Alexis
Hi everyone. Welcome to another episode of Talk Tech with Data Dave. And today, we’re doing an expert episode! 

Today, we have with us Cloud Patrick, as I called him last time he joined us on the podcast. Patrick Walsh, the director of our Cloud Engineering team at D3Clarity, as well as Data Dave. Today, we’re here to talk about our cloud topic, which is why we brought Patrick on.  And also, I realized I could not contribute to this conversation very well, so I wanted to have someone for Dave to talk to that would actually understand what they were talking about. Therefore, good morning, Patrick. Good morning, Dave. I hope you both are ready and excited for this question. 

Patrick Walsh
Good morning, Alexis, Dave. 

Data Dave
Good morning, Alexis. Good morning, Patrick. Great to have you on the show, and I’m excited to have this conversation. This might get a little deep. It could go in some interesting directions. So, this one should be fun 

Patrick Walsh
Yep.  

Alexis
Yeah, that’s why you’re here.  

So, we found that a lot of people were Googling the question, “What are the benefits of networking in the cloud,” and after some conversations, we’ve decided that there’s probably a good reason why people were Googling that, because there’s a lot of answers here.  

So gentlemen, I’m going to pose the question to you and you can figure it out or help me figure it out. What are the benefits of networking in the cloud? 

Data Dave
So, let me try and talk a little bit on this one.  

The benefits of networking on the cloudis quite a difficult question to answer because we network all the time. And it’s largely these days, cloud-based by definition. What we expect is connectivity. We expect to be connected the number of points of presence that we have, certainly as an organization, is going up tremendously. Back in the old days, before the Internet and as the Internet came up. We connected directly from one point of presence to another point of presence from a data center to another data center. 

Alexis
Can you pause there for a second? Let’s define point of presence for a moment. What a point of presence? Is that always a data center like you said, or what’s the point of presence? 

Data Dave
No, that’s actually a really interesting question because, in the old days, a point of presence would be an office. It would be a collection of people where it is cost-effective to connect this group of people to another group of people. So, you might connect two offices together or an office to a data center or whatever across what would be called a wide area network, wider than a local area network. It’s going across buildings or across the ocean or whatever across the country. Now, a point of presence could be anybody. I’m sitting at my desk in my home right now, talking to you. I am a point of presence for D3Clarity. My e-mail server is on the cloud. It is a Microsoft e-mail server, so it’s on the Microsoft Cloud. I am not connecting to D3Clarity. I am acting as a point of presence myself, connecting to the Internet and, in turn, securely connecting to the D3Clarity point of presence. That is the Microsoft e-mail server that is an asset for D3Clarity. I don’t know where it is. I don’t care where it is, but I am a point of presence. Our office is a point of presence. You, Alexis, are a point of presence. We’re all acting as a point of presence and a point of resource for D3Clarity, and then we’ve got some shared resources. That could be on-premise and could be in the cloud, so to speak. And one of the broad clouds.  

So, getting back to cloud networking, and bringing Patrick in a moment, is the idea that these point of presence no longer have to think about where they are connecting to. They are connecting into this ethereal body that is the Internet or is the cloud. and I don’t have to dial this phone number over this fixed line to get to my e-mail. I can connect to the Microsoft Cloud, and lo and behold, I can do that and then you can connect to the various assets and the various resources that you have and that is invisible to yourself as a point to present. 

Patrick Walsh
So what you’re saying, Dave, is there’s no more dial-up DDS. 

Data Dave
Yeah, for those of us who are old enough, have got enough Gray in their beards. Those of us are old enough who remember having to dial up from hotel rooms when we’re travelling on the road to connect to a specific point of presence, you were dialing back to a specific location in order to pick up your e-mail. Yeah, there’s no need for that now though. 

Alexis
Okay. 

Data Dave
But that’s where we’ve come from, and now we’re in this world where, especially post-COVID, there are so many points of presence with everybody working from home and everybody working from the road and every working from shops, everybody working from their cars, even over a cellular network, to connect to the cloud and then from the cloud, you let the cloud deal with that complexity of the myriad of the fabric of connection if you want. 

I’ll hand it to Patrick now because one of the worrying things is if we’re all connecting into the same ether and allowing that to happen, how do we secure it? How do we know that my traffic isn’t colliding with your traffic, isn’t doing different things. And we’ve got this privacy and this structure that is replacing the direct communications that we used to have. 

Alexis
I think that tracks a little bit for me, but I know there must be more. 

