Crossing Tax: Multiplying Complexity in Multicloud
Feb 15, 2018
There’s no escaping the physics: complexity grows with the number of connected devices, users and applications. And, the more variety, vendors and age of your device,the greater the complexity!
Multicloud as the complexity battleground
A war on complexity is being waged as the industry speeds toward a multicloud future. This isn’t true merely because it’s the next wave in networking—it’s true because, with multicloud, our industry loses its ability to contain complexity through rigid boundaries. Simply put, we can no longer hide from the inevitable battle shaping up.
Historically, IT in general and networking in particular have dealt with complexity through an aggressive isolation and containment strategy. We create domains with hard boundaries—around a data center, or campus, or backbone or even an application. Resources are grouped and quarantined. Operations are handled by specialist teams.
As a coping mechanism, this has been the right path. But in creating boundaries, we have added overhead and unintentionally raised roadblocks that are simply not palatable to our businesses that need to keep pace with changing customer needs.
For each boundary, there is a crossing tax as people and systems and processes need to navigate between contexts. Visibility and control tend to stop at the boundaries, rendering workloads immobile, operations domain-centric and change risk-prone with a lengthy negotiation.
Of course, if the transformative promise of cloud is to come to fruition, these boundaries must disappear. And as we lose containment, complexity becomes not just an inconvenience, but an absolute inhibitor of progress.
Understanding the scope of the battleground
The word cloud evokes images of data centers—both private and public. So it’s tempting to think that the battleground will be bounded by the data center. But a complete multicloud view must extend beyond the data center. And anyone claiming a cloud strategy, which doesn’t explicitly call this out, is simply reducing the scope of the problem to fit a partial solution. At best, it’s an insincere representation of the problem to be solved. At worst, it’s an open acknowledgment that the real problem isn’t even understood.
Yes, the cloud exists in data centers, but it also exists at the edge, especially as multi-access edge computing (MEC) and IoT take root. Neither the users nor the client application end-points are contained within the data centers. Users need an on-ramp to the cloud, which means that security and policy management have to extend end-to-end, from network ingress through the application resources and back. This means that a muilticloud future will touch campus and branch networking, and that the security and automation constructs that make it all work will naturally need to span all of the places-in-the-network (PINs).
Building a multicloud-ready infrastructure
Because multicloud requires a presence in all the PINs that make up a customer environment, Juniper is developing seamless solutions for each, tying everything into a whole. And in each, we are committed to using our engineering strength to solve the hard problem of today—complexity. Juniper is effectively declaring an all-out war on complexity.
Today, I am thrilled to share a plethora of new products and services which our teams have built to tackle the challenges of complexity. These new products and services will support our customers in their steady progress towards a multicloud-ready infrastructure.
A simple path to secure and automated multicloud
Ultimately, businesses will not purchase a shrink-wrapped multicloud infrastructure. The migration from contained silos to a more fluid operational environment involves more than just product: it requires architectural planning, tooling and process considerations and of course cultural and skill changes.
Those who understand their future end-state will use every refresh and expansion opportunity to ensure that the areas within their networking environment evolve to become multicloud ready. These teams will be best positioned to take advantage of everything that the emerging trends have to offer. By breaking the migration into consumable steps, their organizations, people and even budgets will be spared the jarring changes more typical of large transformation efforts.
Close no doors
In waging your own battle on complexity and with every decision, make sure you keep your options open. Follow the design principle made famous by Amazon:
“Some decisions are consequential and irreversible or nearly irreversible—one-way doors—and these decisions must be made methodically, carefully, slowly, with great deliberation and consultation. If you walk through and don’t like what you see on the other side, you can’t get back to where you were before.”
With each change, whatever your immediate needs, choosing multicloud-ready solutions can move you forward without sending you through one of these one-way doors.
Juniper Multicloud-Ready Portfolio Expansion
We have announced expansions in every PIN.
For organizations that are refreshing, expanding or consolidating data centers to prepare their IT environments for a secure and automated multicloud, Juniper is introducing new data center solutions, including:
Universal switch for data center spine, data center edge and DCI: The new QFX10002-60C switch can be flexibly used as a spine or an edge device for data center interconnect (DCI). It features 60x100 Gigabit Ethernet (GbE) deep-buffer interfaces. Juniper is also adding the QFX5210-64C, a 64x100GbE port spine switch, and the QFX5200-48Y, a 48x25GbE top-of-rack switch, to its portfolio.
Secure workload transitions with new line cards: The QFX MACsec line card addition to the QFX10000 modular switches provides 30-port 100GbE connectivity for encrypted traffic in and between data centers.
Recognizing that campus networks will play an integral role in mutlicloud security and operations, Juniper is expanding its campus portfolio to include the following solutions:
Simplified campus management with a single point of control: Sky Enterprise is a cloud management service that enables operators to deploy, configure and manage switching and security devices, reducing change errors by up to 90 percent. With an intuitive and easy-to-use web dashboard, managing campus and branch networks is made simpler. Sky Enterprise also gives network operators visibility into wireless access points using Aerohive Hive Manager NG API integration.
Multigig and compact core switches: The new EX2300 and EX4300 switches bring multigig interfaces to Juniper’s campus portfolio. The EX4300 multigig switch supports POE++ for new applications and MACsec to enable a secure on-ramp to the cloud. TheEX9250 switch is a compact campus core that gives enterprises multiple fabric options by supporting both Junos Fusion and EVPN-VXLAN.
Juniper’s branch approach supports a diverse set of software functions, while enabling applications and security control that is in sync with the rest of the network. Juniper’s extended branch portfolio prepares the branch for multicloud with the following offerings:
New network services platform with wireless connectivity: Juniper’s new NFX150 Network Services Platform combines native branch security and hybrid WAN functionality with wireless 4G and LTE connectivity between branches. Built as an extensible platform, it can run third-party virtual network functions (VNFs).
Contrail SD-WAN with new subscription-based pricing: Juniper’s Contrail SD-WAN solution bundles the SRX Series Services Gateway and the NFX Series with the platform and orchestration software required for multicloud-ready SD-WAN. New subscription pricing bundles provide several physical and virtual endpoint options with secure SD-WAN management.
To securely facilitate the migration of on-premises workloads to the public cloud, Juniper is offering a secure and automated way of establishing connectivity to and within public clouds.
Secure connectivity to public cloud: Juniper’s secure cloud connectivity solution combines onboarding services with virtual products (vSRX Virtual Firewall or vMX Virtual Router) available in AWS and Azure to automate the setup of secure IPsec connectivity between data center, campus and branch networks and virtual private clouds (VPCs). The solution gives enterprises operational choice with options that include CloudFormation, TerraForm or Ansible playbooks.
For IT to be successful in their transition to multicloud, it is critical for organizations to consider not only the data center and public cloud, but also the on-ramps of their campus and branch networks. Today’s projects for expansion and refresh provide everyday opportunities to move along the path towards multcloud-ready infrastructure, while meeting the immediate needs of your organization. With each change look for multicloud-ready solutions that take you forward, without sending you through a one-way door.