Product Cover Image

Designing Networks and Services for the Cloud: Delivering business-grade cloud applications and services

By Huseni Saboowala, Muhammad Abid, Sudhir Modali

Published by Cisco Press

Published Date: May 20, 2013

Description

Designing Networks and Services for the Cloud

 

Delivering business-grade cloud applications and services

 

A rapid, easy-to-understand approach to delivering a secure, resilient, easy-to-manage, SLA-driven cloud experience

 

Designing Networks and Services for the Cloud helps you understand the design and architecture of networks and network services that enable the delivery of business-grade cloud services.  Drawing on more than 40 years of experience in network and cloud design, validation, and deployment, the authors demonstrate how networks spanning from the Enterprise branch/HQ and the service provider Next-Generation Networks (NGN) to the data center fabric play a key role in addressing the primary inhibitors to cloud adoption–security, performance, and management complexity.

 

The authors first review how virtualized infrastructure lays the foundation for the delivery of cloud services before delving into a primer on clouds, including the management of cloud services. Next, they explore key factors that inhibit enterprises from moving their core workloads to the cloud, and how advanced networks and network services can help businesses migrate to the cloud with confidence.

 

You’ll find an in-depth look at data center networks, including virtualization-aware networks, virtual network services, and service overlays. The elements of security in this virtual, fluid environment are discussed, along with techniques for optimizing and accelerating the service delivery. The book dives deeply into cloud-aware service provider NGNs and their role in flexibly connecting distributed cloud resources, ensuring the security of provider and tenant resources, and enabling the optimal placement of cloud services.

 

The role of Enterprise networks as a critical control point for securely and cost-effectively connecting to high-performance cloud services is explored in detail before various parts of the network finally come together in the definition and delivery of end-to-end cloud SLAs. At the end of the journey, you preview the exciting future of clouds and network services, along with the major upcoming trends.

 

If you are a technical professional or manager who must design, implement, or operate cloud or NGN solutions in enterprise or service-provider environments, this guide will be an indispensable resource.

 

*  Understand how virtualized data-center infrastructure lays the groundwork for cloud-based services

*  Move from distributed virtualization to “IT-as-a-service” via automated self-service portals

*  Classify cloud services and deployment models, and understand the actors in the cloud ecosystem

*  Review the elements, requirements, challenges, and opportunities associated with network services in the cloud

*  Optimize data centers via network segmentation, virtualization-aware networks, virtual network services, and service overlays

*  Systematically secure cloud services

*  Optimize service and application performance

*  Plan and implement NGN infrastructure to support and accelerate cloud services

*  Successfully connect enterprises to the cloud

*  Define and deliver on end-to-end cloud SLAs

*  Preview the future of cloud and network services

 

 