Data Dave
Patrick, talk to us about when we do connect into the cloud. What are we actually connecting to and how does the cloud, the ether, know what we’re doing, who we are, and where to route some of this traffic. Because we’re talking about very large organizations with some very large points of presence and a lot of points of presence connecting in this way to use the public cloud as a communications fabric, shall we say?  

Patrick Walsh
Well Dave, this goes way, way back. If you are an organization and you have resources deployed inside a cloud, those resources are either public or private, and what determines that is how you configure your cloud network. So, with the cloud network, the way we tend to do our designs, is any resource that we’re deploying is on a virtual private network, not a VPN, as it was, but a VPC or a VNet depending on what cloud you’re using. 

Data Dave
So VNet. Explain VNet a little bit. I’m going to show my age here. I’m used to dealing with physical routers and physical switches and plugging wires into boxes and that sort of thing, in order to create address spaces and that kind of idea. Are we talking about the same thing? 

Patrick Walsh
Similar but different. It’s all virtualized. Okay. Your cloud providers, they have giant networks and all the switches in traditional networking that you’re used to- like a Cisco switch or whatever – is virtual. Now all these switches are programmable and the CSP’s have basically done an overlay on top of your traditional networking level. Think of a virtual Private Cloud or VNet or whatever you want to call it, kind of like old school VLANs, which are still being used with your wide area networks. 

Alexis
So many acronyms here. Hold on. 

Patrick Walsh
Yeah. 

Alexis
VPC. Virtual private cloud. 

Patrick Walsh
Yep. 

Alexis
VNet. virtual network. 

Patrick Walsh
Yep. Which are the same thing. They’re both the same. 

Alexis 

Okay, good to know. And then you threw one more out there that I have now forgotten and I had no idea you were talking about. VLAN? 

Patrick Walsh
VLAN –  which if you go back… well, VLANs are still used today when you have different interconnects. So, for example if you have a data center in Dallas and another data center in Chicago, the way you address those is you would say, “Ohh this traffic is destined for 302 and 302 is the network up in Chicago”. And so that traffic would get set up there. There’s a whole lot of other stuff that is involved with that, but that’s a very, very, very simplistic way to think of it. 

Data Dave
So what you’re saying, if I peel that back a little bit and try and reflect it back to you. What you’re saying is that the cloud service providers have built a massive network of equipment that is there, and then using software devices and software rather than hardware devices, they can segment up that massive network into sections that look like they’re private to you and look like they’re routed to you, and then you’ve got addressability to the assets that reside on that network. 

Patrick Walsh
Correct. 

Data Dave
They do all this with software, which makes it incredibly configurable, versatile, and actually a lot cheaper, because having a person plug in a wire or unplug a wire is ridiculously expensive compared with just typing on a computer and saying, “I want this extra computer to be connected to that one.” 

Alexis
Patrick, when you said switch earlier. Was there literally a switch at one point? 

Data Dave
Actually, yes, essentially Alexis.  

Because. when I first started getting into networking, you had physical switches between computers. Where you would plug a wire intone. A wire into another one, and they could talk and then you’d want to add a third. So, you’d add a switch and then address the traffic and the switch would route the traffic based off of that. But the switch was a box, a physical device. The wires came out of, and we still got them, but they’re now owned by, in this instance in the cloud, they’re owned by the cloud service provider. And then, we use essentially virtual switches or virtual routing across the top of that so that my computer can see your computer access. But what we’ve said then is over the magic of software. This computer can talk to that one. Now they’re actually both plugged into this wide area of fabric, this cloud fabric. And then we’ve configured the fact that they can talk to each other. In the old days, we’d have had to have a wire essentially or a switched wire between my computer and yours which should be a very long one. 

Alexis
I keep stopping you, Patrick, to answer my questions. But you were getting to a point where you were talking about the VLAN and I stopped you to ask what that was. Is that a virtual local area network? Is that what that stands for? 

Patrick Walsh
You got it. I’m. 

Alexis
I’m learning things. I want everyone to know that. 

Patrick Walsh
It’s good stuff. 

Your cloud service provider, they have provided the capabilities to create a private network and this allows you to deploy resources on a network that no one else has access to. Part of that is part of the RFC 1918 standard which sets aside private IP space that doesn’t get routed. That’s your like 10.0000\8. That’s the 192.whatever, and then the one 7216\ whatever anyway. 

Alexis
What are those, Patrick? Dumb it down for me here.. 

Patrick Walsh
It’s your IP.  

So, your IP is your address. It’s just like your home address. These address spaces are not public. They do not get routed over public networks, and this was done many, many years ago when more and more companies started putting their selves on the Internet. I remember when I worked at Dell, they had public IP address. 

