Cloud-native architectures highlight gaps in networking products and services

Interconnecting applications and application components that may be distributed across two or more clouds or on-premises datacenters is in demand. Developers, cloud architects and DevOps teams are often accustomed to sourcing their cloud infrastructure as they need, including networking.

In 451 Research’s Cloud Native, Application Networking Evolution 2022 survey, 44% of respondents said their network teams were fully engaged in the acquisition of networking products. In 53% of cases, the networking teams were in a consultative or support role. Only 3% said networking teams had no participation in cloud networking at all.

This should be alarming not only to network professionals being cut out of a sea change in IT, but also to the vendors that purchase and support. Yet few network equipment vendors have a strategy that aligns with enterprises to support cloud-native demands.

The Take

The rise of cloud-native application architecture on cloud services is driving demand for intercloud networking that is as dynamic and cloud-friendly as the services themselves. A number of startups, managed service providers, service providers and multi-tenant datacenter operators — and the cloud services themselves — are offering cloud networking that can be acquired, deployed and scaled on demand. Network equipment vendors have left a gap open for these alternative networking products and services to thrive that some competitors are just starting to close.

New buyers mean new requirements to satisfy. Approaching these new buyers with networking services that they can provision and consistently manage on-demand through development, testing and production — and across multiple cloud services — is the way in.

Context

Enterprises continue to use cloud-native architecture and microservices for new application development, and this is creating demands on the infrastructure that enterprises will have to deal with. These modern applications are potentially distributed across multiple regions within a cloud service or between multiple clouds and on-premises datacenters. Datacenter and cloud networking has worked because applications were usually deployed in one location and not moved. The wide-area networking matched the deployment model.

Cloud services have adapted to some of the dynamism in applications, with advanced networking features that make interconnection simpler and more robust, such as AWS’ Transit Gateway and Azure’s Virtual Network, but those capabilities do little for interconnecting between cloud services.

Mind the gap

The widening gap between the product offerings for on-premises and cloud networking will likely cause a shift in buying toward vendors that can address the unique requirements from a growing set of buyers that are outside of networking. Cloud buyers expect application and technology services to be easy to use, automated, programmable, robust, reliable and ready-to-go out of the box. Cloud administrators are accustomed to services that are licensed on a consumption basis. Networking equipment vendors are “cloudifying” their management systems to appeal to cloud administrators, but they take more initial time to install and integrate with on-premises infrastructure. Much of the day-two operations can be automated through templates built by the vendor or created by IT. This type of integration fits into the organizational structure of many companies, but still requires a skilled networking staff to create, test, deploy and maintain the networking components for both cloud and noncloud environments, which can pose a hurdle for cloud teams willing to move at their own pace.

How competitors can win

New buyers mean new requirements to satisfy. Cloud administrators and DevOps teams want networking services that fit into their existing workflows, meet their operational expectations of a cloud service and don’t require deep expertise to operate. At the same time, the network must be versatile and flexible, adapting to changing demands through programmatic software-defined processes. Providing these new buyers with networking services that they can provision and manage on demand through development, testing and production — and across multiple cloud services — is the way in. The services will need to integrate with other products that connect to the networking in security, application delivery, and the on-premises local and wide-area networks. Networking vendors that offer tight integration with the cloud services, including integration and configuration of networking elements and services in the cloud, should smooth the way to adoption.

Compelling features like microsegmentation, which enforces isolated segments through the wide area and down to individual virtual machines in cloud instances, will be competitive to capabilities that equipment vendors like Arista Networks Inc. and Cisco Systems Inc. have in their cloud offerings. In addition, network visibility and troubleshooting tools will help cloud professionals monitor their networks while sending data to a network monitor or observability platform. Supporting and integrating with on-premises networking via standards-based protocols and proprietary implementations will streamline interoperation with network IT products and provide ways to include the networking team in the management and operation of the entire network.

