to engage with AWS Professional Services as we thought they were a safe bet, However, this came at considerable financial cost and limited ourselves to an AWS “walled garden.” Also trying to negotiate an SOW with AWS ProServ proved frustrating in that AWS legal team would not be pinned down to delivering an Outcome Based Solution or delivering to a precise timeline.
It also left creating large amounts of automation, orchestration and integrations to on-premise systems for us to deal with, and at that time, we couldn’t even think about or conceive other clouds such as GCP, Azure etc. “One cloud is bad enough; I can’t sensibly do this all again for another cloud.”
The DIY Gotchas
Whilst my experience started with a one major CSP, it’s also fair to say that the cloud native networking and security gaps are similar and applicable with all of the CSPs. However, there are several other factors to consider to DIY, and unfortunately, the CSPs won’t necessarily make you aware of:
· Typically, for workload migrations are into multiple accounts, multiple VPCs etc. and having a way to organize the network across these environments will be critical
· A centralised management plane that is independent of the data plane will ensure a successful deployment migration as well as continued operation with ease
· Considering how and where to connect to on-premise is important
· Considering technical challenges such as overcoming Overlapping IP address spaces especially in scenarios of M&A, partner connectivity, end user service connectivity for SaaS companies or even just consolidating multiple BU’s with overlapping scheme under one control.
· Implementing a gradual segmentation and security construct while having control over when and how to ensure communication within these guard rails
· Operational and management challenges, continued visibility (visibility as per on-prem but now in cloud)
If I Knew What I Know Now, Would I change My Decision?
So, knowing what I know now, as a technical and business decision maker, I would not adopt a Build DIY approach, instead I would be more strategic and practical and Buy the cloud native+ solution, partnering with the experts and cloud networking leaders, Aviatrix, to help prepare us and build our unified and repeatable secure Multi Cloud Network Architecture and transit solution.
The benefits are extraordinary with Aviatrix when compared to a DIY approach, not least of which you don’t need to understand the different build procedures and complexities of each public cloud provider.
DIY in my opinion is also expensive and highly likely to result in frustration, re-work, delays, product gaps, security/audit concerns, support concerns and the need for an army of in-house cloud networking and automation experts. This not only makes my TCO high but also is a huge blocker to agility and speed of innovation that is fundamental key focus of customers moving to cloud.
Still Unconvinced & Want DIY?
Even if you’re still leaning towards a DIY approach, ask yourself what happens when the cloud provider changes something? Well, it will mean that you have to restart again and figure out for yourself the impact of that change and how you will need to deal with it.
The reality of a DIY approach is that you will spend considerable time and money building your cloud networks, so ask yourself “is this really a good use of scarce IT resources and budgets?” Throwing bodies at the problem will not solve the challenge at hand as cloud is evolving rapidly, skillsets are scarce, and the cost of driving agility is way too high.
Doing What’s Right for your Business
So, if we agree that cloud technology, specifically the cloud network backbone is a critical enabler for workload migrations and for customers to do business and provide a service to its clients, then it’s also true that cloud technology is becoming more and more commoditized while also becoming more sophisticated and complicated. This now means it’s a lot harder for an organization to gain specialist knowledge and experience and keep pace with the continuous cloud innovations.
However, Aviatrix as the specialist cloud network partner will be able to do the same thing quicker, cheaper and more effectively than you can. Using validated designs based on a Multi-Cloud Network Architecture and proven with hundreds of enterprise customers building cloud network infrastructure in AWS, Azure, Google and Oracle clouds and across almost every vertical industry around the world.
This allows customers to focus on the positive outcomes whilst rolling-out Multi Cloud Networking that is swift, agile and able to respond to business requirements quickly to provide its clients with the best possible service.
Aviatrix is a “born in the cloud solution” that continues to work with each CSP to embrace all modern innovations, making it easy for customers to “consume” as part of an “enterprise Multi-cloud Network architecture”. This ensures that you always have a future proof MCNA, and you are always in control to maximize your speed of innovation.
Customer Recognition
Success or failure can be measured by customer feedback. Did the customer realize the business value? Were all of the Outcomes achieved? Would customer recommend etc.
Below are just a few examples of customer feedback extracted from the recent Forrester Total Economic Impact™ Study of Aviatrix’s Cloud Network Platform: https://aviatrix.com/forresterteistudy/
· “With Aviatrix, we are saving millions.” Raytheon
· “We can shine a light in the dark corners of public cloud…” Splunk
· “Without Aviatrix, it would have taken an extra year and twice the staff.” Centene
· “Networking on different clouds is not easy. There are a lot of different ‘gotchas’ that you don’t realize exist until you start digging in.” Splunk
· “We have been able to open new lines of business and keep up with increased demand.” Raytheon
· “When we hire new people, we don’t have to go and train them.” Verint
Other Customer Feedback (Inmarsat)
· “Aviatrix solution is probably two words, simplification and agility”.
· “You know, speaking to a couple of the early evaluators within the teams on how easy it was to get aviatrix services setup and working. We’d set aside a lot longer to actually get to know the product and execute than we really needed, which was which is great news”.
· “I think using that one Aviatrix methodology and being able to execute that really quickly across all platforms makes the solution stand out. In my mind, there’s no point having an agile cloud if the network takes a long time to get ready”.
More on the Aviatrix Solution
Aviatrix is a comprehensive cloud networking and security platform with its center of gravity in the cloud and connecting to on-prem datacenter and remote sites. MCNA is an architectural framework that is used as a construct for organising design requirements and outlines how architectural pillars such as networking, security, day-one automation and day-two operational visibility span across cloud access, cloud networking and cloud application layers.
Similar to a building construction architecture, the MCNA becomes the go to plan that allows cloud and security architects and their operational counter parts to work together and ensure any design meets all cross-functional requirements.
With Aviatrix platform, you don’t have to sign up to something that is hard to adopt or requires long cycles and continuous wholesale changes. Instead, customer can start with a simple use case (there are many) that can be implemented in minutes to gain experience or to address an immediate pain, then easily expand on this using the MCNA design attributes to deliver more advanced multi-cloud networking, security, and operational visibility capabilities that go far beyond what any cloud service provider can offer.
Aviatrix software leverages the public cloud provider APIs to interact with and directly program native cloud networking constructs. This abstracts the unique complexities of each cloud, simplifying deployments and forming one multi-cloud network data plane with advanced networking and security features and one, consistent multi-cloud operational model. Aviatrix Transit delivers a superset of enterprise-class capabilities that becomes the foundation of our enterprise customer’s Multi Cloud Network Architecture.
About the author John Gonsalves
I recently joined Aviatrix as Principal Field Evangelist to represent, present and advocate Aviatrix Multi Cloud Network Architectures at marketing events, conferences, with key customers, cloud service providers and partners around the world. Drive market demand through constant and creative delivery of the Aviatrix story, our products and solutions.
