Organizations have looked to public cloud to accelerate innovation and productivity while reducing their capex spend. While this approach is intended to reduce the friction and risk surrounding business operations, the speed at which network and security are deployed creates residual risk. This is largely due to the complexity of implementing conventional network functions within the abstraction of cloud.
As DevOps continues to push the envelope of what is possible by leveraging best-of-breed, cloud-native application services, network and security have struggled to keep pace. While cloud-native network options exist, these functions are difficult to manage at scale while offering little, if anything, for cross-cloud connectivity. Re-creating the same service-rich fabric that most organizations maintain for their on-prem infrastructure within the cloud remains a challenge that slows application delivery.
Current state of
app-to-app networking
Many organizations and vendors have attempted to rationalize cloud networks by employing orchestration solutions that replicate their on-prem network through virtual versions of conventional network appliances. While this may help in connecting cloud networks and application endpoints, it only serves to create additional complexity. The “allow all” approach of conventional routing policy only serves to break the existing network segmentation and security of cloud-native networks.
Conventional networking is simply not the answer for accelerated and secure application delivery within a cloud-native environment. As virtual routers are allow-all by design, you break the micro-segmentation of the cloud as soon as you “fix” it. This requires that you follow with virtual firewall appliances deployed globally driving up your costs and complexity, or traffic is backhauled through a central point greatly impacting application performance. Relying upon NSGs and ASGs to protect your endpoints further complicates policy management and visibility which eventually translates into tedious break/fix operations.
Always the goal but often forgotten, user experience is a key component of application delivery that is often deprioritized in favor of putting out operational fires. When considering all of the challenges in connecting application workloads across one or more clouds this is understandable, yet we will never be exempt from poor performance simply because we can rationalize it. In order to achieve the accelerated delivery that cloud promises, connecting cloud workloads should not create the operational pain that many now live in today. Curing this problem requires that we have a technology stack that allows us to flatten the operational model.
Prosimo is a cloud-native solution that uplevels your application delivery
Prosimo challenges conventional networking in cloud by leveraging cloud-native network functions to create a network fabric at the application layer. Prosimo’s Autonomous Cloud Networking platform orchestrates cloud-native services to establish local connectivity between application endpoints and a Prosimo Distributed Edge. From that moment forward, all “app-to-app” sessions are proxied and encrypted across the app fabric to other workload endpoints. Whether it is between CSP regions or crossing over to another cloud (public or private), Prosimo establishes secure transit with consistent policy in minutes. This requires limited understanding of CSP services and zero need to understand or configure L3/4 network policies reducing your exposure to technical debt.
Delight your customers and boost productivity by having applications connected - securely - at launch, not days or weeks later.
Use Prosimo to connect networks using Network Transit, but isolate mission-critical workloads using App-to-App Transit
Prosimo's API allows it to integrate with how you work while providing network and application insights. This helps you determine "innocence" faster when a problem occurs.
Prosimo’s full-stack cloud transit is the only cloud network built on an elastic Kubernetes architecture that understands and speaks the language of cloud-native infrastructure. Because Prosimo speaks cloud-native, it establishes connectivity by working in concert with the most efficient network services of each unique CSP without the bottlenecks of monolithic virtual appliances. Prosimo maintains the segmentation of the cloud while eliminating shadow rules and other problems that are a result of device-centric policy management. All this without the operational baggage or downtime of conventional networking.
Prosimo resides within your cloud, administrative control, and data path while leveraging the network SLA of each cloud to deliver maximum performance in multicloud networks.
Orchestration platforms that rely upon virtual appliances limit performance by operating on configured policies which lack global visibility into an ever changing, multicloud network. Other solutions black box network traffic with no real clarity on how the traffic is being routed or what impact those routing decisions have on network performance.
Prosimo platform does not require extensive routing protocol experience keeping you out of technical debt. Gain visibility through detailed telemetry of each cloud network segment in the path; perform all network troubleshooting from a single dashboard.
Cloud network controllers may orchestrate BGP, IPsec, and NAT policy but extensive networking experience is still required to troubleshoot and maintain network fabric. Finding problems may require packet captures on each appliance in a network path.
Updates and patches to the Prosimo Distributed Edge are delivered by Prosimo using Kubernetes best practices without impacting traffic flows.
Customers are required to manage the virtual appliance lifecycle to include patching, reboots, and failovers. A 500 HA appliance deployment requiring a critical patch and reboot means rebooting 1000 appliances. Multiply that by 2 if firewalls are deployed in tandem.
Prosimo Distributed Edge is Kubernetes-based network, security, and content delivery that dynamically scales based on network load.
Inelastic, virtual routing appliances are deployed as a fixed form factor. No way to dynamically scale up or down. Virtual firewall appliances are not vertically or horizontally scalable.
Single, cloud transit management dashboard for network, security, and content delivery deployed as SaaS; Prosimo Distributed Edge is deployed as IaaS within customer’s administrative control.
Cloud network management platform(s) deployed as SaaS or virtual appliances. Network fabric requires monolithic, virtual routing appliances. May orchestrate virtual security appliances but requires additional dashboards.
Prosimo’s Full-Stack Cloud Transit Edge measures network quality across CSP network segments as well as application response times – discerning between network and application issues results in meaningful reductions in MTTR.
Once deployed, Prosimo provides “connective potential” instead of “allow all” Layer 3 routing policy. Connectivity is limited to network segments defined within security policy deployed as an integrated part of the network.
Prosimo’s Autonomous Cloud Networking is enabled by adding machine learning and AI functions that analyze the network fabric. Recommendations for improving performance or reducing egress charges are delivered every 24 hours.
Accepting a daily recommendation or making deterministic changes to the transit fabric are hitless and executed in minutes thanks to a cloud-native, network fabric that maintains consistent policy regardless of changes to the network path.
Prosimo is ready to fundamentally change how you connect your cloud workloads whether in one cloud or across clouds. This means you sleep better at night and your organization enjoys meaningful impact to its business outcomes. Sign-up for a free trial today!