Building Secure, Private Cloud Networks for AWS Bedrock

Joint Technical Webinar

The immutable link between CloudOps and user experience

It’s been a little less than a year since Prosimo emerged from stealth and we find ourselves at the forefront of an emerging trend that is long overdue: user experience. Wait. User experience?! You are likely thinking that this is hardly groundbreaking territory and, to be honest, it’s not.  As part of my research for this blog, I found articles associating the network and user experience dating back to the year 2000. It appears that execution, realization, and control of user experience is something that has eluded all of us who have been responsible for creating, securing, or enhancing the path to an application. Not just for a time, for decades. We all knew it was a problem, yet we accepted that daily break/fix tickets were simply a part of life that we would never escape.

Failure to launch

Reflecting on my time both as a consumer and seller of network tech, I can think of many industry trends that were supposed to lead you to the Nirvana of Networking. Single vendor became too expensive so then it was all about multi-vendor infrastructure as part of a race to zero. Then lower costs were discarded for “best of breed,” more so in security than in other functions. Soon thereafter, network and security operations became overwhelmed by the number of device contexts and dialects required to understand and communicate with the network between users and applications.

Network functions were relegated back to single vendor, single OS environments to reduce operational overhead. Specialty JSON and YAML appeared to simplify the configuration of Day 0, but Day N still left everyone back at square one. AI and ML then appeared as the holy grail and attached to almost every vendor’s product marketing promising to usher in the new golden age of networking. I have to ask, “Are we there yet?”

It’s not the trend, it’s the operational model

What organizations (and “box” vendors) discovered over the past two years was that they were highly exposed when it came to delivering or improving a quality user experience. This was especially true for companies that maintain a global user footprint, but mostly regional applications. Deploying a public cloud infrastructure has become an elegant affair thanks to tools like Ansible and Terraform. Both of these tools, however, fail to solve the problem of stitching cloud telemetry streams into a single comprehensive picture. This is precisely where user experience begins to suffer.

Even if cloud infrastructure operations (CloudOps) have been centralized through orchestration tools, functional silos remain that take ownership of functional management tasks. The network manages its virtual routers, Network Security manages its virtual firewalls; NOCs get their flow data, and SOCs get the security events and alerts. Determining where user experience is breaking down is still done in a piecemeal fashion if it’s being done at all. The network is the highway that gets users to their applications, it has to be fast and continuous, not a series of loosely connected segments stitched together with detours.

Jobs to be done vs. the job to be done

When talking to companies about cloud transit, we still see many organizations attempting to rationalize cloud networks through traditional network constructs such as routers, firewalls, and CDN services. Platforms have emerged that orchestrate virtual appliances as well as automate routing and security policy but do nothing for user experience; only the hardest of hardcore network engineers will get hyped about break/fix operations and performing packet captures on virtual appliances (mind you, those running in an abstracted CSP infrastructure).

More often than not a network engineer has zero visibility into whether or not the application is responding as it should further slow problem identification and resolution. This raises the question – did the application ever get what it needed from the network to perform optimally? Furthermore, you also have to accept that monolithic, virtual appliances force you to choose between going as big as possible from the start while paying for more than you need, or you kick that can down the road. If your application auto-scales, but your virtual firewall appliance does not, you will eventually exceed capacity at some point. It’s not bad for a few, but at scale, the wall starts to approach very quickly.

For an individual organizational unit, this is just their job to be done. For the larger organization, the job to be done is to maximize productivity. While an organization may see improvements in time to market through orchestration of network elements, it will still be left with the baggage of virtual appliance lifecycle management (upgrades, updates, security patches, etc.), poor mean time to resolution (or blame/innocence depending on your culture), and questionable control over user experience. When user experience deteriorates, productivity most definitely goes with it.

The operational model has to change

Once your organization goes outside the boundaries of your private cloud, you are immediately hit with what I call the Public Cloud Abstraction Tax. And just like your personal taxes, no one likes paying it and you want to minimize your exposure to it as much as possible. This tax impacts operation and how productive your users are or are not. It can increase quickly once you start to use multiple clouds or churn places you in Technical Debt.

Tactical abstractions that orchestrate individual jobs to be done, but do not address The Job to be done have very little impact on reducing your Abstraction Tax bill. Prosimo’s Full Stack Cloud Transit delivers meaningful abstraction by treating network routing, security, and content delivery as a single service. A single service that can differentiate between network and application problems reducing MTTR and improving up-time. Prosimo is deployed as quickly as any CSP service allowing you to connect users, apps, and networks in minutes without disruption to your existing network infrastructure. This reduces time to market for cloud initiatives substantially more than cobbling together individual functions via orchestration platforms that deliver only marginal value after Day 0; no “rip and replace” means lower risk to the business. Instead of requiring additional, 3rd party services, Prosimo’s zero-trust security and application-specific content delivery policies enrich and secure user experience with quantifiable metrics.

This changes the discussion from the job to be done, to how the job is done. Software has long enjoyed the structure of a Software Development Life Cycle more commonly referred to as SDLC. Yet when it’s time to deploy software on infrastructure, the concept of life cycle becomes a highly segmented ITIL-like workflow at best or herding cats at worst. The point is that there is very little continuity in how we manage and deploy infrastructure versus how we manage software development. Software enjoys visibility and suggestions from the developer population that contribute to its quality. While the security argument can be made (justifiably so) for the isolation of functions, it does not mean that we cannot plan, develop, deploy, and manage our infrastructure as a coherent, end-to-end system.

In summary

The caveat in all of this is that in order to realize meaningful user experience, the operational model for cloud networking – the approach to creating cloud networks regardless of cloud – has to change. Just as application infrastructure has changed from dedicated servers to virtual servers, and now to server-less, we have to change how we create, maintain, and rationalize the network. The network has not received the upgrades that the application infrastructure has, until now. If you would like to learn more about how Prosimo is changing the operational model for networking, I encourage you to hit the link below and take our free trial. You’ll see for yourself – in minutes – how cloud networking has changed for the better.