ISACA Journal
Volume 4, 2,015 


Cloud Computing Success Depends on the Right Network 

Corey Eng 

Many enterprises want to increase productivity, operate more efficiently, and reduce costs by relocating their applications and services to the cloud, but adopting cloud solutions is only part of the strategy necessary to achieve these objectives. Enterprises also need network connectivity that gives employees at every location flexible, reliable and secure access to cloud-based applications and services.

Flexibility, reliability and secure network connectivity is important regardless of the type of cloud an enterprise may choose:

  • Public cloud—Services and infrastructure offered offsite by a cloud service provider (CSP) and accessible to the public via the Internet
  • Private cloud—Services and infrastructure located on the enterprise site(s) and accessible via a private network
  • Hybrid cloud—A combination of public and private clouds, with the enterprise determining which applications and services reside on each

From a network perspective, the provider of a public cloud and that cloud’s users are on different networks, while the provider of a private cloud and that cloud’s users share a private network. In a hybrid cloud, the networks of the cloud provider and the enterprise are securely connected.

Many organizations deploy a hybrid cloud model that allows them to distribute their organization workloads between private and public clouds. In doing so, they can dynamically consume and deliver cloud utilities and services from multiple platforms, thereby ensuring enterprise agility and flexibility.

Not surprisingly, each of these enterprises must have a network that can connect the various cloud components together. By making the hybrid cloud architecture part of the corporate wide area network (WAN), private networks play a critical role in the solution. By using a private network, these enterprises obtain a more flexible interconnection between cloud platforms and ensure maximum application performance and security across a shared network fabric.

The main difference among the three cloud types is “the networking relationship between the cloud user and the cloud provider.”1 Network reliability affects the success of cloud computing. “Regardless of the type of cloud, however, one fact remains true: no network means no cloud.”2

Although the Internet is generally adequate for consumer applications, IT executives do not want to rely on it to support their multinational business operations. As a best-effort network, the Internet cannot guarantee data delivery, quality of service or service priorities. Variable traffic loads have a direct impact on the Internet’s performance and, therefore, on the performance of enterprise applications and services as well. As traffic loads increase, so do performance-affecting issues such as latency, packet loss and congestion at peering points between networks. With no strong service level agreements (SLAs) available for the Internet, neither enterprise users nor cloud service providers have any control over the Internet’s performance. Consequently, they do not have an effective, reliable communications network.

As more and more consumers adopt cloud-based services, especially for streaming media applications, the Internet’s performance problem will get only worse. As the cloud scales to support these applications, the Internet’s performance issues scale right along with it. Ever-greater volumes of traffic traversing the Internet exert ever-greater pressure on this network of networks. Because the relationships between Internet Protocol (IP) backbones are based on peering, growing traffic loads increase the chances of peering congestion.

Although consumers may not notice Internet performance issues, enterprise IT executives clearly need a more reliable, secure, predictable and controllable cloud-networking solution. They recognize that a private-network approach based on Ethernet and multiprotocol label switching (MPLS)-based IP virtual private networks (VPNs) offers a far more reliable approach to cloud networking. Backed by strong SLAs, a private-network approach offers enterprise IT executives the control and visibility into their cloud networks that is needed to ensure the highest possible performance of their mission-critical applications and services, whether they reside in public, private or hybrid clouds.

Knowing that cloud solutions are only as good as the network that supports them, savvy IT executives understand that just as all enterprises are not alike, neither are all networks the same. When vetting potential network partners, IT executives begin with one basic question: Can the network adapt to the unique requirements of the particular enterprise and, thereby, deliver the promised benefits of cloud computing?

Enterprises are looking for a private network that is flexible enough to accommodate the enterprise’s changing requirements, specifically a network that can:

  • Support diverse access methods across all enterprise locations
  • Scale bandwidth wherever and whenever necessary
  • Rapidly provision new connections and services
  • Reach geographically from any enterprise location to any desired end point

In addition, IT executives want that network to perform reliably and securely when transporting data between enterprise locations and the cloud. Finally, they want a private network that delivers all these capabilities at a price that does not break the enterprise’s capital expenditure (CapEx) and operating expenditure (OpEx) budgets.

By partnering with a network provider that has designed its network to satisfy a broad range of cloud-connectivity options, every enterprise can obtain a solution tailored to its unique operational and financial requirements and, thereby, achieve its cloud computing objectives.

Transparent Access at the Edge

For example, a network provider that has built a multilayer network with a layer 2 Ethernet-over-MPLS architecture and a layer 3 IP architecture can offer users transparent network access across all enterprise locations. By interfacing with the customer at either layer 2 or layer 3, using the customer’s preferred access technologies and protocols, the network enables the enterprise to leverage its existing investments in hardware and software. When enterprise traffic reaches the provider edge of the network, MPLS-based equipment routes it through the core to the termination point(s). As a result, users can retain their familiar access methods, and the enterprise obtains cloud connectivity while also preserving its CapEx/OpEx budgets.

Designed for Maximum Need, Priced for Actual Use

Traditionally, some enterprises, like all service providers, have designed extra capacity in their networks just to handle expected spikes in traffic volumes. Fluctuating traffic loads often leave some network capacity idle, and enterprises (understandably) do not want to pay for that idle capacity. Rather, they want the flexibility to burst bandwidth from any location whenever necessary.

