Virtual Routing on the Edge: How to Speed-up and Secure Connections to Cloud Services

There are multiple factors to consider when deploying network connectivity to support hybrid and multicloud environments. Security, scalability, and performance are chief among those. As businesses adopt more services and connect to more public clouds, management complexity and overhead increases, potentially impacting costs and delaying IT projects.

Because of the pervasiveness of internet connectivity, traditionally VPN tunnels have been used to connect workloads in disparate CSP regions. However, managing VPN tunnels can be painful, and they can limit throughput and reduce performance due to unpredictable routing via the internet. Plus, issues like BGP route hijacking expose serious security threats when using internet connections for the cloud. Physical, dedicated private connectivity between clouds and enterprise data centers can improve throughput and eliminate security concerns, but the challenge of deploying the infrastructure efficiently and cost effectively remains.

While Software Defined Networking (SDN) has powered networks within the public cloud since inception, traditional telcos have been slow to enable software-defined cloud interconnect (SDCI) capabilities over their private networks. This has resulted in long provisioning lead times — often between 30 and 60 days, and sometimes longer — with no flexibility to adjust capacity to address variable demands. Progress has been made using SDN fabrics to deploy private point-to-point services in a more scalable and on-demand fashion. While this model provides a secure and flexible path from the enterprise data center to public cloud (see Figure 1), the lack of a virtual routing capability has prevented them from enabling direct cloud to cloud connectivity that’s required to support applications needing low jitter and low latency paths between CSPs.

Figure 1 : Hybrid Cloud Model — Private Data Center to Public Cloud

Deploying virtual routers has been common within the public cloud for some time. Facilitating applications in AWS VPCs and Azure VNETs, enterprises can manage virtual routers on an ad hoc basis. However, this does not solve their routing needs over private connections between enterprise private networks and public clouds, which are required for modern hybrid and multicloud models to perform and scale securely.

Enterprise networks that are not physically colocated near cloud provider edge points of presence (PoPs) have traditionally been required to deploy additional infrastructure in locations close to cloud onramps in order to support low-latency private connections between disparate clouds. This is both time consuming and expensive, requiring colocation and hardware for additional routing infrastructure at the public cloud edge. Additionally, not all of the cloud onramps required to support private connections will be in any one data center.

To solve this problem, Megaport developed a virtual router service, Megaport Cloud Router (MCR), which can be used to connect to, and between, over 200 cloud onramps globally. MCR equips enterprises with virtual routing capabilities outside of their private data center and near the public cloud regions, enabling routing decisions to be made at the public cloud edge. The virtual router can be deployed on-demand and in minutes, along with private connections to each of the major hyperscalers. In many cases, the cloud edge and virtual router will physically sit in the same location, enabling low latency routing between public cloud edge locations, while also providing a path back to the enterprise private data center. This all happens over a single private network that never routes over the internet, giving customers low-latency, low-jitter, and high-throughput performance between disparate clouds. Because MCR is integrated with leading cloud services, businesses can create cloud-to-cloud connections in minutes.

Figure 2 : Hybrid and Multicloud Models via Megaport Cloud Router (MCR)

CSPs will continue to deploy new cloud onramps globally to meet the demand for private connections into public clouds. Private software defined networks are popular for businesses looking to connect to these many, highly distributed onramps. SDN’s benefits are evident: reduced cost, increased security, flexibility, and the ability to deploy quickly and on-demand. With multicloud adoption increasing, SDNs are even more essential to simplifying cloud architectures.

With on-demand virtual routers such as Megaport Cloud Router available on neutral SDN platforms, enterprises now have a way to route closer to the cloud provider’s edge. This lowers the total cost of ownership (TCO) by eliminating the need to deploy and manage additional hardware, and reducing the requirement for more colocation services. These advantages, on top of SDN’s flexibility to make changes at a moment’s notice, will drive the adoption of virtual routing services in order to keep pace with the rapid adoption of multicloud.


Author's Bio

Mike Rockwell

Head of Solutions, North America at Megaport

Head of Solutions, North America