In order to truly integrate SD-WAN applications into multi-cloud environments, Cisco and Google announced on Tuesday they've partnered on a new platform. Cisco and Google, who first announced they were partnering last year, have created Cisco SD-WAN Cloud Hub with Google Cloud to extend applications into multi-cloud environments while also providing improved security, orchestration and service level agreements (SLAs.)
To date, SD-WAN vendors and service providers have created multiple SD-WAN on ramps into the various clouds, but those solutions stop at the network edge.
"Customers are already adopting a hybrid multi-cloud strategy," said Cisco's Sachin Gupta, senior vice president of product development for the company's' intent based networking group. "Now CIOs are asking how can they efficiently, and in an automated way, deliver the right security and the right application experience for all those applications for all of their users?"
Cisco and Google eliminate the need for having an SD-WAN application going back to a data center, or into a colocation facility, before going into a cloud. The joint solution takes the SD-WAN overlay from campus and branch locations into Google Cloud while also extending security, encryption and segmentation into multiple clouds via Google's Anthos. Using virtual routers, Cisco can create a virtual hub in the cloud to replicate all of the benefits of having SD-WAN on premise or in physical locations.
Anthos is an open hybrid and multi-cloud application platform that offers telecommunications companies the flexibility to modernize existing applications, build new ones and securely run them on-premises and across multiple clouds.
"Anthos allows Google to abstract any cloud environment and use the same tools and mechanisms that they use inside Google Cloud in any other cloud environment," Gupta said. "What that allows is the application to register into the Google Cloud Service Directory, and then make the SLA requirements known and publish the APIs. Our Cisco Virtual Managed solution integrates with the Google Cloud Service Directory. We can dynamically learn about new applications and their SLA needs and react to those on the fly.
"Those applications can be different types. It could be this application requires that all traffic, data in motion, must be encrypted. Every session we create must be an encrypted IPSec session. It could be that this application requires that the lowest latency path always be used. Another application may just need something that has very high status availability at the lowest cost. That's something that can inform our Viptela SD-WAN solution on what path to take. So these are some examples of the dynamic automated integration we have from an application point of view."
By using API connections between Cisco's Viptela-based SD-WAN and Google's cloud, information can be collected on each application's needs via integration with Google Cloud Service Directory.
"Through that information, if an application needs a lower latency or different kind of experience, we can automatically adjust the SD-WAN fabric to deliver that," Gupta said. "And then similarly, if the network sees issues in a particular task, we can automatically inform the Google Cloud Service Directory to move the workload to another location so that we can take a different path and still provide the best experience.
"So it's a bi-directional approach that makes the network more application centric, and makes the cloud environments more network aware, and network experience aware."
Tapping into Google Cloud's backbone
Customers can also opt to use Google's backbone as an underlay to work with the SD-WAN overlay fabric to move their applications around the globe by picking the most optimal paths for their software-as-a-service (SaaS) applications.
"We're really extending this notion of policy intent, or intent based networking, from not just the access on the wired and wireless side to SD-WAN but now into a multi-cloud environment and making it application centric," Gupta said. "So it may be that instead of using the public internet for some critical SaaS applications that I'm using, I'd rather go through the Cisco cloud into the Google Cloud backbone and from there go to the SaaS application.
"If they want to connect into this Cisco Cloud Hub, and then use that to carry the traffic and then use Google's backbone to connect to a SaaS application they can then connect to their own data center or to another of their own sites."
The platform combines SD-WAN with the benefit of Google's private backbone in order to provide a better end-to-end experience and improve quality-of-service (QoS), along with the added advantage of application security policies for SD-WAN.
Partnering with SD-WAN vendors and service providers gives Google and the other hyperscale providers access to the last mile connections that they lack.
Tapping into Google's backbone is similar to the approach that Mode and Teridion use in partnering with SD-WAN vendors across private networks. Cato Networks and Aryaka have made their SD-WAN chops by providing SD-WAN services over their private networks.
It's also along the same lines as Microsoft's Azure vWAN. While Cisco touted its new platform with Google as an industry first, Microsoft Azure and Amazon Web Services could also offer something similar. Google could also opt to work additional SD-WAN vendors. Gupta said that Cisco SD-WAN Hub with Google Cloud has been in the works for three or four months, and it was developed in response to customers conversations around getting the agility and scale of the cloud without compromising on the security and application experience. The solution will be in trials later this year before becoming generally available in the first half of next year.
"The partnership between Cisco's Viptela SD-WAN solution and Google Cloud is an example of ongoing initiatives by SD-WAN vendors to improve the QoS and security of their offerings, especially when it comes to public and private cloud integration, said Roy Chua, founder and principal at AvidThink. "Leveraging Google Cloud's backbone provides the QoS component, while identity and policy integration between Cisco's Cloud Hub and Google Cloud should lead to improved security and unified application controls.
"We expect that this type of partnership between the major SD-WAN players, and the major cloud providers will continue to be forged over the next few years. However, given the diversity of cloud application platforms and SD-WAN vendors, it will be a while before we see some stability around a standard approach. Mapping across diverse security, quality-of-service and application frameworks in a multi-cloud world is not an exercise for the faint of heart. Nevertheless, this is a good start."