security

How a hub and spoke model can future-proof your cloud deployment – Help Net Security


Cloud adoption among organizations has increased dramatically over the past few years, both in the range of services used and the extent to which they are employed, according to Info-Tech Research Group.

Hub and spoke model

However, network builders tend to overlook the vulnerabilities of network topologies, which leads to complications down the road, especially since the structures of cloud network topologies are not all of the same quality.

Right cloud network topology is crucial for optimizing performance

The new research deck states that for organizations considering migrating their resources to the cloud, careful planning and decision making is required. This includes selecting the right topology, designing the cloud infrastructure for efficient management, and providing access to shared services. The advisory deck further highlights that one of the main challenges of cloud infrastructure planning is finding the right balance between governance and flexibility, which is often overlooked.

“Evaluating and selecting the right cloud network topology is crucial for optimizing performance. It also enables easier management and resource provisioning,” says Nitin Mukesh, senior research analyst at Info-Tech Research Group. “An ‘as the need arises’ strategy will not work efficiently since network design changes can significantly impact data flows and application architectures, which becomes more complicated as the number of cloud-hosted services grows. Designing a network strategy early on will give more control over networks and prevent the need for significant infrastructure changes later.”

The research indicates that when organizations move to the cloud, many often retain the mesh networking topology from their on-prem design, or they choose to implement the mesh design using peering technologies in the cloud without considering the potential changes in business needs. Although there are various network topologies for on-prem infrastructure, the network design team may not be aware of the best approach in cloud platforms for their requirements, or a cloud networking strategy may even go overlooked during the migration.

Readers Also Like:  Coro acquires network security startup Privatise | Ctech - CTech

Hub and spoke model for organizations

The new resource explores a hub and spoke model for organizations deciding between governance and flexibility in network design. A hub and spoke network design involves connecting multiple networks to a central network, or a hub, that facilitates intercommunication between them. The hub can be used by multiple workloads for hosting services and managing external connectivity.

Other networks connected to the hub through network peering are called spokes and host workloads. Communications between workloads, servers, or services on the spokes pass through the hub, where they are inspected and routed. The spokes can be centrally managed from the hub using IT rules and processes. This design allows for a larger number of virtual networks to be interconnected, with only one peered connection needed to communicate with any other network in the system.

Designing a network strategy

Organizations that choose to deploy the hub and spoke model face a dilemma in choosing between governance and flexibility for their networks. Info-Tech recommends that organizations consider the following design options when developing a cloud network strategy:

Peering: Peering Virtual Private Clouds (VPCs) into a mesh design can be an easy way to get onto the cloud, but it shouldn’t be the networking strategy for the long run.

Hub and spoke: Hub and spoke network design offers more benefits than any other network strategy to be adopted only when the need arises. Organizations should plan for the design and strategize to deploy it as early as possible.

Hybrid: A mesh and hub and spoke hybrid can be instrumental in connecting multiple large networks, especially when they need to access the same resources without having to route the traffic over the internet.

Readers Also Like:  Ukraine's new tanks an upgrade - but may arrive too late - BBC

Governance vs. flexibility: Governance vs. flexibility should be a key consideration when designing for hub and spoke to leverage the best out of the infrastructure.

Domains: Distribute domains across the hub or spokes to leverage costs, security, data collection, and economies of scale and foster secure interactions between networks.

The firm advises that the advantages of using a hub and spoke model far exceed those of using a mesh topology in the cloud. However, organizations, especially large ones, are complex entities, and choosing only one model may not serve all business needs. In such cases, a hybrid approach may be the best strategy.



READ SOURCE

This website uses cookies. By continuing to use this site, you accept our use of cookies.