Skyline with cloud

Multi-cloud benefits: a secure path from Equinix and Ipanema SD-WAN

Michal Podoski of Infovista and Mohamed Sahnine of Equinix
Jul. 1 2021

Trying to keep up with transformation driven by remote work and multi-cloud environments? You’re not alone. Just ask the head of one of the world’s three largest clouds.

“We’ve seen two years’ worth of digital transformation in two months,” said Satya Nadella, CEO of Microsoft, when delivering the company’s quarterly earnings to Wall Street at the start of the pandemic.

It’s a daunting prospect. But, for most organizations, the decision to move IT into the cloud is a long-foregone conclusion. In fact, 92% of enterprises already have a multi-cloud strategy, and it’s projected that 55% of all enterprise workloads will be in a public cloud by the end of 2022 (see Flexera 2021 State of the Cloud Report).

But what do we mean by ‘the cloud’?

And what’s the difference between being ‘in the cloud’ and being truly ‘cloud-first’?

The reality is that different clouds are suited for different business functions. That means today’s question becomes: how does our business secure application workloads and sensitive data in a complex multi-cloud environment without losing control of costs?

The right strategy will:

  • Provide increased security;
  • Be simpler to manage, offering smoother cloud usage;
  • Be up-to-date, cost-effective and mean you only pay for what you use; and
  • Make for happier users.

In this blog post, we discuss some of the key considerations that underpin these multi-cloud benefits.

But first, a quick review of the difference between using multiple clouds and a comprehensive multi-cloud strategy, which is the best starting point when looking to design your enterprise cloud strategy.

Multiple clouds vs multi-cloud

As discussed in Ipanema’s new eBook, How to use SD-WAN to build a secure multi-cloud environment, these concise definitions should help:

Multiple clouds: In this model, an enterprise uses multiple public cloud vendors to store different workloads (apps). They’re notable in that:

  • The clouds aren’t interconnected in any way, either between each other or back to the enterprise WAN;
  • There’s no overarching maintenance process or management system in place;
  • There’s also no procurement plan, mostly because the public cloud is used for temporary IT needs; and
  • Most importantly, there’s no security policy.

Multi-cloud: In this model, enterprises set out a company-wide policy predefining a set of public cloud providers used across different departments. Notably:

  • These clouds are interconnected between each other and back to the enterprise WAN;
  • There’s a clear usage, growth and procurement strategy for the selected set of public cloud vendors; and
  • Management, maintenance and security policies encompass all vendors in a similar fashion, with the multi-cloud becoming a full-time part of the enterprise’s ecosystem.

Consequently, a properly defined multi-cloud strategy is key to setting up your digital transformation objectives.

What form should it take?

A low-latency route into the multi-cloud

Low-latency is a primary objective, and CloudMesh is critical to this.

SD-WAN CloudMesh is designed to simplify and optimize the challenges of cloud migration – that is, migration of workload (apps) from traditional data centres to the cloud, which usually happens in phases over several years – and the ongoing use of your services once they’re in the (right) cloud.

When directly integrated with Equinix Fabric™ and Network Edge you can combine cloud-based orchestration technology with low-latency full mesh to support geographically distributed environments. That gives you the simplest path to connect different workloads across multi-clouds, SaaS, owned DCs, hosted, IaaS UC – in short, every combination that your modern businesses require to enable the extended edge.

Low-latency solutions serve two key use cases:

1. Setting up your geo-distributed extended edge, comprising your site, data centre and any infrastructure-as-a-service (IaaS) that you use, for which you should leverage a low-latency backbone CloudMesh network.

By doing this, you can create a performance orientated full-mesh SD-WAN.

The underlying technology supporting this is CloudMesh site-to-site low-latency full-mesh and CloudMesh IaaS on-ramp.

2. Enhancing and guaranteeing QoE of your critical apps, for which you can build a low-latency multi-cloud connectivity on-ramp for AWS, Microsoft Azure and Google Cloud.

The underlying technology supporting this is CloudMesh MeshEdge (low-latency extended edge full-mesh) and multi-cloud on-ramp, paired with an unrivaled application intelligence stack providing remote visibility and control.

