Organizations the world over have spent countless hours building out their WAN infrastructure to facilitate communication between branches and locations. That’s true no matter if you’re a retail organization with a few stores or a large corporation with many, many subsidiaries. WAN connectivity is the key to the success of your business. With the advent of SD-WAN, that’s even easier to accomplish now.
However, the lure of the cloud is enticing. Organizations are starting to make decisions that go beyond simple proof-of-concept deployments or explorations with services and are instead making the kinds of hard choices that will matter in 3-5 years. Do we enhance our WAN infrastructure? Or should we just move everything to the cloud?
Providing Cloud Connection Services
One of the companies that has asked this question is Koch Business Solutions. Koch Industries is a huge company. They have nearly 120,000 employees in 50 countries around the world. They are one of the largest privately-held companies with $110 billion in revenue. They’re a market-based management company that counts companies like Georgia-Pacific, Molex, and Invista in their umbrella, as well as a number of subsidiaries under the Koch Industries label.
Koch has a vision to be cloud-first. They want to decrease the footprint of their data centers and accelerate their digital transformation. In the process, they want to reduce complexity with refactored applications and processes and increase security across their entire organization.
As with any cloud journey, the process has been long. Koch has been working on their cloud deployment for about two years. They have a single region spanning multiple availability zones (AZs). They’re currently up to 160 AWS accounts and that number is growing.
Koch has a vision for what they call the “next gen” account. This embraces modern development methods and application usage to let external users access resources in the cloud through direct internet access gateways (IGWs). All the traffic for these accounts traverses to the public cloud. That means isolation from the enterprise network. For the future, this makes sense as more and more applications and services are migrated to the cloud.
However, there are still a large number of accounts that are more traditional. These users need access to the enterprise network or information stored in a traditional data center. Security is a bit tougher with the need to authenticate users. As well, this means the needs to keep private IP spaces segmented. These accounts persist as long as the applications they support cannot be moved into the cloud or are in the process of being migrated.
So, how is Koch meeting these challenges? They’ve started by deploying an SD-WAN solution provided by Cisco Viptela. This SD-WAN offering gives the the flexibility they need to serve up applications across their portfolio to users without the need for complicated routing choices. Cisco Viptela SD-WAN also helps them solve issues with performance with offices all over the world accessing AWS. By connecting the VPCs together via SD-WAN, users in one part of the world can traverse the SD-WAN network to get a better exit point toward AWS and reduce latency and increase performance.
Cisco Viptela SD-WAN also helps Koch with the limitations Amazon places on routing in their environment. There are only a certain number of routes that can be assigned to each VIF. Each VIF can only have 100 routes, and you are only allowed to have a maximum of 50 VIFs per Direct Connect connection. 5000 routes may sound like a lot, but depending on the complexity of your environment or what kinds of applications you are exposing to your users, you may find yourself running out of space really fast. Cisco Viptela allows you to summarize routes and distribute them across the fabric in such a way as to conserve those precious resources, especially during transition.
To see more about this great discussion, check out this video recorded during AWS re:Invent this year:
Bringing It All Together
Koch has a great strategy for getting to the cloud. And they know that the best way to get there is to keep their traditional networks operational during the transition. Cisco Viptela SD-WAN gives them the flexibility they need to keep existing sites running during the migration process as well as moving them along to the next generation of cloud-first applications. A process this complicated with a company the size of Koch could take years, but with the power of SD-WAN it should be completed long before that.
- Redefining Service Protection with VMware Service-Defined Firewall - August 11, 2020
- Wi-Fi Isn’t Always the Best Wireless Solution – The On-Premise IT Roundtable - August 11, 2020
- Bad Behavior Analysis with Juniper Networks - August 6, 2020
- Multi-Cloud Fabric with Arrcus - July 30, 2020
- IoT Doesn’t Need Wi-Fi 6E – The On-Premise IT Roundtable - July 28, 2020
- Introducing Security Field Day 4 - July 21, 2020
- Cisco SecureX Roundtable - July 14, 2020
- Cisco Intent-based Networking Roundtable - July 13, 2020
- Tomversations: Episode 5 – End-to-End Encryption - July 9, 2020
- Cisco Live Interview with Khalid Raza - July 2, 2020