To ensure adequate bandwidth at all times while also avoiding the inefficiency and cost of idle capacity, enterprises can partner with a network provider that offers an on-demand, burstable bandwidth model to bill for actual usage. An enterprise can deploy ports of varying sizes to accommodate the requirements of each of its specific locations, for example, 10 Mbps to 300 Mbps to 1G to 10G. This model allows the enterprise to connect at each location with a port that is larger than the location’s committed data rate (CDR) and have the flexibility to burst up to the port’s maximum capacity whenever application performance requires additional bandwidth. Alternatively, the enterprise can agree to a single CDR that covers all locations in the aggregate, rather than on a per-location basis, and burst capacity simply at individual locations whenever necessary. With this flexibility, the enterprise never has to worry about perfectly sizing port capacity at each location.

For example, an enterprise with 10 sites has deployed a 1G interface at each site and commits to using 1G of capacity across all 10 locations. At any given time, one location may be using 100 Mbps of capacity, another is using 50 Mbps and a third location is using 200 Mbps. Because each of those 10 sites has a committed 1G port, all 10 of them can burst up to 1G whenever an application or service demands that amount of bandwidth. However, the network provider bills only for the capacity the enterprise actually uses.

Compare this scalability model to most network providers’ approaches, which require the enterprise to choose a CDR at each port. The enterprise has neither the flexibility to burst capacity on an as-needed basis nor the flexibility to pay only for the capacity it uses. Rather than obtaining network capacity tailored to its changing requirements, the enterprise must try to force-fit its changing requirements to the rigid CDR-per-port model.

Accelerating End-to-End Service Provisioning

Regardless of the industry in which they operate, enterprises must be able to respond quickly to changing conditions in today’s competitive global economy. Their ability to do so depends, in large part, on how quickly they can obtain connections to the cloud for new locations and/or for new services and applications required by existing locations.

One of the biggest challenges for most network providers is the ability to provision new connections and services quickly and efficiently. Many network providers continue to rely on manual provisioning, and some prefer to trench their own fiber from their points of presence (POP) to the customer premise rather than leasing the local loop. As a result, enterprises often must wait for weeks or even months before they acquire the connectivity they need.

However, by engaging with a network provider that not only automates provisioning tasks but also has network-to-network interfaces (NNIs) with cloud service providers and local access providers, enterprises often can obtain new connections and services within a few days. By maintaining a central, comprehensive database of every circuit, network element and inventoried part, along with associated costs and pricing, the network provider avoids running discrete silos of provisioning tasks.

By colocating in data centers with leading CSPs such as Microsoft Azure, VMware and Amazon Web Services and by maintaining NNIs with them, the network provider can provide new cloud services very quickly. When the enterprise requests connectivity with one of those CSPs, the network provider has to enter only a few keystrokes to set up the virtual local area network (VLAN), after which the enterprise is connected. Further, the network provider can expand the enterprise’s existing cloud services right away, for example, by adding more capacity and more virtual machines.

By using the same NNI strategy with top local access providers in the vicinity of every POP, the network provider can rapidly and efficiently create new locations for the enterprise. Through fast provisioning of end-to-end connections and services, the network provider helps enhance enterprise productivity, efficiency and competitive capabilities.

Global Connectivity

Enterprises can take advantage of the network provider’s emphasis on NNIs to get to just about anywhere in the world. Each time the network provider extends its network reach, it immediately establishes NNIs with multiple local access providers. Consequently, by partnering with a network provider that has global reach, multinational enterprises can be sure that door-to-door connectivity is available to all their locations throughout the world.

Delivering Reliable, Secure Cloud Connectivity

When it comes to transporting data between an enterprise location and the cloud, IT managers want a cloud-networking partner that takes network reliability and security just as seriously as they do. By implementing a multilayer network architecture, with layer 1 optical fiber connecting all POPs and Ethernet-over-MPLS layer 2 transport, a network provider builds top-notch reliability, performance and security into the infrastructure.

Rather than taking a single-threaded approach to traffic routing, the network provider offers both physical diversity and route diversity. First, configuration of the layer 1 optical fiber ensures multiple, diverse paths for enterprise traffic; in the event of network congestion or a fiber cut, the network immediately reroutes the traffic onto an alternative path. Second, the use of MPLS ensures multiple routes for traffic traversing the network.

To ensure high-quality network performance, the network provider typically controls the routing for an enterprise by using MPLS traffic engineering to select the most direct route possible, with the fewest number of hops, the lowest possible latency and the maximum available bandwidth between end points.

The use of MPLS-based technology at layer 2 ensures the security of enterprise data. Because the network provider encapsulates all the enterprise data and isolates them from other customers’ traffic, the enterprise is the only entity with any knowledge of the information content traversing the network.


In their ongoing quest to increase productivity, enhance operating efficiencies and reduce costs, more and more enterprises are moving to the cloud. Although the cloud and all of the virtual solutions residing within it seem to get the most attention, IT executives know they can take advantage of the cloud’s capabilities only if the enterprise has the right kind of cloud connectivity. They also recognize that not all networks are built to give the enterprise flexible, reliable and secure access to cloud-based applications and services.

Consequently, IT executives want to partner with a network provider that understands that each enterprise has its own set of unique connectivity requirements. By working with a partner that can tailor its network capabilities to the needs of each enterprise, every enterprise can achieve the operational and competitive benefits that cloud computing promises.



1 Cisco, Networking and Cloud: An Era of Change, 2011,
2 Ibid.

Corey Eng is a veteran of the telecommunications industry, with more than 20 years of industry experience. Prior to joining GTT, Eng held several senior-level positions with leading telecommunications companies, including Comcast, Nextel, Broadwing, Winstar, Go Communications and MCI.


Add Comments

Recent Comments

Opinions expressed in the ISACA Journal represent the views of the authors and advertisers. They may differ from policies and official statements of ISACA and from opinions endorsed by authors’ employers or the editors of the Journal. The ISACA Journal does not attest to the originality of authors’ content.