As applications evolve in data centres and public clouds, the resulting widespread distribution of their requisite data and workloads has earned a name — hybrid cloud. The hybrid cloud has forced a rethinking in the architecture of network resources used to connect these highly distributed environments due to complexity, security, and management concerns.
Legacy network technologies, especially WAN, were never designed to connect application components in the cloud with on-premises databases. As a result, organisations are finding that one-size-fits-all WANs that connect multiple local area networks fail when applied to modern hybrid cloud application architectures.
Addressing the fundamental technical incompatibilities, as well as performance and management problems common with legacy network connections, software-defined networking solutions have evolved to focus on the needs of applications — as opposed to users.
These application-driven networks provide a software-defined perimeter, enterprise-grade availability, and the flexibility of software-defined network management for distributed application components that span public, private, and on-premises environments. And unlike their predecessors, they are evolving to be deployed quickly and managed easily without the burden of proprietary hardware vendors and their antiquated delivery, support, and management models.
The premise of an application-driven network architecture is that each application connects to a network segment with its own network architecture and security to satisfy the exact requirements of an application.
An application-driven network has the ability to create custom data paths based on the needs and location of the application, as well as apply application-based access policies, Quality of Service (QoS), and security such as certificate-based authentication, packet inspection, or encryption with application-specific certificates to all traffic. All of these things combine to create an application-aware network that enhances the value and functionality of the application.
The three keys of an application-driven network architecture are:
- Applications, including micro-services and serverless apps, can reside anywhere on the network, which serves as connective tissue to application components distributed and managed across all network endpoints.
- The network can be managed as code inside of existing DevOps processes and toolsets, similar to the way infrastructure-as-a-service is now managed as code.
- Network agnostic functions can be overlaid on top of any network infrastructure such as ethernet, 4G, private circuits, or cloud networks.
- Networks can be deployed anywhere quickly, using a standard set of management and control features.
- Separation of data and control planes enables private point-to-point application connections to be controlled by centralized portals across all environments.
- All network functions such as configuration, management, and monitoring are available via APIs.
- Open components allow for tighter integration with ecosystem partners such as Amazon, Microsoft, or Slack.
So how do we take advantage of these new architectural strategies?
Some workloads or datastores are not ideal for the cloud for a variety of reasons including, latency, security, regulations, and legacy system requirements. This requires them to remain localised and thus necessitates remote connectivity. These situations are most commonly found in financial services, healthcare, and industrial IoT applications, but can appear anywhere that distributed workloads and storage exist. Nearly all centralised applications have some components that could function better (lower cost, lower latency, easier compliance) outside of the public and private cloud environments where they run today.
In these cases, application-driven networks are replacing existing WANs with public cloud integration and connections to IoT, API gateways, and edge compute resources that do not disrupt other legacy WANs or add service provider overhead.
These solutions offer radical new approaches that integrate networking systems with application deployment and management capabilities. The optimisation of application architectures that they offer is ideal for large distributed applications across multiple environments.
Building an application-driven network can be accomplished using APIs available in most software-defined networking platforms. These platforms manage policy and configuration updates from a centralised controller that can be easily distributed throughout the network.
Robust automated management capabilities make operating the network as simple as managing an application in the public cloud. With complexity abstracted and network management functions made available to developers and DevOps staff, applications are free to leverage network resources as needed.
The ever-increasing volumes of workloads migrating to the public cloud present a perfect opportunity to address the challenges of hybrid cloud environments by building resilient application-centric networks.
By rethinking network architectures and building networks that are dedicated to the needs of the applications they serve, organisations free themselves from traditional network constraints, resulting in performance, security, and manageability improvements.