Connecting to the cloud – your options explained
In this, the latest in our series of blogs looking at connectivity, we outline the options for connecting your office directly into the public cloud.
The cloud has transformed our lives, empowering us to work more flexibly and allowing businesses to grow and innovate. However, to be able to take advantage of all that the cloud has to offer, you need to have a good connection to it.
Connecting via the internet can be slow and risky and, when public cloud bandwidth charges are factored in, expensive. It can also be a challenge to connect private and public cloud services within a hybrid set-up without the assured Service Level Agreement (SLA) backed stability of a dedicated connection. Secure, resilient and high performance connectivity is therefore a must.
So what connectivity options do you have to make the most of the cloud?
The way you connect to the cloud will depend on whether you are consuming cloud-hosted applications directly from your office or whether you are using a hybrid model to connect two disparate cloud platforms i.e. private cloud to Azure.
Let’s look at the direct connectivity options first.
Office to Public Cloud Connectivity
If you have a reasonable internet connection – which the majority of SMEs have – you can then leverage a Virtual Private Network (VPN) to connect securely to the public cloud of your choice.
A VPN allows you to extend your premises into the cloud using an encrypted connection across the internet to provide users with remote access to your company’s public or private cloud infrastructure.
There are two types of VPN:
Client-to-Site VPNs tend to be the preserve of smaller organisations. With a Client-to-Site VPN your employees can connect securely via public Wi-Fi hotspots or from home. A VPN client on the laptop connects to the VPN gateway on the company network which verifies the identity of the device trying to connect. Once verified it creates a network link to the files needed as though it was connecting back in the office.
Site-to-site VPNs tend to be used by larger organisations. As opposed to linking individual devices to the internet, the Site-to-Site option allows you to link your corporate network, using VPN technology and the internet, to the public cloud. It uses the same highly secure encryption as a Client-to-Site VPN. Site-to-Site VPN eliminates the need for expensive long-distance leased lines. However because the connections go over the internet, they are not backed by any type of SLA.
Point to Point (P2P) Connection
If you need to overcome the security challenges and potential instability of connecting over the internet then P2P is an alternative. Your office connects directly to the nearest Cloud Service Provider’s exchange which delivers a secure, high performing and SLA-backed dedicated connection to the public cloud.
P2P links can provide anything from 10Mb/sec up to 10 Gb/sec for fibre – a minimum carrier line is normally 100Mb/sec.
If you are consuming the public cloud via AWS DirectConnect or Azure ExpressRoute, a P2P solution delivered via your cloud service provider allows you to consume the services in the most cost-efficient way.
MPLS L3 VPN
A Multiprotocol Label Switching Layer 3 (MPLS L3) VPN enables multiple office locations to connect to the same single-routed network. Using your Cloud Service Provider (CSP)’s ExpressRoute or DirectConnect capability you can deliver Layer3 VPN services where all your sites connect directly to the public cloud. Depending on the number of sites (2 or more) you have you can substantially reduce costs compared to using a P2P connection.
Importantly, your CSP delivers the MPLS L3 connectivity backed by its Service Level Agreement.
Depending on your organisational approach to risk and how much downtime you are prepared to stomach in the event of a connection failure, you will want to consider redundancy.
Each of the previous connection methods have the option of delivering redundancy via a second internet connection or a secondary P2P/MPLS circuit. This will increase your network availability and keep your business up and running.
Hybrid Cloud Connectivity
For organisations who already have a private cloud with a DirectConnect or ExpressRoute-capable Cloud Service Provider, connectivity is much more straightforward. As with the connection methods above, you can leverage your CSP’s ultra-fast, dark fibre network to connect directly to the public cloud, delivering a dedicated, secure and high performance cloud interconnect.