To address the growing data center demands and provide you with the added benefits of agility, scalability and global reach, the traditional data center is transforming into what is commonly referred to as a hybrid data center.
A hybrid cloud combines your existing data center (private cloud) resources, over which you have complete control, with ready-made IT infrastructure resources (e.g., compute, networking, storage, applications and services) that provide bursting and scaling capabilities found in Infrastructure-as-a-Service (IaaS) or public cloud offerings, such as Amazon® Web Services (AWS®).
Here are three key benefits of using a hybrid cloud approach:
A hybrid cloud approach enables you to license IT infrastructure resources on a project-by-project basis with the ability to add more as needed. Without the public cloud, you potentially would invest in hardware that is only used temporarily for short-term projects that would sit idly during off-peak times.
A hybrid cloud also lets you take advantage of component-based development methodologies. If you use AWS for building new applications, architects and coders can leverage development techniques that are more component-based than previously used techniques. You can easily separate development, testing and production environments for new applications. Environments can be cloned or replicated, spooled up, and used as needed with seamless traffic flow and strong security policy enforcement.
With a hybrid strategy, your public cloud essentially functions as an extension of your data center via an IPsec VPN connection, allowing you to safely and securely deploy workloads in either location. The IPsec VPN connection acts as an overlay network bringing added benefits of privacy and simplicity from the reduction in the number of Layer 3 hops across the end-to-end network. This allows you to transparently expand your internal IP address space into the public cloud using widely supported routing protocols. With an overlay network, there’s nothing new or challenging to your network operations team or security specialists, and security policies can be easily extended to cover the routes.
Your business relies on the consistent and reliable operation of applications and data, regardless of whether they are located on-premises or in the cloud. To ensure your applications and data are protected from cyber adversaries, best practices dictate that your policies be consistent and, ideally, managed centrally. By centrally managing your on-premise and public cloud security policies, you are able to perform logical groupings of like rules, security objects, and so on. This creates many opportunities for improved efficiency using a single pane of glass for all of your firewalls, public and private.
For example, many configuration elements that are universal to all firewalls in your organization can be configured once and shared with all firewalls, including such elements as DNS servers, NTP servers, local admin accounts, and syslog servers.
The hybrid cloud offers significant benefits for organizations: You can start small, expand as needed, and extend your data center into the public cloud securely with the same security policy constructs in use in your private cloud. The Palo Alto Networks VM-Series virtualized next-generation firewall enables you to securely deploy a hybrid cloud by protecting your applications and data in AWS.