carloscastilla - Fotolia

Words to go: Cloud networking basics

Networking requirements for the cloud are different than on premises. Dig into these terms to get a sense for the network services and capabilities needed to run a cloud app.

Organizations turn to the public cloud for its massive, on-demand compute and storage capabilities. But none of those capabilities matter if there isn't proper networking to ensure applications run smoothly.

AWS, Microsoft, Google and other providers offer a range of services to link cloud-based apps to private data centers and end users to ensure workloads can scale and distribute traffic accordingly. Familiarize yourself with these common cloud networking components, and review examples of services from major public cloud providers.

Domain name system: A domain name system (DNS) isn't exclusive to the cloud, but it's often an integral part of a cloud-based web app. Services such as Amazon Route 53 and Google Cloud DNS translate user requests delivered over the internet and link to the appropriate cloud services incorporated into an application.

Content delivery network: Public cloud providers offer their own content delivery network (CDN) services to move data, APIs and applications. These CDNs rely on providers' global network backbone, as well as hundreds of edge locations and caches to provide scale, redundancy, security and speed. These services can accelerate web and mobile app response times for end users that are physically located far from the VMs and storage used by the app. Even though providers charge for these services, organizations can still save money since the providers don't charge egress fees for moving data between regions.

Load balancer: Cloud load balancers assist with scale-out designs and high availability (HA) by automatically distributing inbound traffic -- sometimes across regions -- to manage throughput and maintain low latency in response to ebbs and flows in user requests. They also work with internal traffic across private networks within a cloud. Unlike the traditional physical devices in private data centers, cloud load balancers are services that sit on top of software-defined stacks.

Virtual private cloud: Public clouds were designed to host multiple tenants on the same server, but that model doesn't work for all workloads. Virtual private clouds (VPCs) isolate resources and wall off other users to provide greater security and avoid the "noisy neighbor" performance problems that can arise with Cloud networking. These services logically group items, such as IP address ranges, subnets, and routing and gateway configurations.

vpc vs. private cloud
Compare VPC to a private cloud.

Unlike traditional on-premises private clouds, VPCs provide access to nearly all of the popular services available on a given public cloud. Examples include Amazon Virtual Private Cloud, Microsoft Azure Virtual Network and Google Virtual Private Cloud.

Advanced and dedicated connections: Organizations have multiple ways to securely connect their existing networks to public clouds. Native VPN services use IPsec and Transport Layer Security tunnels to link on-premises networks to a VPC.

A more advanced -- and costlier -- approach involves dedicated fiber that runs from a private data center and taps directly into a cloud provider's network. Direct and dedicated services, such as Azure Express Route and Google Cloud Interconnect, provide consistent, dedicated bandwidth and HA.

Network security: Providers offer an increasingly broad range of security services tailored to cloud networking. These include web application firewalls to filter inbound traffic; the ability to customize and monitor application firewall rules; distributed denial-of-service protection services, such as AWS Shield and Azure DDoS Protection; and AI-driven network monitoring tools for threat detection.

Dig Deeper on Cloud app development and management