Home
Resources
Whitepapers

Network Management Strategy for Multicloud Planning and Optimization

Executive summary

Companies are currently in the middle of their journey towards multicloud architectures. Micetro, an overlay solution by Men&Mice, will give you visibility and management to disparate DNS, DHCP, and network/IP services in your system. With this centralized visibility and management, you’re more easily able to improve, troubleshoot, and report on our networks.

Overlay solutions also provide a central API that you can use to automate workflows for continuous improvement of the network environment. Using the overlay to communicate with the underlying services, you can change or adapt those underlying services as requirements change during the migration to mutlicloud, while still maintaining the use of consistent automation workflows.

All of this together leads to more resilient networks that allow you to minimize or even avoid painful downtime windows and improve change management processes in ways you haven’t been able to with traditional network management solutions.

What is multicloud?

Multicloud design strategies allow IT departments to use multiple platforms, including on-premises and public cloud solutions, in a holistic way for their data centers and campuses. While multicloud definitions are still debated, the ideal goal would be to use the best tools and platforms for a company’s service offerings, while maintaining simplified operations and visibility to the entire system. A simple analogy would be the modern smart phone. You can see all of our services, account information, and data in one place which is easy to navigate. No matter the app, alerts and notifications arrive at the same place with the same behaviors, and new apps are simple to deploy.

True multicloud, where companies are able to manage their entire network and service infrastructure from one pane of glass is purely vision at this point, and no companies have achieved this level of abstraction. Multicloud, like many things in IT, is a journey in which the goal for IT departments would be to strive for simplified operations.

Multicloud_2.png

Many companies, at this point, are somewhere in the middle of this spectrum. IT departments have been using a mix of on-prem/private cloud, public cloud, and SaaS for several years now. Often these platforms are managed by different teams, using different IPAM, DNS, and DHCP services with no visibility into the other siloes. Moving towards simplified operations and management will help break down these siloes and offer a contextualized view of DDI services, as well as the ability to create consistent workflows no matter where end points reside.

Why plan for multicloud?

While simplifying operations is certainly something IT teams continue to strive for, there are more specific pain points that lead architects to considering a multicloud infrastructure.

Disaster Recovery

Disaster Recovery (DR) is often “the gateway” to the public cloud. Maintaining an entire physical DR location is resource intensive, especially if it’s far away from where your IT team lives (which is often the case). If architects design for DR in the cloud, there’s no need to maintain another server and network infrastructure, or cooling and power.

Performance

People have high expectations for performance from apps these days. Depending on the services you’re offering to your customers and employees, you may find that multiple cloud vendors and private cloud locations are necessary. Some services will run better on Azure as opposed to AWS, and vice versa.

There’s also an argument to be made that having the data and/or the service running closer to the end point helps performance, and therefore having regional availability of that data in the public cloud could become important.

Vendor Management and Lock-In

There are likely a couple of reasons why you picked a certain vendor for your networking and/or cloud needs: technical capabilities, cost, or maybe both. You picked the best solution for what was possible at the time. However, things change. Other vendors catch up with features and prices change as the competitive pool gets larger. When it comes time to make a move a multicloud design using overlay solutions and automation, will make it easier to migrate to another vendor. This is the idea of sustainable networking. Use the best underlying services for the job, but try to avoid downtime and disruption by using an overlay solution to manage them.

Compliance

If you’re part of a large international company, you’re well aware that certain countries require you to store data within that country. Rather than building new physical data centers and campuses in every country, the public cloud can be a great alternative to make sure you’re compliant with your customers’ needs. No matter how you handle this, though, managing and viewing the entire system from a centralized place will contextualize information, and provide the reports and analytics you need to prove your compliance.

How to simplify your multicloud operations

No matter why you’re moving to multicloud, where your IT departments are in their journey to hybrid or multicloud, simplification is key. The more you simplify, the more you reduce mistakes and make networks more resilient than technology has allowed in the past. There are really only a couple ways to simplify when you’re considering a multicloud infrastructure, through abstraction and automation.

Abstraction

Abstraction allows network operators to use an overlay solution as their central point of management and visibility, and in some cases allows the operator to manage several different underlying services from different vendors. Abstraction gives you two major benefits in this context: centralized management and simpler migration options.

Multicloud_graph_2_overlay_solution.png

Centralized DNS, DHCP, and IPAM

Even if you’re only working with one site, on-premises, and using Microsoft and/or BIND to manage your internal and external DNS, DHCP, and IPAM, you’re likely having to go to several places to manage this. There’s a lack of visibility and context for your entire network management system. When IT departments start deploying multiple sites and public cloud instances, this becomes even more complex as you start using the DDI services native to that environment. With an abstraction layer you can continue to use the underlying services to dole out IPs and handle DNS, but you manage it from that overlay solution. Thereby giving you a central point of visibility, management, and analytics as well as a central API.

Another point for centralization is the consideration of both IPv4 and IPv6. Being able to manage both versions, as well as having visibility, is only going to give engineers and architects better context in which to troubleshoot and improve their networks.

