Cloud Networking Overview (Using AWS as reference)

Cisco Data Center and Cloud Made Easy
18 Nov 202013:06

Summary

TLDRThis video script delves into the relevance of network administration in cloud environments, emphasizing the necessity of configuring and managing network services post-cloud migration. It explores AWS networking fundamentals, such as VPCs, CIDR blocks, subnets, and internet gateways, highlighting security best practices. The script also touches on advanced topics like VPC peering, hub and spoke architectures, and transit gateways for inter-VPC communication. It concludes by introducing Cisco's ACI for cloud, which simplifies network configuration across multiple clouds, promising a unified operational model and consistent security policies.

Takeaways

  • 🌐 **Cloud Networking Importance**: Network admins and networking knowledge remain crucial in the cloud for configuring and managing network services.
  • πŸ› οΈ **Cloud Networking Services**: Services like AWS VPC require configuration and management, emphasizing the need for network expertise in cloud environments.
  • πŸ”„ **Avoid Default VPC**: AWS recommends against using the default VPC due to its non-compliance with security best practices.
  • πŸ—οΈ **VPC Configuration**: Creating a VPC involves setting up CIDR blocks, subnets, and internet gateways to establish a foundational network structure.
  • 🌐 **Region-Specific Networking**: Networking configurations in the cloud are region-specific, necessitating separate configurations for different regions for geographical redundancy.
  • πŸ”’ **Security by Design**: Cloud providers embed security policies that require explicit access grants, similar to Cisco ACI's policy model.
  • 🚦 **Routing and Subnets**: Proper routing table configuration and subnet management are essential for controlling traffic flow within a VPC.
  • πŸ”Œ **ENI and Network Adapters**: Elastic Network Interfaces (ENIs) and other network adapters like ENAs and EFAs play a key role in providing connectivity with varying performance characteristics.
  • 🌐 **Hybrid and Multi-Cloud Connectivity**: Techniques like VPC peering, hub and spoke architectures, and transit gateways facilitate communication across multiple VPCs and clouds.
  • πŸ”„ **Cloud ACI Benefits**: Cisco ACI in the cloud simplifies network operations by abstracting configurations and automating enforcement across different cloud environments.

Q & A

  • Why are network admins and networking knowledge still important in the cloud era?

    -Network admins and networking knowledge are crucial because multiple network services need to be configured and managed in the cloud. Network admins with existing knowledge can be valuable assets in an organization's cloud migration strategy.

  • What is the first step in setting up cloud networking without using ACI?

    -The first step is to create a Virtual Private Cloud (VPC), which is similar to a VRF in traditional networking. It is recommended to create a custom VPC instead of using the default one to ensure it meets security best practices.

  • Why should you avoid using the default VPC in AWS?

    -The default VPC comes with a default configuration that may not meet security best practices, which is why AWS recommends creating a custom VPC for better security control.

  • What is a CIDR block and why is it necessary in cloud networking?

    -A CIDR block is a main IP address block from which subnets can be created. It is necessary to define the network range for instances or VMs within a VPC.

  • How does internet connectivity work for a VPC in AWS?

    -Internet connectivity for a VPC is provided by an Internet Gateway (IGW), which must be created and attached to the VPC.

  • What are the differences between private and public subnets in AWS?

    -Private subnets do not have direct internet connectivity, while public subnets may have internet-facing connectivity using a public or elastic IP address.

  • How does AWS handle IP address assignment for instances in private subnets?

    -AWS automatically assigns private IP addresses to instances in private subnets, reserving the first three usable IP addresses per subnet.

  • What is the purpose of a routing table in AWS VPCs?

    -A routing table in AWS VPCs determines the path for network traffic to and from instances. It includes routes that control the subnets' internet access and connectivity between instances.

  • What are the two main ways to achieve network segmentation and define policy in AWS?

    -The two main ways to achieve network segmentation and define policy in AWS are Security Groups and Network Access Control Lists (ACLs).

