We are in a phase where revolution and advances in technology are happening rapidly. However- regardless of how quickly software, hardware, and technologies evolve- we are not going to see the majority of our legacy systems and tools be retired anytime soon. In today’s cloud and data center-based approach, support for legacy applications as well as the new applications designed for the data center approach need a revolution in terms of connectivity as well.
The Demand is Not Just For a Cloud Transformation
Over the past few years, the demand has changed from just ‘migrating to the cloud’ to making the cloud a better, faster, and more secure alternative. As enterprises move to a more ‘global’ working model, they need to ensure security, connectivity, and minimal delays regardless of where the client and the data centers are.
As per data from PwC, over 35% of an enterprise’s spend on the cloud is wasted because of these inefficiencies in connectivity. Cloud migration is the easy part- making it cost-effective and ensuring seamless connectivity to data centers is the challenging aspect. With more than half the enterprises in North America prioritizing cloud migration and adoption as a critical element of their next 5 or 10-year plans, it can be stated with absolute certainty that the demand for secure and robust connectivity is set to grow, which is where enhanced VPN comes in.
At present, Data Centers use a VPN which acts as a private network for the customer to communicate as if it was all present within the same physical network. VPNs use shared infrastructure to allow site-to-site communication between offices.
VPNs are hugely popular and successful. However- since they are on the shared network (or the ISP’s network infrastructure) traffic from one VPN can affect traffic on a separate VPN. This can threaten the SLA guaranteed by the ISP.
The Demand for Better Connectivity
Enterprises providing mission-critical services and software, such as security, governance, identity & access management, etc. cannot afford even the minutest of delays as they migrate to a cloud model. Increasing efficiency and speed with this transformation is of utmost importance to them, and traditional VPNs are not designed to support the same. Verticals like manufacturing, retail, transportation, financial services, etc. have already made significant progress in this transformation- but have still not realized its full capabilities.
Thus, the requirement is for VPN to evolve and provide service along with more guarantees than just connectivity or data rates. The solution to this may lie with an enhanced VPN. But what is an enhanced VPN, what does it offer, and how does it differ from a conventional VPN? These are exactly the questions that we will try to answer next.
What is an enhanced VPN?
VPN+, also known as enhanced VPN, is a VPN that provides service guarantees beyond just data rates and connectivity. Let’s talk about some of the features of an enhanced VPN.
Performance guarantees in an enhanced VPN can include limits on packet loss and delivery delay, maximum throughput, and a limit on the end-to-end delay variation. Depending on the client and ISP, one or more such guarantees can be had for any service.
Isolation from other enhanced VPNs
Isolation simply means that the traffic from one service would remain unaffected (isolated) from that due to another service. Isolation can be of different types- simple traffic isolation known as soft isolation or complete separation including different network resources, which is known as hard isolation.
Abstraction and Virtual Network
A Virtual Network or a VN is a service that provides a connection between the customer edge points without any additional service characteristics like VPN+. This allows the customer to have something like a private network to the site. Abstraction involves applying policies to information in a TE network that facilitates the representation of the ability to connect to a network. This type of connectivity is independent of the underlying technologies of the network, topology, and capabilities.
Custom control and dynamic configurations
Requirements from a VPN service can change. Customers may want to add/remove sites or vary any performance characteristics. VPN+ provides this capability of dynamic configuration without causing any disruption to the traffic. Further, with isolation, changes to one enhanced VPN should not affect another enhanced VPN. If the enhanced VPN is exposed like a VN, then the customer can operate as well as control it as their private network. So while enhanced VPNs offer a variety of features above normal VPN, where does this all fit in the data center model of the future?
Data Center Requirements
As we mentioned earlier, the majority of data centers will continue to host legacy software for a while. Regardless of how quickly we adopt cloud-based applications, several legacy applications are either not suited to this model or do not have any business justification to switch to it.
With modern applications, all workloads cannot be run in the public cloud. The infrastructure for them will continue to be on-premise. Thus, the data centers need to adapt to a diverse deployment model to suit both legacy and modern applications.
Datacenter operations will require unification in the future. This is where enhanced VPN comes in. It provides an abstraction of the network and an efficient working model without sacrificing security, lead times, and the average repair time. Data centers can create virtualized L2 and L3 networks. These meet the requirements of legacy as well as modern applications without the complications that came with MPLS.
L2 and L3 here refer to nothing more than the layers of the network model. L3 switches are utilized by modern applications and provide faster switching and work with both IP and MAC addresses as opposed to L2 switches that switch only on MAC Addresses.
Thus, in simpler terms, with enhanced VPN, you can support both types of software/applications without compromising on any aspect. Let’s dig a little deeper into that.
Most legacy applications will continue to require L2 connectivity. However, modern data centers are using L3 protocols (or transitioning towards them) since this allows them to facilitate scalability and high availability. With enhanced VPN, this can be accomplished by virtualization of L2 on L3 connectivity using VXLAN.
This also helps to get rid of some of the shortcomings that come with an L2 environment. It helps in the reduction of outages caused by human errors, provides an efficient way to handle broadcast as well as unknown traffic, and provides greater scalability.
Thus, enhanced VPN not only supports but also helps legacy applications be more resilient and scalable.
Support for the Future
As modern applications move towards a container-based architecture and microservices, their dependency on connectivity services that are extendable to VMs, containers, and servers across public and private cloud increases. Modern applications can scale both ways dynamically, thus using infrastructure only as per the demand.
All the above points, however, place a significant burden on connectivity. An enhanced VPN with an over-the-top orchestration mechanism and control plane can help facilitate this dynamism needed for modern applications.
What will the future of data centers be like?
While that is a hard question to answer, we can state with confidence (if not with absolute certainty) that it will have one foot in the past and one towards the future. An enhanced VPN can be the technology that will be able to support both. It can support modern and legacy applications without burdening the operations and simplify networking.
The need of the hour is for data centers to have a roadmap for the future. As applications advance, network connectivity will have to evolve faster to enable us to make the most of them. An enhanced VPN may just be the right solution here, but we still have to wait and see how datacenters change to accept that.