View
217
Download
0
Category
Preview:
Citation preview
Leverage the power of the cloud without the security worry.
Private Connectivity to Your Cloud Applications with EarthLink Cloud Express™
www.earthlink.com
November 2015
SOLUTION WHITE PAPER
Cloud Express™:
SOLUTION WHITE PAPER
2
Private connections provide a predictable cloud experience.Cloud services continue to change the way we do business. They offer new levels of scalability, innovation and cost-effectiveness never before possible. Originally used for development and other low-risk computer environments, they are now a mainstream IT feature, and businesses naturally are looking for new ways to leverage the cloud to be more competitive, innovative and profitable.
But concerns around security and performance have led many IT decision makers to keep critical applications in-house or have forced them to create complex and expensive private infrastructure solutions.
Internet-based connections are unpredictable and are a constant target for denial-of-service attacks and other threats that could lead to lost revenue and damage to a company’s reputation and long-term success.
With Cloud Express™, connectivity to the cloud is provided over a private EarthLink wide area network (WAN) and a highly available switching infrastructure that connects with leading cloud service providers.
The main components of the service include:
• EarthLink multi-protocol label switching (MPLS) network
• Cloud Express platform
• Cloud service providers
Cloud Express™
Amazon Web Services™Microsoft® AzureIBM® SoftLayer®
Microsoft® Office 365IaaS Saas
myLink
View and track network utilization
Private MPLS connections isolated from Internet security threats
Secure high availability connection
Access these leading cloud providers
HQ
Branch
Store
MPLS Network
SOLUTION WHITE PAPER
3
EarthLink MPLS — performance starts with the WAN
Traditional connectivity to cloud services meant connections that were based on the Internet — mostly because it was cheap and ubiquitous. For companies that want to take advantage of the cloud for more critical workloads, that configuration is too risky. The Internet and its “best-effort” performance are not acceptable for delay-sensitive applications, especially in converged networks, where voice, video, internet, data replication and enterprise applications are all competing for access to the same bandwidth. Without controls in place, an employee downloading a video stream from a social media site on their lunch hour could impact the performance of an e-commerce application trying to perform a database transaction for an on-line customer.
MPLS, however, provides quality of service (QoS) as well as other benefits, making it the smart choice for enterprises looking for a more “business grade” wide area network solution. When using MPLS to connect to Cloud Express, you can:
• Prioritize mission-critical applications – The ability to assign priorities to your traffic types when they enter the network helps ensure that critical and delay-sensitive applications have preferred status when bandwidth is allocated across the MPLS core network.
• Gain efficiency with any-to-any connections – Meshed topology is another inherent feature of MPLS. Every endpoint and user has direct connectivity to every other network endpoint, without having to configure multiple physical or virtual circuits to each location. This is particularly valuable when running enterprise applications in the cloud that need to be reachable by all of your employees. It eliminates the need to aggregate the traffic at a hub site, as with many Internet-based VPN solutions. And your users are instantly connected as you migrate more applications to the cloud.
• Quickly resolve problems – If problems arise on your MPLS network, they are easily isolated and resolved by your EarthLink support team, because they have end-to-end visibility and control over the connection from your users to their cloud applications. Under Internet-based connections, where there are different access providers, ISPs and other hardware and software vendors in the mix, resolving the problem quickly and correctly is a much greater challenge.
• Control bandwidth costs – Because Internet-based network connectivity does not have the features and controls of MPLS connections, a common solution is to buy more than you need. Overbuilding or ordering multiple connections to isolate your application traffic just adds cost and complexity, because you have to upgrade the downstream capacity of switches, routers, firewalls and other equipment.
Cloud Express Technical Information
Locations:
• East Coast (Ashburn, VA)
• West Coast (San Jose, CA)
Access Options:
• Standard MPLS
• Single-site option
Physical Cloud Interconnect:
• 4x10Gbps connections (LR-SMF)
• Dot1Q encapsulation
• 2N redundancy
• Link aggregation (LAG)
• Virtual network connections
(VNC)
• 2N redundancy (link, switch
and router)
• 50M, 100M, 200M, 300M, 500M
and 1G speeds available (varies
by provider)
Provisioning:
• Layer 2 virtual connections and
Layer 3/BGP
• Optional server migration into
cloud
Firewall:
• Optional virtual firewall
Management:
• EarthLink managed VNC®s
• 99.999% VNC availability
Cloud Service Providers include:
• Amazon Web Services™
• Microsoft® Azure
• Microsoft® Office 365
• IBM® SoftLayer®
• Additional providers available
SOLUTION WHITE PAPER
4
Better security for critical cloud applications
On top of unpredictable Internet performance, businesses also face a significant and growing concern for security. With data breaches, hacks and denial of service attacks on the rise, many IT managers have already been the target of an attack or believe it’s only a matter of time before they become one. By taking every precaution to secure your network, you can minimize risk and minimize the potential severity and length of an attack.