  • How do Security Groups in AWS compare to ACI EPGs?

    -Security Groups in AWS are comparable to ACI EPGs as they control inbound and outbound traffic and are assigned per instance, following an allow list model.

  • What is the significance of Cloud ACI in managing multi-cloud environments?

    -Cloud ACI abstracts the network configuration and automatically creates corresponding configurations across clouds, unifying operational models and maintaining security consistency, which simplifies management in multi-cloud environments.

Outlines

00:00

🌐 Cloud Networking Essentials

This paragraph emphasizes the ongoing importance of network administrators and networking knowledge in the cloud era. It discusses the necessity of configuring and managing multiple network services in the cloud. The speaker introduces the concept of cloud networking without using ACI, using AWS as an example. The paragraph walks through the process of setting up a Virtual Private Cloud (VPC), creating a CIDR block, and the importance of not using the default VPC for security reasons. It also covers the allocation of IP addresses, the role of an Internet Gateway (IGW), and the creation of subnets. The distinction between private and public subnets is explained, along with the concept of Elastic IP addresses. The paragraph concludes with a discussion on routing tables, the creation of instances, and the use of Elastic Network Interfaces (ENIs) for network connectivity.

05:00

πŸ”’ Security and Policy in Cloud Networking

The second paragraph delves into the security aspects of cloud networking, focusing on AWS as a reference. It introduces the concept of security groups, which control inbound and outbound traffic at the instance level, similar to ACI's Endpoint Groups (EPGs). The paragraph explains the default behavior of security groups and how they follow an allow-list model. It also touches on Network Access Control Lists (ACLs) as an alternative to security groups, which operate at the subnet level. The discussion includes the stateful nature of security group rules, contrasting them with the stateless ACLs. The paragraph also addresses the limitations of layer 2 forwarding in cloud environments and the differences in terminology and implementation across cloud providers like Azure and Google Cloud.

10:02

🌐 Advanced Cloud Networking Scenarios

The final paragraph explores advanced networking scenarios in cloud environments, such as connecting multiple VPCs across regions and providing connectivity from on-premises environments. It introduces VPC peering, hub and spoke configurations, and Transit Gateways (TGWs) as methods for inter-VPC communication. The paragraph discusses the use of Virtual Private Gateways (VGWs), Customer Gateways (CGWs), and Direct Connect for establishing VPN connections and high-bandwidth private connections. It also mentions the use of Border Gateway Protocol (BGP) for routing information exchange. The paragraph concludes by discussing the challenges of managing hybrid cloud environments and how Cloud ACI can simplify network operations across multiple clouds by abstracting network configurations and enforcing consistent security policies.

Mindmap

Keywords

πŸ’‘Cloud Networking

Cloud Networking refers to the management and operation of a network in a cloud computing environment. It involves the configuration and management of network services such as Virtual Private Clouds (VPCs), subnets, and routing tables. In the video, cloud networking is a central theme as it discusses how network administrators can manage and configure these services in the cloud, ensuring secure and efficient connectivity for cloud-based resources.

πŸ’‘Cloud Migration Strategy

A Cloud Migration Strategy is a plan that organizations develop to move their IT resources from on-premises infrastructure to cloud-based platforms. The video emphasizes the importance of network administrators having knowledge of cloud networking as they can be valuable assets in planning and executing a cloud migration strategy, ensuring that the network configurations meet security best practices and support the organization's needs in the cloud.

πŸ’‘VPC (Virtual Private Cloud)

A Virtual Private Cloud (VPC) is a virtual network dedicated to an organization's AWS account. It enables the creation of a logically isolated section of the AWS cloud where the organization can launch AWS resources in a virtual network that they define. In the video, creating a VPC is the first step in setting up cloud networking, and it is recommended to create a custom VPC rather than using the default one to ensure security best practices.