Equipment vendor strategies

Arista and Cisco are both pursuing similar cloud networking strategies that are likely to appeal more to their core network professional audience than DevOps or CloudOps staff. In both cases, these companies provide a management system that runs in the customer’s cloud or on-premises environment, and can manage both environments. In the cloud, a management VM acts as a management layer, translating commands and responses between the networking functions in the cloud and their network management systems. Intercloud connectivity uses a company’s virtual routers, which will be familiar to network administrators. Both Arista and Cisco have well-developed API strategies in place for integration with automation platforms, as well as deep support for IT operations systems like Ansible and Terraform. The intended operational model is one where network IT defines the network resources that DevOps teams can use. The resources are dynamic templates that take on specific options like IP addresses, routing rules and access controls when they are created in a live environment. The split operational model allows IT to retain control and management of the deployed networking on-premises and in the cloud, while allowing teams to create networking on demand for as long as they need it.

Arista added multicloud networking to its CloudEOS in 2019, and has continued to enhance the product since. It can be used to manage networking in the cloud and on-premises, and to interconnect multiple clouds together. CloudEOS provides access controls called Cloud Network Private Segments, which rely on VxLAN and IPSec virtual private networks to both isolate and connect endpoints down to the VMs in cloud instances. In late 2022, Arista added its CI Pipeline features that simplify the inclusion of network provisioning and configuration into developers’ CI/CD pipelines. CloudEOS is managed via its CloudVision network management system, and will be familiar to its network administrators. Validated designs are available to help customers get up and running quickly.

Cisco rebranded its Cloud APIC to Cloud Network Controller, to signal to customers and competitors that its cloud networking is not reliant on having its Application Centric Infrastructure (ACI) in the datacenter. The Cloud Network Controller is a management VM cluster that is deployed in cloud services — currently AWS, Google Cloud and Azure — and orchestrates the networking and security configurations for each using a consistent management framework. The Cloud Network Controller can also configure ACI in the customer’s datacenter, as well as fabric capabilities in Cisco non-ACI networking for an all-encompassing management system. Interconnection between clouds and on-premises datacenters is facilitated with the Catalyst 8000v virtual router, which provides a common routing domain familiar to network administrators and can enforce network isolation between virtual machines within the customer’s cloud instances.

Neither Hewlett Packard Enterprise Co. nor Juniper Networks Inc. has a well-defined multicloud datacenter or application interconnection strategy in place. HPE is partnering with networking providers like Alkira, Equinix Inc. and Megaport Ltd. for cloud interconnection, but it is not orchestrating changes across its networking partners, which is a competitive hurdle to overcome. Juniper has even less of a cloud networking strategy, emphasizing its traditional WAN technologies. Its Contrail product line is better suited for private cloud deployments using OpenShift, OpenStack or Kubernetes deployments, but currently lacks support for cloud services.

Challenges

Enterprises are starting to purchase cloud networking products and services, and integrating them with their on-premises networks. The buyers tend to be from outside network IT, and represent net-new purchasing centers. The more ingrained these products and services become, the more difficult it will be for incumbents to replace them. Unlike hardware, there is no end-of-life event, which is a common insertion point.

VMware, which all of these vendors partner with to some degree — even Cisco with its NX-OS-based datacenter networking products — recently launched NSX+, which is an as-a-service offering for NSX that can manage NSX instances anywhere. While the only cloud it currently supports is VMware Cloud Foundation on AWS, it plans to add more cloud services in 2024. VMware has a prominent place in the datacenter, with aspirations to dominate in cloud, and providing networking integrated with the rest of VMware’s products could make a compelling alternative to those from its partners and competitors.

“Co-opetition” is real and can rear its ugly head. All of the network equipment vendors sell products to the service providers, MTDCs and MSSPs, including cloud interconnection services. If they do attempt to enter the cloud networking segment, they will need to be careful not to compete with their customers. One avenue is to add service acquisition and management of networking services to their management systems, similar to how Cisco’s Meraki partnered with Megaport on SD-WAN. Such a partnership would streamline management for customers and provide a go-to-market channel for service-provider customers.

Cautious Optimism in Cloud Spending


Want insights on cloud computing trends delivered to your inbox? Join the 451 Alliance.