How to integrate WAN and Internet cloud services

Source: Internet
Author: User
Keywords Special cloud services
How do enterprises integrate WAN and Internet cloud services, or use the cloud computing services of the public Internet? Most businesses support remote users through SSL VPNs on the Internet. There are also a number of Internet VPN to connect branch offices to the data center, effectively make the enterprise WAN Internet VPN.

For businesses that already use the Internet as a WAN, opening cloud services via the Internet may be the best option. If you want to achieve a more stringent service level agreement (SLA), another option is to have the cloud service provider directly into your private WAN. Choosing a private or public Internet cloud service is a classic cost/benefit trade-off that takes into account security, availability, and some specific integration issues and choices.

If your enterprise uses an Internet VPN to access the data center, then adding an Internet cloud service is actually allowing the cloud to access the same data center. In fact, only the VPN clients on all computers and devices disconnect the user from the Internet, the cloud becomes part of the VPN.

Most infrastructure as a service (IaaS) or platform as a service (PaaS) cloud supports SSL VPNs, so the main consolidation issue is locating cloud applications. If both the cloud and data center support load Balancing or backup detection applications, you can either use the Directory/redirection function (DNS,UDDI) to switch the cloud and data center users, Either make the Internet Cloud service a Select service in the data Center load Balancing switch. It is best to use backup and load balancing techniques in your own data centers.

If your employees are on the company's wide area network, it's usually a gateway to access the Internet. This means that access to cloud services via the Internet can be implemented using gateways, and you can trust your own security and firewall measures to protect the WAN side. However, the Internet cloud service providers also need protection. Again, IaaS or PAAs services can usually install a security Service/firewall on a machine image, and the service provider provides some security measures. The Internet cloud service provider's firewall or cryptographic VPN service also handles security issues, except that the PAAs provider may provide security services in all areas and even virus scans. If you want more, it's best to add it yourself.

Applications running in the cloud may have many or more of the same need to access data stored in enterprise data centers. Inter-process connectivity with workflow or service bus technology, which creates a background connection request with any form of storage network, bypassing the security mechanism when a normal application logs on. This makes it more necessary to protect these paths. SSL VPN is hard to do this like a station-stop IPSec VPN.

Maybe you've already used IPSec VPN in a branch office, and you can connect to a cloud service provider in a similar way. A good IPSec VPN device can not only establish a connection between sites, but also provide firewall protection. However, they want to install equipment at each site, the Internet cloud service providers to match them. You need to check with your VPN device provider to see if they have server-side software or use software solutions.

The next challenge is availability and performance, and it is necessary to know that these are not entirely internet access issues; The recent public cloud service interruption indicates that the cloud facility itself will fail. However, companies point out that the largest source of public cloud applications is internet access. They also point out that the more common feature is a severe drop in performance than a complete disconnect, and that if performance is poor to a certain extent, it will have a significant impact on productivity and complete disruption. Please don't forget that Internet service is the standard service mode, which affects some applications, especially those that used to sign SLAs for WAN services. It's hard to reach an internet SLA, and if cloud application traffic has to go through a service provider boundary, that's almost meaningless.

The gateway address also affects performance. Most businesses want to connect to a data center Internet VPN gateway, where there may be multiple addresses, and you need to consider other paths to the WAN. The first step in optimization is to detect if there are several sites where internet cloud providers use the same ISP. For almost any situation, this will give you the best Internet performance. If you do not share a provider, you can use the basic tools to ping or traceroute at each gateway site to test the quality of your ISP's Internet path to the cloud. Find the lowest-latency and least-hop path, which is the best and most reliable performance. Also consider the cost of providing additional bandwidth between the site and the Enterprise Wan, because cloud access is likely to increase traffic to the gateway.

Remember that no matter what you do, Internet access to cloud providers is never safer, more efficient, and more reliable than a WAN. If internet-level security, performance, and availability do not meet your requirements, a single WAN and cloud service can help you extend a private wan to the cloud. Be careful not to spend too much effort managing the best delivery communications and cloud services. In most cases, the availability of the application and the basic problem isolation tool can solve the problem.

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.