Table of Contents

Introduction xix

Part I Building Blocks for Offering Network Services in the Cloud

Chapter 1 Virtualization 1

Virtualization Basics 1

    One to Many 2

    Many to One 2

Virtualization: A Brief History 3

Server Virtualization 3

    Drivers for Server Virtualization 4

    Approaches to Server Virtualization 5

    Components of Server Virtualization 6

        CPU Virtualization 6

        Memory Virtualization 7

        I/O Virtualization 8

    Benefits and Risks of Server Virtualization 11

Network Virtualization 12

    Drivers for Network Virtualization 12

    Logical Segmentation: One to Many 14

        Path Isolation 14

        Access Control 17

        Sharing Network Services 17

    Network Consolidation: Many to One 18

        Software Defined Networking 19

    Virtualization-Aware Networks 20

    Benefits and Risks of Network Virtualization 21

Storage Virtualization 22

    Drivers for Storage Virtualization 22

    How Storage Virtualization Works 22

    Common Implementations of Storage Virtualization 23

        Array-Based Storage Virtualization 23

        Network-Based Storage Virtualization 23

    Benefits and Risks of Storage Virtualization 24

Summary 25

Review Questions 25

References 26

Chapter 2 Arrival of the Cloud 29

Phases of Virtualization 29

Virtualization Enables the Cloud 31

What Exactly Is Cloud Computing? 32

    A Little History 34

Trends Driving the Growth of Cloud Computing 35

Impact of the Cloud 37

    Spur Innovation and Entrepreneurship Globally 38

    Collect and Analyze Big Data 39

Cloud Challenges 41

    Security 41

    Compliance 42

    SLA: Reliability and Performance 42

    Interoperability 43

Summary 44

Review Questions 45

References 45

Chapter 3 Cloud Taxonomy and Service Management 47

Cloud Service Models 47

    Software-as-a-Service 48

        SaaS Stack 49

    PaaS 50

        PaaS Components 52

    IaaS 53

        IaaS Components 54

    Comparing IaaS, PaaS, and SaaS 55

        Scope and Control 55

        Evolution 56

    Deployment Models for the Cloud 56

    Public Cloud 57

    Private Cloud 57

    Hybrid Cloud 57

    Community Clouds 59

    Open Clouds: Toward the True Intercloud 59

Cloud Actors 60

Cloud Service Management and Orchestration 62

    Service Orchestration 63

Summary 64

Review Questions 64

References 65

Chapter 4 Networks and Services in the Cloud 67

The CIO’s Dilemma 67

Increasing Relevance of the Network 69

    World of Many Clouds 70

    An Even Larger Cloud 70

    Growth of Cloud Data Traffic 71

Monetization 73

    Service Catalog 73

    Network Services à la Carte 74

        OpenStack Quantum 75

    Network Containers 77

        Cisco Network Services Manager 78

Evolution of Network Services for the Cloud 80

    Automation 80

    Virtualization Awareness and Multitenancy 80

    Location Independence 81

Quick Guide to the Rest of This Book 82

    Part II: Inside the Data Center Networks 82

    Part III: Inside the SP Next Generation Network (WAN) 82

    Part IV: Putting It All Together–Cloud Services Delivered 83

Summary 83

Review Questions 84

References 84

Part II Inside the Data Center Networks

Chapter 5 Role of the Network Infrastructure in a Virtualized Environment 85

Trends Influencing the Data Center 86

    Case 1: Acquisition of a Community Bank 86

        Virtualization 87

        Cloud Enablement 88

        Power and Cooling Considerations 88

        Return on Investment 89

        Economy of Scale 90

    Case 2: Service Provider Enabling New Services and Content to Its Customers 91

        Virtualization 92

        Cloud Enablement 92

        Power and Cooling Considerations 93

        Return on Investment 93

        Economy of Scale 94

    Case 3: Public Utility Companies Offering Smart Technologies to Address Power and Energy Requirements in a More Reliable, Economic, and Sustainable Manner 97

        Virtualization 97

        Cloud Enablement 98

        Return on Investment 98

        Economy of Scale 99

    Case 4: High-Performance Computing and Low-Latency Applications 99

        Virtualization 100

        Cloud Enablement 101

        Power and Cooling Considerations 101

        Economy of Scale 101

    Summary of the Use Cases 102

Network Segmentation in the Data Center 102

    Multitenancy 106

    Network Containers 107

Virtualization-Aware Network 108

    Virtual Switching 108

    Network Policy 110

    VM Mobility 110

Virtual Network Services 111

    Fabric Intelligence for Virtual Services 111

Service Overlay 112

Summary 113

Review Questions 113

Reference 114

Chapter 6 Securing and Optimizing Cloud Services 115

Motivations to Design Secure Multitenant Networks 118

    HTTP Tunneling 119

    Web Proxy/Caching 121

Design Considerations for Securing Multitenant Data Centers 124

    Threat: Identity Theft 124

    Solution: PCI DSS Compliance 125

        Operational Challenges 128

        Penalties 129

        How the Cloud Model Can Help 129

    Information Confidentiality 129

        Operational Challenges 132

        Penalties 132

        How the Cloud Model Can Help 132

How Virtual Security Is Enabled: Solutions and Architectures-Based Approach 134

    Traditional Security Approaches as Applied in Virtual Environment 134

        Security Containers: Contexts and Zones 134

        Segmentation and Access Control Lists 134

        Secured Access 135

        Application Security 135

    Virtual Appliance Approach 135

        Cisco ASA1000v Tenant Edge Security Solution 136

        Cisco Virtual Secure Gateway 138

Deployment Considerations 138

Summary 141

Review Questions 141

References 142

Chapter 7 Application Performance Optimization 143

Application Architectures in the Cloud 144

    Three-Tier App Architecture in the Virtualized World 146

    Provisioning and Management 148

Application Performance in the Cloud 148

Drivers for the Transition from Physical to Virtual Network Services 153

    Virtualization Awareness 153

    Agility, Elasticity 153

    Multitenancy 154

    Virtualized Application Delivery Solutions 154

        WAN Acceleration 154

        Server Load Balancing 157

Summary 157

Review Questions 158

Part III Inside the SP Next Generation Network (WAN)