πŸ’‘Cidr Block

A CIDR block (Classless Inter-Domain Routing) is a notation that allows for an efficient way to describe an IP address and its associated network mask. It is used to define the range of IP addresses within a VPC. The video explains that a CIDR block is the main IP address block from which subnets can be created, and it is crucial for network segmentation and organizing cloud resources.

πŸ’‘Internet Gateway (IGW)

An Internet Gateway (IGW) is a networking component in AWS that allows communication between instances in a VPC and the internet. The video mentions that to provide internet connectivity for a VPC, an IGW must be created and attached to the VPC, enabling instances within the VPC to access the internet.

πŸ’‘Subnet

A Subnet is a segment of a VPC's IP address range where you can launch resources, such as instances and databases. Subnets can be public or private, with public subnets allowing instances to have public IP addresses and private subnets not having direct internet access. The video discusses how subnets are created from a CIDR block and mapped to availability zones, emphasizing the importance of understanding subnet configurations for cloud networking.

πŸ’‘Elastic Network Interface (ENI)

An Elastic Network Interface (ENI) is a virtual network card that you can attach to an instance in a VPC. It provides the instance with an elastic IP address, a private IP address, and allows the instance to communicate with other instances. In the video, ENIs are highlighted as a key component of cloud networking in AWS, where they enable instances to connect to the network and communicate with other resources.

πŸ’‘Security Groups

Security Groups in AWS act as a virtual firewall that controls the traffic allowed to reach one or more instances. They are used to control inbound and outbound traffic at the instance level. The video compares security groups to ACI EPGs (Endpoint Groups) and explains that they follow an allow list model, where explicit rules must be set to allow communication between different security groups.

πŸ’‘Network Access Control Lists (ACLs)

Network Access Control Lists (ACLs) are an optional layer of security that acts as a firewall for controlling traffic in and out of a subnet. Unlike security groups, they are not stateful and can have both allow and deny rules. The video mentions that ACLs are associated with subnets and provide an additional layer of security by controlling traffic at the subnet level.

πŸ’‘Hybrid Cloud

A Hybrid Cloud is a computing environment that combines on-premises, private cloud, and third-party, public cloud services into a single entity. The video discusses the challenges network administrators may face in a hybrid cloud environment, such as provisioning, monitoring, and securing the network consistently across different environments. It also introduces the concept of Cloud ACI as a solution to simplify network operations in a hybrid cloud.

πŸ’‘Cloud ACI

Cloud ACI (Application Centric Infrastructure) is a software solution that abstracts the network configuration and automatically creates the corresponding network configuration on each cloud. It is designed to unify and normalize operational models across multiple clouds. The video highlights Cloud ACI as a tool that can help network administrators manage complex, multi-cloud environments by automating network configuration and ensuring consistent security policies across different cloud platforms.

Highlights

Network admins and networking knowledge remain crucial in the cloud for configuring and managing network services.

Cloud migration strategies benefit from network admins who can leverage their existing knowledge.

Cloud networking operates differently without using ACI, as illustrated by AWS networking services.

AWS console demonstration shows the creation of a VPC, which is akin to a VRF in traditional networking.

Default VPCs are discouraged due to security concerns; creating a custom VPC is recommended.

Cidr blocks are essential for IP address allocation in cloud environments.

Internet Gateways (IGW) provide internet connectivity to VPCs.

Subnets can be private or public, with public subnets allowing internet-facing connectivity.

Cloud providers reserve the first three IP addresses in each subnet for special purposes.

Routing tables in the cloud define how traffic is directed within and outside the VPC.

Elastic Network Interfaces (ENIs) are the cloud equivalent of network interface cards for VMs.

Security in cloud networking is policy-based, similar to Cisco ACI, requiring explicit access grants.

Security groups control inbound and outbound traffic at the instance level, akin to ACI EPGs.

Network Access Control Lists (ACLs) operate at the subnet level, unlike security groups.

