Data Center Expansion: 3 Benefits of a Hybrid Cloud Approach

3min. read

A hybrid cloud combines existing data center resources with ready-made IT infrastructure resources. Read the 3 key benefits of using a hybrid cloud approach.

To address growing data center demands and provide the added benefits of agility, scalability and global reach, the traditional data center is transforming into what is commonly referred to as a hybrid data center.

A hybrid cloud combines your existing data center (private cloud) resources, over which you have complete control, with ready-made IT infrastructure resources (e.g., compute, networking, storage, applications and services) that provide bursting and scaling capabilities found in IaaS (infrastructure as a service) or public cloud offerings, such as Amazon® Web Services (AWS®).

Here are three key benefits of using a hybrid cloud approach:


Benefit 1: Start Small and Expand as Needed

A hybrid cloud approach enables you to license IT infrastructure resources on a project-by-project basis with the ability to add more as needed. Without the public cloud, you would potentially invest in hardware that would sit idly during off-peak times and only be used for short-term projects.

A hybrid cloud also lets you take advantage of component-based development methodologies. If you use AWS for building new applications, architects and coders can leverage development techniques that are more component-based than previously used techniques. You can easily separate development, testing and production environments for new applications. Environments can be cloned or replicated, spooled up, and used as needed with seamless traffic flow and strong security policy enforcement.


Benefit 2: Expand Your Data Center Seamlessly and Transparently

With a hybrid strategy, your public cloud essentially functions as an extension of your data center via an IPsec VPN connection, allowing you to safely and securely deploy workloads in either location. The IPsec VPN connection acts as an overlay network, bringing added benefits of privacy and simplicity from the reduction in the number of Layer 3 hops across the end-to-end network. This allows you to transparently expand your internal IP address space into the public cloud using widely supported routing protocols. With an overlay network, there’s nothing new or challenging to your network operations team or security specialists, and security policies can be easily extended to cover the routes.


Benefit 3: Security Policy Consistency – From the Network to the Cloud

Your business relies on the consistent, reliable operation of applications and data whether on-premise or in the cloud. To ensure your applications and data are protected from cyber adversaries, best practices dictate that your policies be consistent and, ideally, managed centrally. By centrally managing your on-premise and public cloud security policies, you are able to perform logical groupings of like rules, security objects and so on. This creates many opportunities for improved efficiency using a single pane of glass for all your firewalls, public and private.

For example, many configuration elements universal to all firewalls in your organization can be configured once and shared with all firewalls, including such elements as DNS servers, NTP servers, local admin accounts and syslog servers.


Secure the Hybrid Cloud With VM-Series

The hybrid cloud offers significant benefits for organizations: You can start small, expand as needed, and extend your data center into the public cloud securely with the same security policy constructs in use in your private cloud. Palo Alto Networks® VM-Series virtualized next-generation firewall enables you to securely deploy a hybrid cloud by protecting your applications and data in AWS.

Learn more by reading the VM-Series for AWS Hybrid Cloud Deployment Guidelines.

Related Resources


What Is SASE?

Secure Access Service Edge or SASE (pronounced sassy), is an emerging concept that Gartner recently described in their The Future of Network Security in the Cloud report, released in August 2019.


What is Data Loss Prevention (DLP)?

Data loss prevention (DLP) is the practice of protecting and securing a company’s data to prevent it from being lost, stolen, accessed, or misused by unauthorized individuals.