Dedicated network connections improve hybrid-cloud performance and security

Some IT managers still have concerns about hybrid clouds. Dedicated network connections offered by cloud-service providers should assuage those fears.

Image: Przemyslaw Koch

Companies, large and small, are slowly leaning towards having a presence in the cloud. Many companies are using the stepping stone approach, leveraging a hybrid cloud-computing environment to gain experience, and to work out unforeseen operational issues.

To that end, the hybrid cloud is considered the best choice, allowing companies to retain some digital resources in-house while relegating other resources to a cloud-service provider. Companies using this approach have the ability to scale up or scale down as needed, along with knowing their most sensitive digital information is still completely under their control and behind their defenses.

Security, data protection, privacy, and performance issues are areas of concern for system admins and security managers. Hybrid or not, to them, in the cloud still means that part of the company's digital assets are on the wrong side of the company's perimeter.

New network services might help

Cloud-service providers are offering private, direct, dedicated connections between the customer's infrastructure and the provider's Points of Presence (PoP), usually multiple locations around the world, and housed in colocation centers. Equinix, Telx, CoreSite, Pacnet, Interxion, and TelecityGroup are examples of colocation companies used by the cloud-service providers.

Using dedicated connections theoretically extends the customer's private infrastructure to the cloud-service provider's network and should assuage much of the customer's anxiety. Dedicated connections are not new, it's just that cloud-service providers now realize customers are willing to use dedicated connections instead of their normal internet pathway, because doing so buys the following:

  • Dedicated connections mean dedicated bandwidth, no sharing with other customers;
  • Bandwidth can be easily increased or decreased to meet customer requirements;
  • Consistency and predictability improve, which is often a requirement for latency-sensitive traffic; and
  • Data travels point to point, eliminating insecurities related to traversing the internet.
Figure A: Microsoft Azure ExpressRoute
Image: Microsoft

Several of the larger cloud-service providers are offering dedicated private connections. Amazon calls its service AWS Direct Connect, and Microsoft named its service Azure ExpressRoute (Figure A to the right). (Amazon and Microsoft have been providing their dedicated connection services for a while.) IBM just announced its version called Direct Link, which connects customer networks to IBM's SoftLayer data centers.

Matt Chilek, CTO for SoftLayer, said, "The power of a company's private infrastructure and internal applications increases exponentially when they are able to scale out onto the cloud. We have customers ranging from startups to enterprises, from SaaS providers to financial institutions that want to do just that."

He added, "Direct Link helps them optimize their workloads and get more value out of their data. They can move both to and from SoftLayer as easily as if our bare metal and virtual servers and storage were part of their local area network."

Last thought

Dedicated connections are a well-tested technology; companies serviced by Multiprotocol Label Switching (MPLS) networks are already familiar with them. Those same companies also know direct connections offer a "primary and protect" path between the PoP and the customer's network. This feature of dedicated connections markedly improves redundancy and allows bursts in bandwidth to cover momentary increases of traffic.

Note: I was unable to confirm that Google Cloud Platform also allows dedicated connections between its cloud infrastructure and the customers.

Also see