Cloud networking is based on Layer 3, with no native support for Layer 2 configurations like VLANs.

VPC peering is a method for inter-VPC connectivity within a single region.

Hub and spoke configurations use Virtual Private Gateways (VGWs) and routers for inter-VPC connectivity.

Transit Gateways (TGWs) facilitate communication between multiple VPCs across regions.

Cloud ACI can simplify network operations across multiple clouds by abstracting and automating network configurations.

Cloud ACI uses vxlan, BGP, and optionally IPSec for multi-site orchestration, reducing the learning curve.

Networking knowledge is essential in the public cloud, with concepts similar to traditional networking but with different terminology.

Cloud ACI can help normalize network operations and security across multiple cloud environments.

Transcripts

play00:01

[Music]

play00:07

after all this

play00:08

you may be wondering by now is there a

play00:10

need for network admins and networking

play00:12

knowledge in the cloud

play00:14

and the answer is absolutely there are

play00:16

multiple network services that will need

play00:18

to be configured

play00:19

and managed once running in the cloud so

play00:22

if you're a network admin and already

play00:24

have this knowledge you may be a true

play00:26

asset as part of your organization's

play00:28

cloud migration strategy

play00:30

before jumping into cloud aci and its

play00:32

benefits let's take a deeper look into

play00:34

how cloud networking works

play00:35

without using aci using aws networking

play00:38

services

play00:39

as example let's log into the aws

play00:42

console

play00:43

as you can see we're currently working

play00:45

in the u.s east region

play00:47

the very first thing we need to do is

play00:49

create a vpc

play00:50

which is similar to avrf as you can see

play00:54

each account has a default vpc and you

play00:57

may be wondering if it wouldn't be

play00:58

easier for us to use that one

play01:00

the reason to avoid the default vpc is

play01:03

that it comes with a default

play01:04

configuration

play01:05

that would not meet security best

play01:07

practices and that's why creating your

play01:09

own vpc

play01:10

is always recommended by aws in this

play01:12

case

play01:14

in the cloud ip addresses are

play01:16

automatically associated to instances

play01:18

or vms in order for this to happen we

play01:21

must create a cider block

play01:22

as part of the bpc configuration the

play01:25

cider block

play01:26

is your main ib address block so that

play01:28

you can later create subnets from it

play01:30

which will be assigned to the different

play01:31

availability zones in your region

play01:34

with this in mind cider blocks are

play01:36

usually large networks with

play01:37

16 to 28 subnet masks as minimum

play01:41

internet connectivity for the vpc is

play01:43

provided by an internet gateway

play01:45

or igw which you must create and attach

play01:49

to your vpc as well

play01:52

after this you need to create your

play01:54

subnets from the main cider block

play01:57

each subnet you create will be mapped to

play01:59

an availability zone

play02:00

and can be private meaning that they

play02:02

won't have direct connectivity to the

play02:04

internet

play02:05

or public which as we will see next may

play02:07

have internet facing connectivity

play02:09

using a public or elastic ip address

play02:13

anything we can figure in terms of

play02:14

networking through a dpc

play02:16

will only apply to this region therefore

play02:19

if you need geographical redundancy you

play02:21

may have to configure a vpc and its

play02:24

corresponding configuration

play02:25

for each additional region every subnet

play02:28

you create

play02:29

is going to be private by default so if

play02:32

you want to enable them to become public

play02:34

you just have to adjust its settings so

play02:36

that vms in such subnets

play02:37

get both a private and a public ip

play02:40

address

play02:41

for private ip addresses cloud providers

play02:44

commonly reserve

play02:45

the first three usable ip addresses per

play02:47

subnet

play02:48

and automatically assign the rest this

play02:50

is important to know

play02:51

especially if you are migrating from an

play02:53

on-premises environment and want to keep

play02:55

the same ip address in the cloud