Migration

You think of migration as simply happening only when you move workloads to other places, for example from on-premises to the cloud. However, migration is actually a large part of a network engineer’s job. The same types of migration considerations happen when refreshing any part of the network, moving to new protocols like DHCPv6, or building redundancy and disaster recovery run books. These are all exercises in migration. By using a software overlay solution, you can avoid some of the pain points that

usually come along with a migration. As underlay solutions change, for any reason, the overlay solution has the up-to-date data that can be easily exported to the new solution. Usually these will be done in a side-by-side migration, so when it comes time to switch over, there may only be a small window of possible disruption, if any at all.

Automation

A central API is integral to simplifying operations because it allows you to build a more consistent and therefore reliable infrastructure. With Site Reliability and consistent workflows, you can reduce the fragility of your DDI system.

Site Reliability

Many people make the mistake of thinking automation is about saving time, and while that might be a byproduct, it’s actually about creating reliability. For example, if you create a workflow for deploying a new server, you can be sure that every server is created in a consistent manner with no human error, including where it goes to get DHCP and DNS information. That’s a simple example, but as you bring in larger orchestration models, you can see how this leads to more consistent networks, or even entire sites. This is part of the idea of Site Reliability, as originally coined by Google.

You can go beyond simple deployment workflows to consider troubleshooting and reporting as you move towards Site Reliability in our mutlicloud environments. The idea of the CI/CD (Continuous Integration/Continuous Delivery) in DevOps lets us continually improve our networks to move beyond traditionally fragility.

Multicloud_infograph_3.png

Use the Same Workflows On-Premises and in the Cloud

Creating workflows for several different underlying services adds to the complexity, and actually goes against the consistent ideal of automation. With an overlay solution, there is just one API and then you let the overlay “talk” to the underlying services, as long as that compatibility is built-in. Now, no matter where you’re deploying that server, as in the example used above, you can use the same workflow. Even if those underlying services may change as you may different decisions about the underlying services, you’re still able to use that Central API, in some cases without any disruption to the services offered to our employees and customers.

How does Micetro help?

In order to move to a multicloud architecture for reasons previously discussed (disaster recover, performance, compliance, and vendor lock-in management) or others, it’s necessary to enable your

team or consultants to migrate to the public cloud. In some cases this will require DDI services in several Virtual Private Clouds (VPCs) or similar depending on which cloud vendor you’re using. While this can be done manually, there are likely to be several inconsistencies or even errors. Access control may also be very difficult to manage, since there may be several different accounts for different teams managing these platforms. This is where Micetro, by Men&Mice, shines.

Micetro is a software overlay solution which can be deployed on-premises or in the public cloud. It’s built to help keep large enterprise networks connected by transforming the way you see and control your IP infrastructure. Building on the strength of its unique underlay agnostic, software overlay architecture, Micetro pulls together critical DNS, DHCP, and IP information from on-premises, cloud, hybrid, and multicloud environments. Thus creating a comprehensive network overview and with centralized management and control.

Agnostic Vendor Support On-Premises or in the Public Cloud

· Centralized IP management which helps you see potential issues across your entire multicloud infrastructure

· A single abstraction layer for managing DNS, DHCP, and IP information across multiple services such as:

o Azure

o AWS

o Akamai

o Dyn

o NS1

o Microsoft Active Directory

o BIND

o Cisco IOS

o ISC/KEA DHCP

o Unbound

o Power DNS

o VMware vRealize

Migration

· Micetro enables bidirectional synchronization and compatibility with multiple vendors so that you can choose the right vendor at the right time for your underlay DDI services.

· Make migration easier by running bulk migration changes across servers and platforms.

o Choose to start with DNS data that may be low-risk for long term testing in production

Manage Vendors and Ensure Redundancy

· xDNS Redundancy

o Enables the replication and synchronization of critical DNS zones across multiple DNS service provider platforms, ensuring the DDOS attacks and other DNS failures are mitigated and your network remains resilient

o Treat your On-Premises DNS as the primary while having consistent replication in cloud DNS services so DNS zones stay in sync

o Reduce cloud costs by avoiding deployment of several virtual appliances in all your VPCs

Get the Best Performance

· With native support for multiple vendors, you can use the most performant cloud or on-prem environment required by the applications you deploy

· Gain the flexibility to change vendors based on performance, because of consistent replication

Ensure Health and Security

· Granular Role Based Access Control (RBAC) consistent across all platforms

· Active Directory Users and Groups Integration

· Single Sign On (SSO)

· Health Monitoring

· Audit Trail

· Advanced Reporting

Automate with the Reliability of One API

· Single API to create consistent workflows no matter where resources reside

· DNS workflow capabilities

· REST/SOAP/JSON-RPC Support

· Terraform/Ansible

Conclusion - Abstraction and automation are key

Overlay solutions, with a central API, will help you move towards a multicloud architecture at your own pace with minimal to no downtime. Micetro is such an overlay solution that will work with your environment as it is now and grow with you even as more complexity is required.