According to a recent report by Enterprise Management Associates (EMA), “Multicloud Networking: Connecting and Securing the Future,” which surveyed 350+ IT stakeholders who work in multicloud enterprises, 88% of enterprises plan to use two or more infrastructure as a service (IaaS) providers. The report’s author Shamus McGillicuddy, Vice President of Research of Network Infrastructure and Operations at EMA, said, “When enterprises build networks across multiple clouds, the native networking technologies offered by their various cloud providers become roadblocks to success. Networking professionals tell us that cloud provider solutions are bandwidth-constrained, less cost-effective, and lack advanced features. They also lack a breadth of network security capabilities. Third-party, end-to-end solutions to multicloud networking become essential in these enterprises.”
As part of this report, McGillicuddy spoke with Aviatrix customer Keven Hamann, IT Solution Architect for HAPEV, a German insurer, to help validate the report findings. Below are some highlights from that conversation.
Security and Compliance Requirements Dictated a Multicloud Networking Solution
Two years ago, HAPEV used no public cloud services. All of its applications were hosted in its on-premises data centers. Then the business decided to transition directly to a multicloud strategy, with applications hosted in both Amazon Web Services (AWS) and Microsoft Azure. The IT infrastructure team immediately realized that networking was going to be a challenge. Getting the network right was critical for HAPEV because as an insurance services company, it must adhere to the highly regulated industry’s requirements. Hamann noted that the network needed consistent compliance controls across AWS and Azure. Regulatory compliance also required that the IT infrastructure team be able to inspect traffic across the multicloud network to detect potential malicious activity.
“When we looked at multicloud, we tried to anticipate what kinds of problems we would have,” said Hamann. “The main problem we saw was with networking. Each cloud provider has a specific way of doing networking, from a global level to a regional level down to subnets. You have to learn specific naming schemes. To secure a workload in AWS, you have to use a completely different technical solution than what you have in Azure. It’s not easy to handle both at the same time.”
Aviatrix Makes Multicloud Networking “Too Easy”
After defining the requirements, Hamann and his team selected secure cloud networking software from Aviatrix to build HAPEV’s new cloud network. The IT infrastructure team used Aviatrix to deploy gateways in each AWS and Azure region with centralized, secure ingress and egress, and firewalling. They also interconnected all cloud regions with Aviatrix’s cloud transit capability.
According to Hamann, “At first it seemed a little too easy. When you have two separate hyperscale cloud providers, building interconnects between them is not easy. But deploying Aviatrix gateways and using them to connect the providers was not difficult. All our traffic is now centralized over the transit gateways. We have a full mesh network with firewall inspection.”
Automation and Orchestration with Terraform
Hamann also integrated his Aviatrix solution with Terraform, the tool that HAPEV uses for multicloud infrastructure orchestration. This allows his team and the DevOps team to make automated changes to the network as needed.
“It’s very easy to scale up and down the mesh. We can expand the mesh into other regions in two clicks,” he noted.
Deep Visibility Matters—CoPilot Delivers Just That
On top of the resilient and secure network that HAPEV was able to establish, Hamann’s team has the network visibility it needs, too, using Aviatrix CoPilot, which provides full visibility into network traffic by leveraging Aviatrix network software that is directly in the data plane across the multicloud network. It collects and analyzes traffic data and metrics from these data plane elements to provide global visibility. CoPilot not only helps address HAPEV’s security and compliance requirements, but it also provides excellent support for operational monitoring and troubleshooting.
Hamann noted, “It’s cool how you can get traffic visibility over the whole multicloud network mesh. You can get a quick view of where packets are coming from and where they are going.”
Up-Skilling IT with Aviatrix Certified Engineer (ACE) Certifications
To ensure that the IT infrastructure team is fully capable of meeting the networking needs of HAPEV’s multicloud environment, Hamann and his team are working with Aviatrix on multicloud networking training. Hamann and three other members of his team have completed training and certification programs, becoming Aviatrix Certified Engineers (ACE).
“ACE certifications are the best knowledge you can get on public clouds,” Hamann said.
For more stories of companies finding secure cloud networking success with Aviatrix, visit: https://aviatrix.com/featured-customers/.
Ready to Discuss your Cloud Network Architecture? Schedule a consult with us here: https://aviatrix.com/schedule-advanced-cloud-services/