play02:57

as we will cover in module 5. if you

play03:00

want instances on private subnets to

play03:02

have indirect connectivity to the

play03:03

internet

play03:04

you can enable functions on the cloud

play03:06

like map gateways

play03:08

just like on-prem vrfs every vpc has its

play03:11

own routing table

play03:13

there's a main default routing table

play03:15

that includes your main cider block

play03:17

if i added the gateway to the main

play03:19

routing table with a quad 0 route

play03:21

i would expose all related subnets from

play03:24

the main slider to the internet

play03:25

which is not necessarily what you want

play03:28

therefore

play03:28

you have to create your own routing

play03:30

table and then

play03:32

you would need to associate the specific

play03:33

subnets to this routing table

play03:35

and finally you would also need to

play03:37

adjust the routes so that they reflect

play03:39

the igw

play03:40

as your default gateway now if you go to

play03:44

ec2 to create an instance

play03:46

you have to choose the cloud network

play03:47

settings assigning the right subnet

play03:49

and availability zone to the cloud vm

play03:52

nic

play03:54

in the case of aws such nics are known

play03:57

as elastic network interfaces

play03:59

or enis there are other type of mix that

play04:02

you can also use

play04:04

such as enas and efas which may provide

play04:07

accelerated connectivity and low latency

play04:09

features for specific needs

play04:12

as with on-prem you can provide multiple

play04:14

enis or network adapters to your

play04:16

instances

play04:17

when enis are associated to public

play04:19

subnets they will have a private ip

play04:22

automatically assigned

play04:23

as covered before and they will also

play04:25

have a public ip

play04:26

which can be your own or which can be

play04:28

automatically assigned by the cloud

play04:30

provider

play04:31

in this case aws as covered before

play04:34

remember that whether you use public or

play04:37

private subnets

play04:38

aws recommends that instead of using the

play04:40

main routing table

play04:41

you create your own routing tables to

play04:43

have better traffic control

play04:46

in the cloud it's not only about routing

play04:49

sider and subnets only

play04:50

security is embedded by default

play04:52

following a policy model

play04:53

which is very similar to cisco aci this

play04:56

means that you must explicitly grant

play04:58

access to your cloud resources

play05:00

otherwise communication will not be

play05:02

allowed

play05:03

in the case of aws there are two main

play05:05

ways to achieve segmentation

play05:07

and define policy between different

play05:09

segmentation groups

play05:11

the most popular one is called security

play05:13

groups which is similar to aci epgs

play05:16

they are used to control inbound and

play05:18

outbound traffic

play05:19

and are assigned per instance instances

play05:22

in a security group

play05:23

need rules to communicate to other

play05:25

security groups prefixes

play05:27

and more every new security group you

play05:29

create will allow

play05:30

all outbound traffic by default while

play05:33

denying all inbound traffic

play05:34

until you explicitly adjust it following

play05:37

an allow list model

play05:40

as mentioned before security groups and

play05:41

their rules are comparable to aci epgs

play05:44

and contracts

play05:45

or firewall security zones just like

play05:47

with aci

play05:48

endpoints in the same security groups

play05:50

have unrestricted communication

play05:52

by default all security group rules are

play05:54

stateful

play05:55

meaning that you do not need to create

play05:57

any mirror rules

play05:59

in the case of aws there is another

play06:01

option that can be used to control

play06:02

traffic at the subnet level

play06:04

which is called knuckles or network

play06:06

access control lists

play06:08

all subnets are associated to a default

play06:10

knuckle which rules are set to permit

play06:12

all traffic both inbound and outbound

play06:15

therefore unlike sg's you do not need to

play06:18

customize or adjust knuckles

play06:20

if you do not want to knackles are not

play06:23

stateful and they can have both allow

play06:25

and denied listing if we take a look at

play06:27

this diagram