The clear benefits that these two use cases offer your users when you follow these low-latency paths include:

  • Full-mesh topology for site-DC-IaaS traffic, supporting geographically distributed environments;
  • Cloud-level integration with low-latency cloud exchange fabric backbone network, such as with Equinix Fabric™;
  • Automated provisioning of CloudMesh tunnel overlay topology through an SD-WAN orchestrator, leveraging the NVF API-driven platform, Network Edge;
  • Application intelligence to guarantee QoE for critical workloads;
  • Dynamic CloudMesh point-of-presence (PoP) selection for high availability; and
  • A multi-cloud foundation for IaaS and SaaS connectivity.

Deriving smarter security policies through integration

We’ve talked about performance. But what of security? This is the other Big Test of your multi-cloud strategy: maximizing it without affecting user experience or driving up costs.

The best solution should be:

  • Fully managed, such as that provided by the general Ipanema SD-WAN offering;
  • Highly automated for multi-cloud connectivity, something that CloudMesh offers; and
  • Pre-integrated with scalable capacity and a full set of cyber security and management functions, as found with another Ipanema solution, EdgeSentry, which we discuss in greater depth in this solution brief. (Also see 5 Ways a cloud-native approach will improve security posture.)

But these things go hand-in-hand under the banner of integration.

The real innovation is that integrating directly into the Infovista Ipanema SD-WAN layer, a service provider or customer can gain the benefits of seamless and predictable IP delivery to every cloud and major SaaS service without having to maintain separate transit agreements with multiple carriers. A customer does not even need a direct relationship with Equinix, it is simply a function of the software stack and all the contractual and technical details are handled between the partners involved with the customer simply getting better connectivity with a single bill.

Cost control

2021 is a year of significant transformation. We’ve already discussed the high number of enterprises that have a multi-cloud strategy and what proportion expect their workloads to be in the cloud by next year; the same report indicates the significance of cost control, with 61% of organisations planning to optimize costs this year.

We’ll come on to controlling the cost of your SD-WAN itself but vendor selection plays a big part in keeping tabs on your general cloud- and tech-related expenditure.

Negotiating the right contract with a set of public cloud vendors can significantly reduce per-unit spend, as in the cost of a single virtual machine (VM). In most cases, such negotiation is done by committing to an annual spend. It’s worth mentioning here that this doesn’t imply what the number and type of VM units procured by the enterprise are; it simply dictates the bottom-line spend and guarantees preferential unit pricing.

Bringing it all back to the backbone

Leveraging a low-latency backbone represents a near seamless evolution for enterprises that are used to the dedicated nature of MPLS because it offers a straightforward transition in terms of internal IT security policy. The main difference between MPLS and a low latency backbone lies in the access method, which with MPLS requires an expensive dedicated circuit and with the latter relies on the Internet in the first mile, as in everything between the customer and the service provider’s service edge.

Add to this solutions like Ipanema SD-WAN that offer consumption-based licensing, by which customers are only charged for what they used, and you’re looking at a robust, all-round solution for safer, smoother operations in the multi-cloud.

Let’s finish by summarising some of the key multi-cloud benefits that such a strategy will deliver:

  • Frictionless enterprise WAN evolution;
  • Cloud-native SD-WAN;
  • Unrivalled application performance monitoring and guarantee;
  • Full range of WAN edge SD-WAN functionality;
  • Cloud-based advanced security;
  • Low latency cloud-based full-mesh and multi-cloud on-ramp;
  • Cloud-first delivery, enhanced agility and TTM;
  • Pay-as-you-go licensing; and
  • High-performance and resilient hybrid-multi-cloud architecture-based on the Equinix platform

The diagram below illustrates what a multi-cloud set-up based on Ipanema SD-WAN CloudMesh looks like. Read more about the Equinix CloudMesh within Ipanema SD-WAN solution. And don’t forget to download Ipanema’s new eBook, How to use SD-WAN to build a secure multi-cloud environment.

Visualising a multi-cloud set-up based on Ipanema SD-WAN CloudMesh

Written By
Michal Podoski and Mohamed Sahnine
Michal Podoski of Infovista and Mohamed Sahnine of Equinix

eBook: How to use SD-WAN to build a secure multi-cloud environment

Download eBook