Building Secure, Private Cloud Networks for AWS Bedrock

Joint Technical Webinar

SOLUTION BRIEF

Service Networking

Simplify network and network security operations by maintaining the inherent segmentation of CSP networks while accelerating application delivery

Challenge

Organizations have looked to public cloud to accelerate innovation and productivity while reducing their capex spend.  While this approach is intended to reduce the friction and risk surrounding business operations, the speed at which network and security are deployed creates residual risk.  This is largely due to the complexity of implementing conventional network functions within the abstraction of cloud. 

As DevOps continues to push the envelope of what is possible by leveraging best-of-breed, cloud-native application services, network and security have struggled to keep pace.  While cloud-native network options exist, these functions are difficult to manage at scale while offering little, if anything, for cross-cloud connectivity.  Re-creating the same service-rich fabric that most organizations maintain for their on-prem infrastructure within the cloud remains a challenge that slows application delivery.

Current state of
app-to-app networking

Many organizations and vendors have attempted to rationalize cloud networks by employing orchestration solutions that replicate their on-prem network through virtual versions of conventional network appliances.  While this may help in connecting cloud networks and application endpoints, it only serves to create additional complexity.  The “allow all” approach of conventional routing policy only serves to break the existing network segmentation and security of cloud-native networks.

Conventional networking is simply not the answer for accelerated and secure application delivery within a cloud-native environment.  As virtual routers are allow-all by design, you break the micro-segmentation of the cloud as soon as you “fix” it.  This requires that you follow with virtual firewall appliances deployed globally driving up your costs and complexity, or traffic is backhauled through a central point greatly impacting application performance.  Relying upon NSGs and ASGs to protect your endpoints further complicates policy management and visibility which eventually translates into tedious break/fix operations.

Always the goal but often forgotten, user experience is a key component of application delivery that is often deprioritized in favor of putting out operational fires.  When considering all of the challenges in connecting application workloads across one or more clouds this is understandable, yet we will never be exempt from poor performance simply because we can rationalize it.  In order to achieve the accelerated delivery that cloud promises, connecting cloud workloads should not create the operational pain that many now live in today.  Curing this problem requires that we have a technology stack that allows us to flatten the operational model.

 

Prosimo is a cloud-native solution that uplevels your application delivery

Prosimo challenges conventional networking in cloud by leveraging cloud-native network functions to create a network fabric at the application layer.  Prosimo’s Autonomous Cloud Networking platform orchestrates cloud-native services to establish local connectivity between application endpoints and a Prosimo Distributed Edge.  From that moment forward, all “app-to-app” sessions are proxied and encrypted across the app fabric to other workload endpoints.  Whether it is between CSP regions or crossing over to another cloud (public or private), Prosimo establishes secure transit with consistent policy in minutes.  This requires limited understanding of CSP services and zero need to understand or configure L3/4 network policies reducing your exposure to technical debt.

Business Outcomes

Accelerate everything

Delight your customers and boost productivity by having applications connected - securely - at launch, not days or weeks later.

Take Control

Use Prosimo to connect networks using Network Transit, but isolate mission-critical workloads using App-to-App Transit

Keep all the Ops happy

Prosimo's API allows it to integrate with how you work while providing network and application insights. This helps you determine "innocence" faster when a problem occurs.

Prosimo’s full-stack cloud transit is the only cloud network built on an elastic Kubernetes architecture that understands and speaks the language of cloud-native infrastructure.  Because Prosimo speaks cloud-native, it establishes connectivity by working in concert with the most efficient network services of each unique CSP without the bottlenecks of monolithic virtual appliances.  Prosimo maintains the segmentation of the cloud while eliminating shadow rules and other problems that are a result of device-centric policy management.  All this without the operational baggage or downtime of conventional networking.

How Prosimo stacks up to conventional networking

Prosimo

Conventional

Operational Outcomes

Gain visibility, improve uptime

Prosimo’s Full-Stack Cloud Transit Edge measures network quality across CSP network segments as well as application response times – discerning between network and application issues results in meaningful reductions in MTTR.

Maintain microsegmentation, eliminate blind spots

Once deployed, Prosimo provides “connective potential” instead of “allow all” Layer 3 routing policy. Connectivity is limited to network segments defined within security policy deployed as an integrated part of the network.

Autonomous cloud networking

Prosimo’s Autonomous Cloud Networking is enabled by adding machine learning and AI functions that analyze the network fabric. Recommendations for improving performance or reducing egress charges are delivered every 24 hours.

A network as flexible as the cloud

Accepting a daily recommendation or making deterministic changes to the transit fabric are hitless and executed in minutes thanks to a cloud-native, network fabric that maintains consistent policy regardless of changes to the network path.

Summary

Prosimo is ready to fundamentally change how you connect your cloud workloads whether in one cloud or across clouds. This means you sleep better at night and your organization enjoys meaningful impact to its business outcomes. Sign-up for a free trial today!