With MPLS, every company’s VPN traffic is segregated from other customers on the network, using label switching protocols. Protection is built into the core network. There’s no need for you to aggregate your traffic into a hub to apply security controls, as with hub-spoke VPN networks – which helps to reduce delay, latency and bottlenecks at Internet gateways and firewalls.
Additionally, your IP addresses are not at risk of being compromised or targeted by a denial of service attack because the MPLS network uses your private address space. Finally, as a managed service, delivered by a single network provider, isolating issues and restoring service can be easier than working with multiple network providers, ISPs and equipment vendors.
MPLS networks enhance security by:
• Using Multi-Protocol-Border Gateway Protocol to separate customer traffic and protect the routing tables of individual customers.
• Assigning unique identifiers to each customer, linking them to a specific VPN packet to prevent the intermingling of customer traffic.
• Providing label distribution protocol between all the routers in the MPLS core and label switching for an added layer of segregation over IP forwarding.
• Removing traffic from the Internet domain and avoiding the risks of denial of service attacks and other malicious activities.
• Providing any-to-any connectivity giving all users direct paths to cloud-based resources.
Portland
Seattle
Sacramento
Las Vegas
Phoenix
Salt Lake City Denver
Minneapolis
Kansas City St. Louis
Chicago
Indianapolis
PittsburghCleveland
Boston
Providence
BaltimoreWashingtonAshburn
Charlotte
Orlando
Tampa Bay
New Orleans
Houston
Fort Worth
Philadelphia
NewarkNew York
Detroit
Nashville
Atlanta
Rochester
Miami
Dallas
San AntonioAustin
Roseville
San JoseSan Jose
San Francisco
Sunnyvale
San Diego
Los Angeles
Camden
San Jose
Dallas
Rochester
Ashburn
MiamiCloud Express
EarthLink’s MPLS network
SOLUTION WHITE PAPER
5
Cloud Express platform — carrier grade connectivity
In the last couple of years, leading cloud providers like Amazon Web Services and Microsoft Azure recognized that customer concerns over security and performance were preventing many companies from moving their enterprise applications into their cloud platforms. To attract these heartier workloads into their clouds, providers quickly developed private connectivity into their platforms that was isolated from the public-facing interfaces.
Through these private interfaces, EarthLink Cloud Express extends connectivity between our customers and their cloud applications. Whether your business uses Amazon Direct Connect, Microsoft ExpressRoute, or any of the other available cloud providers, Cloud Express is a highly available, fault tolerant configuration of carrier-grade routers, switches and firewalls that use these direct paths into the cloud. EarthLink has essentially deployed new backbone nodes into two of the largest colocation, hosting and cloud aggregation complexes in the United States for the sole purpose of giving our customers a better cloud connection. You can direct your customers to our West Coast location near San Jose, Ca., or East Coast location near Ashburn, Va., for a better user experience, or you can deploy services out of both nodes to create a high-availability design.
Redundant fiber cross-connects provide scalable and 2n highly-available direct and private connectivity between our provider edge routers, aggregation switches and the downstream cloud service providers. Firewalls add a layer of protection between these public clouds and our private network customers.
With this infrastructure, EarthLink can rapidly provision customers using virtual network connections between their networks and their cloud provider of choice – or providers. If you are running development in one cloud and production in another, we can configure these virtual handoffs through software, so they are ready when and where you need them. When you’re done with development, you can easily turn down or turn off that virtual connection.
Cloud Express provides a cloud network solution that can scale from 50Mbps to 1Gbps, provisioned through software and visible to you through EarthLink’s customer portal, myLink.
CB meet-meAggregationEdgerouter
CB meet-meAggregationEdgerouter
BGP peering
HA Firewalls
MPLS Network
Amazon Web Services™
Microsoft® Azure
IBM® SoftLayer®
Microsoft® Office 365
Cloud Express
SOLUTION WHITE PAPER
6
Cloud Express architecture: high-performance, secure connections
Your private MPLS network provides a secure connection to cloud service providers by leveraging the Cloud Express architecture and implementation process.
• Edge routers — Interface between cloud-provider network and EarthLink MPLS core. MPLS labels segregate traffic as packets enter and leave the Cloud Express platform.