Chapter 8 IP NGN Infrastructure That Supports Cloud Services 159

IP NGNs Evolve in Line with the Cloud 160

Role of DCI Technologies in Delivering Cloud Services 162

    Key Use Cases Enabled by DCI in the Cloud 162

    Workload Mobility in the Cloud 165

    Data Center Interconnect Requirements for the Cloud 166

DCI Solutions to Build Virtualized and Distributed Cloud Data Centers 167

    Transport Option 1: Layer 2 over Dark Fiber 168

    Transport Option 2: Layer 2 over MPLS 173

    Transport Option 3: Layer 2 over IP 176

Ingress and Egress Route Path Optimization 178

Summary 182

Review Questions 183

References 184

Chapter 9 Securing Cloud Transport and Edge Using NGN Technologies 187

Security Challenges in the Cloud 187

Key Requirements to Secure the Cloud 188

NGN Solutions to Secure the Cloud 189

    Providing Secure Access to the Cloud 190

        Internet Protocol Security 192

        Transport Layer Security Protocol 200

        Datagram Transport Layer Security Protocol 201

        Clientless Versus Full Tunnel 201

    Securing the Cloud Edge 202

    Multitenant Traffic Separation 206

Summary 209

Review Questions 210

References 210

Chapter 10 Optimizing and Accelerating Cloud Services 213

Enhancing Performance of Cloud Applications and Services 213

    Role of IP NGN in Optimizing Cloud Applications and Services 213

    How Cloud Services Are Placed Today 215

    Network Positioning System 215

    Cloud Service Placement at an Optimal Location 216

    NPS Solution Components 219

    NPS Operation 221

    Serving Cloud-Based Applications from an Optimal Location 222

    Application Layer Traffic Optimization 223

    Dynamic Extension of Customer VPNs 224

Accelerating Cloud Services 224

    Key Benefits of the Cisco WAAS Solution 225

Summary 228

Review Questions 229

References 229

Part IV Putting It All Together: Cloud Services Delivered

Chapter 11 Connecting Enterprises to the Cloud 231

Cloud Aware Enterprise Networks 233

How Enterprises Connect to the Cloud 235

    Enterprise Managed Cloud Connector Deployment 235

    Cloud Provider—Managed Cloud Connector Deployment 235

    Examples of Cloud Connectors 236

        Cloud Web Security Connector 236

        Webex Cloud Connected Audio 237

        Ctera Cloud Storage Connector 238

        Cisco Asigra Cloud Connector 240

    Future Cloud Connector Concepts 241

        Cloud Broker Connector 241

        Federated Identity Connector 243

        SAML 244

        OAuth 245

        Cisco Ping Identity Connector 246

    Cisco Extensible Cloud Connector Solutions 247

Summary 247

Review Questions 248

References 249

Chapter 12 End-to-End Cloud SLAs 251

Defining and Monitoring SLAs 252

    Network Service Provider 253

    Colocation Service 255

    Application Hosting Service Provider 256

    SLA Targets and Penalties 257

    SLA Assurance and Methodology 258

    SLA Management Framework 260

SLA in a Cloud Environment 262

Complexity of Cloud SLA 262

    Service Level Metrics 263

        Cloud Service Level Metrics 263

        Network Container Level Metrics 264

        Component Level Metrics 266

        Location/Scope for the End-to-End Measurements 266

    Guaranteed SLA 267

    End-to-End SLAs 270

Summary 271

Review Questions 272

References 272

Chapter 13 Peeking into the Future 273

Future Clouds 274

    The Intercloud 274

        Internet Analogy 275

        Intercloud Use Case 276

        Deeper Dive into the Intercloud Vision 277

        Intercloud Challenges and the Role of Networks 278

    Internet of Things 280

        A Bigger Cloud 281

        IoT Use Cases 281

        Sensor Networks and IP 285

        IoT Challenges: Networks to the Rescue 286

Network Evolution Continues 288

    Software-Defined Networking 288

        Hybrid Approach 289

        Challenges 289

    Application-Network Interactions 290

Summary 293

Review Questions 293

References 294

Appendix A Answers to Review Questions 295

 

 

9781587142949   TOC   4/23/2013

 

Purchase Info

ISBN-10: 0-13-273101-0

ISBN-13: 978-0-13-273101-0

Format: eBook (Watermarked)?

This eBook includes the following formats, accessible from your Account page after purchase:

ePubEPUBThe open industry format known for its reflowable content and usability on supported mobile devices.

MOBIMOBIThe eBook format compatible with the Amazon Kindle and Amazon Kindle applications.

Adobe ReaderPDFThe popular standard, used most often with the free Adobe® Reader® software.

This eBook requires no passwords or activation to read. We customize your eBook by discretely watermarking it with your name, making it uniquely yours.

Includes EPUB, MOBI, and PDF

$51.99

Add to Cart