The network on the cloud represents a bipolar problem: The Cloud network is one of the basic elements of cloud computing, but it is also one of the factors that make cloud users vulnerable.
The degradation of network performance and network instability can greatly affect the use of cloud resources, and therefore, relatively isolated or designed to deal with network outages in the application of running in the cloud will have some advantages.
From a different point of view, you can virtualize network resources and use them in cloud computing like other resources.
Cloud providers or cloud users will be responsible for different levels of http://www.aliyun.com/zixun/aggregation/32416.html "> Network Systems, depending on the type of cloud. The following table summarizes some typical scenarios:
Table 1. Manage the network layer
OSI layer Protocol IaaS PaaS SaaS 7 application tier HTTP, FTP, NFS and SMTP consumer Provider 6 presentation layer SSL and TLS consumer provider provider 5 Session layer TCP consumer provider 4 Transport layer TCP consumer Provider 3 network-tier IP and IPSEC consumer provider provider 2 Data Link layer Ethernet and Fibre Channel provider provider 1 physical layer copper wire, optical fiber provider provider
The table above is a simplification of many models that exist in practice. However, it is clear from the table that IaaS provides more flexibility for cloud users in terms of network topologies and services than PaaS and SaaS clouds, but may be at the expense of managing the tools that provide flexibility.
Let's look at the pros and cons of some network tools with different business scenarios with different requirements.
How network Tools can help in a variety of scenarios
Figure 1 depicts a typical network topology for a composite WEB application. It includes firewall configuration, VLAN settings, public/private IP configuration for load balancing, and access to the internal network of business partners.
Figure 1. Network topology for composite WEB applications
Let's take a look at how you can use network tools in various business cloud organization scenarios.
In production systems (using firewalls):
You can also use proxies, but the goal is usually to achieve load balancing rather than security.
Administrators can access back-end servers through the SSH channel or the SOCKS proxy.
You need to use firewall rules to allow servers within your firewall to access the Internet to complete security updates, license activation, and other tasks, without having to see the internals on the Internet.
for development scenarios (involving VPN usage):
You may need to provide reverse access to the enterprise.
Lightweight settings are required because there may not be help from network experts.
You can use a VPN server that provides DHCP on a portable computer to allow access from the cloud.
At the enterprise level:
You may have to implement general access to the enterprise through a site to site VPN.
Editor's note: The Resources section contains additional resources to introduce enterprise-class cloud networks and tools, including delivering cloud network control to users.