play06:28

taking aws as reference instances in the

play06:31

web security group

play06:32

will have free communication between

play06:34

them while communication from the web

play06:36

security group to the database security

play06:37

group

play06:38

or even the internet will require

play06:40

specific rules to be manually defined by

play06:42

the administrator

play06:44

it is important to mention that cloud

play06:45

networking services

play06:47

are entirely based on layer 3 meaning

play06:49

that there is no layer 2 forwarding

play06:51

configurations

play06:52

such as vlans broadcast traffic is not

play06:54

supported

play06:55

and multicast is either not supported or

play06:57

limited depending on the cloud provider

play06:59

you use

play07:01

the concepts we learned about before

play07:03

will very likely have different names

play07:05

and implementation options

play07:06

in all the different clouds for example

play07:09

in azure

play07:10

instead of vpcs and security groups we

play07:12

may be talking about vnets

play07:14

asgs and energies and in case of google

play07:17

cloud

play07:17

we will simply talk about vpcs and

play07:19

firewall rules

play07:21

as networks scale understanding

play07:23

configuring and managing all these

play07:25

concepts

play07:26

may become challenging we just covered

play07:28

an overview on how communication works

play07:31

for a single region and vpc in aws

play07:34

but what if we needed multiple vpcs

play07:37

regions and clouds to communicate

play07:39

or even if we needed to provide

play07:40

connectivity from our on-prem

play07:42

environment

play07:43

to different clouds going back to aws is

play07:46

our reference for this chapter

play07:48

there are multiple options we can use

play07:50

the first one

play07:51

is vpc peering which may be useful for

play07:54

single and multi-region inter vpc

play07:56

connectivity

play07:57

however it does not support transit

play07:59

communication and requires

play08:01

point-to-point configuration

play08:02

making it hard to scale and manage

play08:05

as a second option we have hub and spoke

play08:08

configurations

play08:09

where there is normally a hub or transit

play08:11

vpc

play08:12

and multiple spoke vpcs for these type

play08:15

of setups

play08:16

aws virtual private gateways or vgws

play08:19

are commonly used at the spoke level

play08:22

while routers like csr1000b

play08:24

are used at the hub level ipsec

play08:26

connectivity is established between each

play08:28

hub csrs

play08:30

and spoke vgws on each vpc

play08:33

while vgws can also be used to connect

play08:36

side to side vpns as well

play08:38

csr routers are commonly deployed as ec2

play08:40

instances

play08:41

to connect to on-prem environments and

play08:43

other clouds since it allows

play08:45

organizations

play08:46

to maintain a common operation model

play08:48

plus a reacher feeder set

play08:50

it is important to mention that this

play08:51

implementation option has a 1.25

play08:54

gigabits maximum bandwidth limit

play08:56

for each tunnel and that csrs are

play08:58

charged by aws

play09:00

just as with any ec2 instance

play09:03

bgp is commonly used to exchange routing

play09:06

information between clouds and sites

play09:08

we will be covering hybrid and

play09:10

multi-cloud connectivity in module 5

play09:12

where we will learn about multi-site aci

play09:15

so

play09:15

stay tuned as a third option we have

play09:19

transit gateways or tgws

play09:21

which can also help communicate

play09:22

different bpcs in a single region

play09:24

or even in multiple regions through

play09:26

transit gateway peering

play09:28

tdw is an interconnect hub service that

play09:31

the different vpcs attach

play09:33

to allowing higher bandwidth per

play09:35

attachment than vgw

play09:36

and also offering vpn connection options

play09:39

to external environments

play09:40

however csr1000b can also be used in

play09:44

conjunction with tgw

play09:45

for external connectivity to on-prem

play09:47

sites and across clouds for the same

play09:49

reasons mentioned before

play09:52

tdws are the preferred option to use for

play09:54

inter vpc communication

play09:56

especially since it uses a cloud

play09:58

provider backbone network

play09:59

you just have to attach each vpc to the

