What is a Cloud & Network Architecture?
Network architecture is the design of a communications network. It includes the physical and logical layout of the network, the framework of accepted standards and specifications of elements, equipment, services, protocols and functions, growth and change assumptions, and high-level operational principles and procedures.
Modern networks encompass a variety of architectural and design principles, which must be understood and articulated by a network organization in order to maintain best practices. Standardized network protocols define how network elements interact, with network architecture design taking the lead on the specification of which protocols are used and how network elements use these cloud computing protocols. Robust network architecture will facilitate system-level functionality as well as robustness, extensibility, and evolvability in the face of changes in software and hardware components, application functions, implementation of security measurements, and external environments.
Cloud Network Topology
A diagram is often used to represent a network architecture. For example, a high-level cloud network topology diagram shows how network components such as routers, switches, carrier services, Internet connectivity services, security devices such as firewalls, and end-user, datacenter, and cloud resources are all connected to each other as an all-encompassing cloud architecture design. A routing diagram may just show routers, which IP prefixes are advertised by each, which Interior Gateway Protocol (IGP) routing protocols, if any, are in use in which networks. A WAN diagram may show where Border Gateway Protocol (BGP) peerings are configured for peerings between Customer Edge (CE) and Provider Edge (PE) routers to implement an MPLS VPN WAN, and where Internet edge routers peer with transit providers.
A great deal of technical knowledge is needed to create a network architecture. Following are just a few examples of the technology domains that cloud network architects need to master to design operational networks:
- Networking and related concepts and protocols such as Ethernet, wireless networking, LTE, TCP/IP protocols, MPLS, OSPF, IS-IS, and BGP routing, VPNs, VLANs, link aggregation groups, ECMP, Hybrid and SD-WANs, and the OSI reference model.
- Internet architecture, routing operations, colocation, Internet exchanges, CDNs, and DNS
- Carrier services such as Layer 3 and Layer 2 MPLS VPNs.
- The practical functionality of various network elements—routers, switches, firewalls, load balancers, WAN optimization devices, DNS servers, authentication servers, server network interfaces.
- Compliance standards in enterprise network environments—HIPAA, SOX.
- Understanding of and ability to translate business objectives into network architecture and technical cloud network designs.
Today’s Network Architecture Challenges
A significant challenge for cloud network architects is navigating the move to cloud computing. The rise of the cloud is forcing network architects to change network architecture to deliver greater cost-efficiency while delivering better cloud computing applications and service performance to internal and external clients. Challenges this specifically brings to the domain of network architects include:
- Legacy network architectures rely on carrier-based WAN services and assume that Internet access is sporadic, light, and non-critical. This means that Internet traffic is typically backhauled from distributed locations to one or more centralized points where Internet routed peerings are implemented. As cloud and SaaS adoption grows, this model is challenged to deliver
- The way that application products are being developed is becoming less monolithic and more service-oriented. This means that cloud network design must accommodate distributed infrastructure such as hybrid clouds, heavy reliance on Internet connectivity for inter-service communications, and the rapid instantiation, movement, and tear-down of containerized services via orchestration.
- A heavy legacy of hardware appliance-based network functions prevents cloud network designs from being agile to accommodate changing requirements.
- SaaS adoption requires higher Internet bandwidth to end-users, while SaaS providers utilize a variety of Internet-based service delivery architectures.
- The move to hybrid and software-defined WANs (SD-WANs), plus direct Internet access (DIA) changes long-standing WAN performance assumptions since the Internet is a highly unpredictable cloud network environment when compared to carrier-based MPLS services.
Planning for Network Architecture Visibility
While network architecture deals mostly with functional communications architecture, it is also important to plan for sufficient operational visibility into network service delivery. This is particularly important for cloud network architects to consider the sea change in overall network architecture pushes more communications outside of the administrative domain of network operations, into the Internet and the cloud. With dependencies on many external networks, services, and providers, traditional network monitoring approaches that assume access to and collection of passive data from IT-controlled infrastructure no longer is sufficient. Internet and cloud-based networks and services require active monitoring-based approaches as a result. While network monitoring is classically the domain of network operations, network architects have an important role in guiding the standards for monitoring visibility and data collection.
Network Intelligence refers to the data, technology, algorithms, and techniques used to collect, analyze and visualize network information for a cloud and Internet-centric world. Network Intelligence helps optimize the user experience of application products and services, by providing understanding into global network topologies including the Internet, along with their dependencies and behavior that impact app and service delivery. Network Intelligence offers insights that support better computing network architecture decision-making. For more information, explore the Network Intelligence page.