• Aggregation switches — Physically connect the EarthLink MPLS network edge routers to the cloud exchange meet-me interface. Redundant 10Gbps fiber connections are used in link aggregation groups (LAG) for port and link redundancy and offer bandwidth scalability between the aggregation switches and cloud broker meet-me interface. In-line firewalls add a layer of security to the perimeter of the Cloud Express platform.
• CB meet-me — Cloud broker meet-me switches provide the final physical interconnection to the cloud service providers. Virtual connections between the CB meet-me equipment and the cloud providers are provisioned in near real-
time and monitored through the portal and/or application program interface capabilities. As part of the Cloud Express service – all connections to Cloud Providers are established using redundant virtual network connections over diverse paths.
• Cloud providers — Cloud providers connect to the CB meet-me using direct connectivity service options. For example, Amazon Web Services customers would use AWS ExpressRoute to establish a path from the Cloud Express service into AWS cloud services, avoiding AWS pubic Internet connectivity. This can all be configured by EarthLink during the Cloud Express implementation process. All cloud provider services (compute, storage, etc.) are ordered directly from the cloud provider and are billed directly from each provider.
• BGP peering — Border gateway protocol (BGP) peering sessions must be established between the cloud provider and each Cloud Express customer. EarthLink will perform these configurations at the time of implementation.
SOLUTION WHITE PAPER
7
Best uses for network-enabled cloud
With concerns about cloud security and reliability of cloud connectivity addressed through Cloud Express and private networking, you can take a fresh look at the applications that would be better served in the cloud.
Why support a dedicated, costly internal application infrastructure when you can easily run most enterprise applications using cost-effective, scalable and innovative software as a service and infrastructure as a service providers in the cloud?
The total cost of ownership (TCO) of the cloud is tough to beat when you consider everything that goes into running an application in-house: hardware, software, licenses, maintenance, 24/7 support, space, power, cooling and more. In fact, some estimates suggest that a company can save up 70 percent a year by moving compute and storage infrastructure to the cloud.
And if you don’t think you have the resources to take on such a move — or to determine if it makes sense for your business – there are still options. Most cloud providers have a growing ecosystem of technology partners that can help you replace legacy systems with cloud-based solutions who run on their compute and storage infrastructure.
Consider all of the applications you haven’t moved out of your data center because of their critical dependence on a reliable network:
1. Collaboration – If you are still running an internal collaboration application it may be time to look to the cloud. With a growing number of SaaS solutions aimed at taking the pain out of content storage, management and collaboration, now coupled with predictable network performance for your users and employees, collaboration could be the low-hanging fruit in your internal data center.
2. Productivity tools – As Microsoft® adds ExpressRoute private connectivity to their Office 365 suite and other cloud providers follow suit, it may be time to look at how you are providing these tools to your employees. Because you no longer have to hub your users into a corporate data center for security, you can allow your users a better experience by connecting directly to the cloud over your private network.
3. Disaster recovery – Data replication has always been the 400 pound gorilla when it comes to a solid disaster recovery strategy. But with high-performing network access and class of service with MPLS, you can now send your data replication traffic alongside your other data streams without worrying about critical application response times. If you do need to activate your disaster recovery site, all of your existing users and locations are already connected to that failover site.
4. Point of sale – For businesses looking to lead the pack with a better customer experience and lower overhead, there is a shift to cloud-based point of sale applications underway. All the leading providers have been working on a delivery model that relies on infrastructure as a service (IaaS) provided by some of the big cloud providers. With private network connectivity and Cloud Express, it is now possible to provide secure links to all of your locations.
5. Cloud bursting – The original poster child of the cloud was “capacity on demand” – spillover to the cloud when your internal resources max out. This provided temporary relief during peak utilization periods and avoided deploying more internal infrastructure. Enterprise applications, however, need a predictable and scalable network to do this in an economical manner. With Cloud Express you can use your existing WAN and add cloud sites to your network so private bandwidth is there when you need it.
Cloud Express Features:
• Managed, private
connectivity to the
industry’s leading cloud
service providers.
• Turnkey service that
includes Layer 2 and Layer
3 implementation and
configuration.
• Dynamic, virtual
connections that can
better scale with your
cloud workloads.
• MPLS-based connectivity
supports class-of-service
for your converged
network.
• EarthLink Cloud
Professional Services to
assist with your on-going
migration to the cloud.
