Multi-region cloud deployments create complexity
The combination of a hybrid cloud migration and the long-term needs of a hybrid workforce are shining a spotlight on the need for consistently secure, high quality access to on-demand compute resources.
Requirements for low latency across geographically distributed workloads, resiliency, and compliance with data privacy regulations are driving organizations towards multi-region deployments in the cloud. While this can be done manually by using VPC peering and static routes, management complexity increases with scale and can be error-prone. To make networks streamlined and scalable, organizations need a dynamic and central way to manage their multi-region deployments.
Multi-region cloud deployments: complex, manual static routes and VPC peering
All the hybrids: cloud and work
Cisco Meraki has a globally-proven cloud platform that unifies secure SD-WAN, Access, and IoT technologies—empowering enterprises to deliver high quality hybrid work experiences. The platform allows secure and optimized SD-WAN connectivity to hybrid cloud environments, including AWS, in just three clicks. This Meraki SD-WAN capability is delivered through MX appliances that are available in physical and virtual (vMX) form factors where the latter can be spun up within AWS. Remote workers can also easily connect to vMX appliances in hybrid clouds with a dedicated teleworker appliance or via Cisco AnyConnect.
For customers making this investment into cloud platforms, there are a few ways they can use Meraki to accelerate their cloud journey with AWS. Specifically, for multi-region deployments, Meraki SD-WAN offers deep integration into the newly launched AWS Cloud WAN service and AWS Transit Gateway to significantly streamline workflows to connect users to their cloud resources. For organizations looking to connect their on-prem sites to workloads across regions, we also announced support for AWS Outposts at AWS re:Invent 2021 in December.
Meraki SD-WAN and AWS Transit Gateway
First, the Meraki vMX integration with AWS Transit Gateway lets customers extend their SD-WAN fabric to AWS workloads in an automated manner using AWS Quickstarts.
Dynamic routes and VPC peering with Meraki SD-WAN and AWS Transit Gateway
◉ The architecture consists of a SD-WAN VPC with two vMXs deployed in different availability zones to achieve a highly available architecture.
◉ In addition, a Transit Gateway (TGW) is deployed to extend connectivity to workload resources across different regions. The SD-WAN VPC is linked to the TGW via a VPC and customers can leverage their existing workflows to connect their workload VPCs to the Transit Gateway.
◉ On the Meraki Dashboard, each vMX is configured as a Hub to the branch sites and statically advertises all of the subnets available in Amazon AWS into Auto VPN.
◉ Finally, an AWS Lambda function is used to monitor the state of the vMX instances and update the SD-WAN VPC and the Transit Gateway route tables for the Auto VPN routes with the appropriate vMX as the next hop.
Meraki SD-WAN and AWS Cloud WAN
AWS recently launched AWS Cloud WAN at AWS Re:Invent. Cisco Meraki is one of the first partners to integrate with the new service. Cloud WAN is AWS’s managed wide area networking (WAN) solution that makes it easy for customers to build, manage, and monitor their global networks across the AWS backbone.
Organizations with Meraki SD-WAN can leverage the new AWS Cloud WAN service to extend their SD-WAN fabric across the unified AWS global network.
Meraki vMX integrates with AWS Cloud WAN to allow admins to define a multi-region, segmented, dynamically routed global network with intent-driven policies. This allows organizations to scale across different regions without worrying about managing the complexity of peering.
Dynamically routed global network with Meraki SD-WAN and AWS Cloud WAN
Instead of having to manage peering connections between different AWS Transit Gateways across multiple regions, a single Cloud WAN core network is deployed that spans across multiple regions with the following:
◉ Core Network Edges (CNE), deployed in each region of the core network
◉ Two segments, one for SD-WAN overlay and one for the customer workloads.
◉ Core Network Policy (CNP), which defines the global configuration of the core network
◉ The SD-WAN VPC and the workload VPCs are connected to the core-network as VPC attachments.
Multi-tenancy and Scale using AWS Outposts
Customers also need a secure way to connect their on-prem sites to workloads across different regions in the cloud. Using Meraki’s vMX solution, customers can easily extend their SD-WAN fabric to their public and private cloud environments.
Customers also need a secure way to connect their on-prem sites to workloads across different regions in the cloud. Using Meraki’s vMX solution, customers can easily extend their SD-WAN fabric to their public and private cloud environments.
AWS recently announced new Outposts Server Form Factors at AWS Re:Invent and Cisco Meraki will be one of the first launch partners to support the 2U servers with vMX (coming soon).
Customers looking for edge computing and even datacenter computing can leverage vMX on Outpost with the benefit of a fully managed infrastructure with native AWS APIs and the simplicity and security of Meraki.
Without Outposts, customers need to procure and manage multiple hardware for compute and networking making management cumbersome and difficult.
If you’re investing in a multi-cloud architecture and need a more scalable, flexible, and manageable SD-WAN fabric, we encourage you to learn more about the Meraki platform. Meraki combines SD-WAN with Wi-Fi, access switching, and IoT on a cloud-native platform that reduces the complexity of building a hybrid cloud architecture.
Source: cisco.com
0 comments:
Post a Comment