play10:02

tgw service

play10:03

using a subnet or subnets on different

play10:05

availability zones from each vpc

play10:07

slider and the tgw will automatically

play10:10

pull the sider information

play10:11

as part of its routing table keep in

play10:14

mind that on each vpc that you attach to

play10:17

the tgw

play10:18

you will need to add static routes to

play10:20

other bpc cider blocks

play10:21

pointing out to the tgw as the next hop

play10:24

in your routing table

play10:26

in this case the orange bpc would have a

play10:28

route to the blue vpc cider

play10:30

pointing out to the tdw as next hop and

play10:33

the same thing would happen

play10:34

in the other case around in aws

play10:38

when connecting on-prem environments to

play10:40

your instances on the cloud

play10:42

you may simply use the internet and

play10:43

connect through your vpc igw

play10:46

you may also run side-to-side ipsec vpns

play10:48

over the internet

play10:50

which can be terminated using any of the

play10:52

options mentioned before

play10:53

or you can also use a high bandwidth

play10:55

private physical connection from the

play10:57

cloud provider

play10:58

which in the case of aws is called

play11:00

direct connect

play11:02

direct connect may run directly to the

play11:04

cloud provider facilities

play11:05

or through a collocation partner these

play11:08

same concepts

play11:08

apply to all cloud providers with their

play11:10

specific names and differences

play11:13

if you now add your on-premises

play11:15

environment to the mix

play11:16

network administrators in a hybrid cloud

play11:18

environment may find

play11:19

operational challenges to provision

play11:21

monitor and secure the network

play11:23

consistently

play11:25

this is where cloud aci may help since

play11:27

you only need to learn one networking

play11:29

model

play11:30

not many allowing you to normalize

play11:32

network operations

play11:33

across multiple clouds cloud aci

play11:36

abstracts the network configuration

play11:37

and automatically creates the

play11:39

corresponding network configuration on

play11:41

each cloud

play11:42

cloud aci can run in a single cloud or

play11:45

may also automatically interconnect

play11:46

multiple clouds

play11:47

using vxlan bgp and optionally

play11:50

ipsec through multi-site orchestrator

play11:53

this approach

play11:54

accelerates cloud adoption and keeps

play11:56

both configuration

play11:57

and security consistent across multiple

play11:59

types of clouds while reducing the

play12:01

learning curve

play12:03

we will learn how to run and configure

play12:04

cloud aci as well as the difference it

play12:06

makes when comparing to what we did

play12:08

today

play12:09

in the next chapters as a summary

play12:12

networking knowledge is very much needed

play12:14

in the public cloud as well

play12:16

although there is different terminology

play12:18

for each cloud provider the concepts are

play12:20

very similar to what you already know

play12:22

there are multiple networking elements

play12:24

you will have to configure and manage

play12:26

as we learned today which may increase

play12:28

complexity

play12:29

and potentially adding consistency to

play12:31

your multi-cloud environment

play12:33

as we will see next aci can help

play12:35

automating the creation of your network

play12:37

configuration across multiple types of

play12:39

clouds

play12:40

unifying and normalizing your

play12:41

operational model without sacrificing

play12:44

any cloud native services

play12:46

not only is this important to provide

play12:48

connectivity and identify issues faster

play12:51

but also to keep security consistent by

play12:53

defining your configuration once

play12:55

and letting aci enforce it anywhere

Browse More Related Video

AWS Solution Architect Interview Questions and Answers - Part 2

EP03- Arista software Overview

Public Cloud Explained

AWS & Cloud Computing for beginners | 50 Services in 50 Minutes

What is a Virtual Private Cloud?

Connect to services on another VPC via Private Service Connect (PSC)

Rate This
β˜…
β˜…
β˜…
β˜…
β˜…

5.0 / 5 (0 votes)

Summary
Outlines
Mindmap
Keywords
Highlights
Transcripts
Related Tags
Cloud NetworkingNetwork AdminAWS ServicesVPC ConfigurationSecurity GroupsCloud MigrationHybrid CloudMulti-CloudNetwork AutomationACI Integration