Cloud Express
WEST COASTCLOUD PROVIDERS
IaaSPaaSSaas
CLOUD PROVIDERS
IaaSPaaSSaas
EAST COAST
Cloud Express
HQStore Store Store Store
MPLS Network
CLOUD PROVIDERS
IaaSPaaSSaas
EAST COAST
Cloud ExpressHQ
Site
Site
Site
Site
Site
MPLS Network
Standard MPLS
Single-Site
SOLUTION WHITE PAPER
8
Cloud Express configurations
There are two initial deployments available for Cloud Express customers: Standard MPLS and the single-site option.
Standard MPLS – This is for customers that already have or are planning to implement EarthLink MPLS services. During the implementation process, EarthLink will configure your MPLS network to include reachability to the Cloud Express nodes where your cloud applications are running. All of your current and future MPLS endpoints have direct access to applications running in your Cloud Express locations, as shown here in a high-availability, dual site design.
Single-site option – This approach is best for customers who need highly available and scalable connectivity but don’t have or need EarthLink MPLS service. Customers who need to connect only a primary headquarters or data center location to the Cloud Express service can order the service and EarthLink will provision the customer as a single-site MPLS network, enabling connectivity to the desired Cloud Express node(s) in the diagram below.
SOLUTION WHITE PAPER
9
Why EarthLink for cloud connectivity?
EarthLink continues to be a premier provider of enterprise cloud networking solutions. With a focus on helping our customers become industry leaders, we have developed solutions that provide valuable network-based services and support and solutions that let our customers focus on their business initiatives. By reducing costs and offering value-added managed services, we can free up your resources so you can invest in areas critical to your business success. Cloud Express is our latest solution to help customers focus less on their infrastructure and more on innovation and business development.
It provides:
• Secure network connectivity to multi-cloud environments – No business wants to think about what a security breach or denial of service attack could do to their reputation. Cloud Express extends the benefits of MPLS security features and controls directly into leading cloud providers.
• Better performance – No hubbing of traffic into corporate aggregation sites; efficient MPLS label switching technologies create a better overall end-user experience and a system that can handle even your critical applications.
• Business-grade reliability – 99.999s – When best-effort Internet isn’t acceptable for business applications, Cloud Express can provide better reliability and uptime. With resiliency and failover that can’t be achieved on public IP networks and a 24/7 management team that backs up the service with a 99.999% availability service level agreement, you can move more of your workloads to the cloud.
• Speed-to-market – It is not possible to focus on everything. If you want to stay ahead of your competition, you need your resources working on key initiatives and differentiating services – not patching servers and troubleshooting infrastructure. By leveraging cloud service providers, adopting the next technology is faster and easier. There is no capital investment and no need to manage day-to-day system-level capacity and availability. With the secure, predictable performance of Cloud Express you can stop worrying about running business applications in the cloud.
Cloud Express Benefits:
• Avoid hardware or other capital
expense — pay-as-you-go pricing.
• Improve total cost of ownership —
leverage cloud service providers.
• Be more competitive —
quickly adopt new technology
and solutions for better speed
to market.
• Gain predictable network
performance — without
Internet-based security threats.
• Reduced burden on internal IT
resources and staff.
SOLUTION WHITE PAPER
Summary
Cloud Express extends the benefits of the EarthLink network to include connectivity to leading cloud services. As companies look to shift critical applications into hybrid cloud environments with multiple vendors and solutions, a predictable and optimized underlying network becomes more important than ever. Whether you are connecting internal data centers, headquarters locations and/or remote sites to these cloud workloads, you’ll need a high-performing network to ensure the best experience for your users and customers.
EarthLink continues to deploy new technologies and solutions to enhance the value of our core network services so you can better serve your users and separate your business from the competition.
If you want to reduce infrastructure costs and increase the performance, security and reliability of your enterprise network and applications, contact your EarthLink representative. They can provide more information on Cloud Express and the other services we offer to help you meet the ever-changing technology challenges that IT professionals face today.
MPLS Private Backbone
Transactionprocessors
Location 1(T1)
Location 2(DSL)
Location 3(EOC)
Host site(ethernet)
DirectConnect
Data Center Connect
Multicast
Secure WiFi
Secure WiFi
Applicationvisibility &control
DynamicWAN selection
Location 4(4G Wireless)
Cloud Express™Internet
Cloud firewall
EarthLinkmanaged cloud
Amazon Web Services™Microsoft® AzureIBM® SoftLayer®
Microsoft® Office 365IaaS Saas
InternationalMPLS
Internationallocation
Contact us at 1-877-355-1501learnmore@elnk.com | www.earthlink.com
© 2016 EarthLink. Trademarks are property of their respective owners. All rights reserved. MKTPRINT-22
MPLS private backbone
Recommended