The last post explored why more and more enterprises and technology vendors are making the adoption of a cloud gateway a top priority. This post focuses on the capabilities that all stakeholders should look for.
So what exactly is a cloud gateway? A cloud gateway is technology that extends the enterprise data center or private cloud out to external clouds. It’s a core component of the hybrid model, and when it’s well-architected, it brings simplicity, flexibility, and control to cloud computing. By shielding users and IT departments from the complexity of cloud deployments, the gateway makes applications portable across different cloud architectures, platforms and even different hypervisors. It provides cloud users with easy access to the widest range of resources and services available, and gives technology vendors a platform for delivering high-value services to on-premise and cloud environments. It’s also a platform for innovation around new capabilities that now become available in the hybrid cloud model.
Here’s what a well-designed cloud gateway needs to do:
- Guarantee security: Data needs to be encrypted end to end, from inside the corporate firewall, across the Internet, and within the cloud infrastructure. Encryption keys need to be under enterprise control at all times, and off-limits to everyone else. The cloud becomes an integral part of the enterprise IT environment with data at rest and network communications protected from both the cloud provider and 3rd parties at all times.
- Extend enterprise networking: Every enterprise has a unique network infrastructure for connecting its servers and applications — things like addressing schemes, topology, identity and directory services, and network equipment (firewalls, routers, and switches). Cloud providers have completely different network architectures to support their multi-tenant operations. The gateway needs to enable enterprises to match their current network topologies when they are using the cloud, and have the ability to bridge specific network segments (or LANs) to the cloud in a simple and automated fashion – including both layer-2 (Ethernet) and layer-3 (Internet Protocol) connectivity.
- Deliver enterprise-class network appliances: As more and more network vendors introduce their own cloud versions, customers want to be able to leverage what they already have on-premise and use trusted vendor products for their cloud deployments. These enterprises have made significant investments in the management and operation of these appliances. A cloud gateway should enable the use of these trusted vendors across the various cloud offerings available to allow the enterprise to leverage policies, configurations, and expertise when extending into the cloud.
- Integrate with data center infrastructure: A
gateway should be able to tie into existing virtualization
infrastructure to allow users to seamlessly combine the cloud
deployments with on-premise applications and infrastructure. The
gateway should be able to interact with different virtualization
technologies (VMware, Xen Server, Hyper-V, KVM) to give enterprises the
broadest scope and flexibility in cloud deployments as they evolve their
virtualization and cloud strategies.
- Provide seamless visibility and control: The gateway should allow users and administrators to monitor and manage applications running in a cloud as if they were running locally, using existing tools and polices in a single, integrated environment. Cloud resources should appear as part of the corporate infrastructure, with external pools of capacity appearing alongside internal ones.
- Protect roles and access: Dedicated individuals or teams are usually responsible for setting up enterprise networking, storage, virtual machines, applications, monitoring, etc. In the wild west of the cloud, with the paradigm shift towards self-service provisioning and management, these responsibilities fall on the end user — typically the developer or business user as they access cloud resources. These users are often unaware of corporate policies or configurations, and are unsure how to address these requirements. The cloud gateway should preserve the multi-role capabilities required for enterprise control, allowing rules to be created and enforced while letting users access cloud resources on demand.
- Span disparate cloud architectures: All the requirements mentioned above need to span multiple clouds, with their different APIs, hypervisors, storage architectures, etc. The gateway needs to give users access to the widest range of choices so they can take advantage of all the cloud has to offer. The gateway must be designed with a deep understanding of different cloud providers’ capabilities and differences, so it can deliver optimal services and the best price/performance to meet customers’ specific requirements.
A Platform for Innovation
Beyond meeting the needs of customers and vendors today, the gateway is a platform for innovation that opens the door to a new generation of capabilities. The cloud gateway sits at the nexus of new technologies – it ties into the virtualization infrastructure within the data center, tightly integrates into the network infrastructure, and connects with multiple external clouds. The ability to interact with all these key components enables new services and solutions. Here are a few examples:
- Cloud brokerage: Workloads can be moved to the right environment based on business and technical requirements. Users can examine a menu of available clouds and choose the ones that provide the best combination of pricing, QoS, provider flexibility, or other criteria.
- Geographically distributed applications: The cloud provides the freedom to place workloads around the world. The gateway allows simplified network management, multi-cloud support (the ability to choose clouds nearest your consumers), and central control for resource management.
- Data management: The gateway is in a key position for managing data and workload distribution. With ties into both the data center and target clouds, the gateway can facilitate data movement, replication, remote access, and security of data.
- Enhanced security: With access to enterprise resources as
well as control of distributed networking and compute resources, the
gateway is an ideal place for delivering new security models – including
remote access, distributed policies, and advanced virus protection.
The concept of a cloud gateway is capturing mindshare across the cloud industry –from enterprise customers to technology vendors and service providers. It’s a key enabler for their cloud strategies, and they’re eagerly looking for ways to take advantage of it, to meet current requirements and introduce some new paradigms in enterprise computing.