Mutli-Cloud Networking

True secure overlay based networking between public cloud and private cloud

Multicloud is when an organization uses cloud computing services from at least two cloud providers to run their applications. Instead of using a single-cloud stack, multicloud environments typically include a combination of two or more public clouds, two or more private clouds, or some combination of both. By having the freedom to create a strategy that utilizes multiple vendors, you can pick and choose the capabilities that best suit your specific business needs and minimize vendor lock-in.

Multi Cloud Networking or MCN technology provides the capability to build a logical, software-defined, secure network to cloud applications across multiple private clouds, datacenters, and public clouds.
This can also be called as cross cloud secure networking.

Challenges that MCN solves

  • Administrative overhead — “I have to open 28 browser tabs to make a simple change, such as an access control list (ACL).”
  • Bandwidth limitations — “I can only get 1 Gbps via a VPN tunnel, and I need more.”
  • Full networking stack — “I want to manage connectivity/routing, Domain Name System (DNS), CDN, load balancing and web application firewall (WAF) from one place, not via disparate point features from separate providers.”
  • Advanced network routing — “My cloud provider doesn’t support encrypted peering, Border Gateway Protocol (BGP) route encryption or BGP route approval.”
  • Inconsistency across providers — “I have to use different consoles and terminology to provision and troubleshoot applications in Amazon Web Services (AWS) versus Microsoft Azure.”

Top Players in MultiCloud Networking are:

  • Alkira 
  • Aviatrix 

 

You can develop you own Mutlicloud Networking if workloads are less:

Simple IPSec tunnels: You can follow simple steps to create secure fabric between clouds, for this case I am taking e.g. of AWS on high level.
a) Create VPC transit gateway and connect all your in region VPC
b) Build IPSEC tunnel between VPC Transit gateway and run BGP for route exchange.

Automation using Ansible or Teraform:
a) You can use ansible scripts which are very easy to implement and use.
b) build your information in a file and use that file as Ansible variable to pick the information and push to each VPC.
c) You can refer : https://docs.ansible.com/ansible/latest/collections/amazon/aws/ec2_vpc_net_module.html for more details.