Alexis
Okay, that makes sense. 

Patrick Walsh
There’s a company that we work with that has a 161178 space, and that space is “public”. And so, it can be routed. It’s routable.  

But back to the point I was trying to make and that is, you could create these private networks with its private IP space that no one has access to. And additionally CSP’s, they have firewalls that you could put around your private network etcetera that make it even more secure than it was before. 

Data Dave
So think about it, Alexis, as a neighborhood. So, a local area network is like a neighborhood where everybody is addressable, and you know where it is. You can put the street name and the house number, and you can go there quite easily. The challenge becomes that Main St. exists in many, many different cities.  

So now, what I’ve got to do to get you to the right number of Main Street. I’ve got to prefix it with the city. So, the addressing structure works in that way where the local area network is confined within the immediate space, and then the further apart, the wider area network is a broader space, ultimately allowing you to address the whole world… address everything. Except, to a certain extent, I can only see directly up to my gate, and I can see out, but anybody outside my gate can’t see into my gate, into my neighborhood. I’m in a gated neighborhood. People can’t see into my neighborhood. I can see out. I can address out. But traffic coming in comes to the gate, to the neighborhood, and then has to be routed within that neighborhood. So these area networks are of different scope, similar to a postal addressing scheme, and that’s what Patrick was talking about with the IP addresses. 

So, the Internet Protocol address is giving that ability to address initially it was every computer in the world, but now they’ve segmented it up into private and public addressable spaces to allow it to scale more. So, we can use the same address space for multiple people in different private areas. 

Alexis
Patrick, what you were saying was we can take those neighborhoods, as Dave called them, which was very helpful for me, and make them secure. By putting firewalls and then other sorts of things. That’s what I heard you say. I think you said something a lot more specific, but my brain doesn’t always catch everything that you say, but you can put stuff like that around them to make them more safe. Right? 

Patrick Walsh
That’s correct. Yeah. And then in order to get out of that neighborhood, they have these things called NATs, which is a network address translation, which basically is when the traffic comes out, it gets assigned a public, routable address, and then that packet gets sent out to where it needs to go, possibly to another NAT, which then goes, “Ohh, that original packet we got was sent from Bob’s computer. There over here.” That’s what Dave was saying, the private gated community can see out, but no one could see in. That’s why. Because you know these addresses are shielded or what’s a good word? Well, it’s an that it translates to public and back into a private network. 

Data Dave
They’re translated. You essentially borrow a routable address for a period of traffic for a period of time. 

Patrick Walsh
Yeah, so, more benefits would be… you could scale these out. So, if you need to segment your private network in the cloud, you could scale out and you could build an entire new private network in the cloud. And it’s super flexible to be able to build these things that work. And with infrastructure-as-a-code, you could literally launch a Terraform script or a confirmation stack, you know, whatever cloud provider you’re using. You can literally drop a script, it builds it out for you. If you have a standard way you build your private networks, you can simply just launch it and set your firewalls up around it and keep it secure. And only allow the traffic that you want to it with route tables and connections, whether you use in gateways or whether you’re using peering etcetera. You can keep the traffic between environments separated, which is good practice. 

Data Dave
So, looking at that slightly differently from a cloud perspective, from a cloud networking perspective, there’s a huge amount of benefit in the strength of connectivity. The breadth of connectivity to be able to say, “We can increase our number of points of presence without having to go into a great deal of management of those points of presence. Those points of presence can see all the assets or can be configured to see all the assets that they need to be able to see both public and private.” We can configure private assets and public assets. Those assets can be either on-premise, in another point of presence, a data center.  

So, I’ve got a computer in my closet that you can see, Alexis. That is a two-points of presence that are two assets. These assets can be public or private. So, they can be on-premise, they can be in the cloud, they can be on different cloud providers provided they are configured to be assets of yours that you are able to see. What the cloud networking gives you the ability to do is to abstract a lot of that technical complexity so that each point of presence is connecting into one thing, the cloud. And then Patrick and his friends are configuring these assets, whether those assets are deployed on the cloud using some of the infrastructure-as-a-code… some of the cloud benefits, or whether deployed on-premise in somebody’s closet or wherever they are. You can configure these using software now rather than hardware to be able to see all these various resources that we depend on.  

Now, we depend on these essentially electronic software assets, way more than we ever used to do. And so, the cloud networking gives you the ability to abstract away a lot of this complexity for all these myriad of point of presence, which is growing every day, to see and to access all these assets, both corporate and personal, that we necessitate to be able to do our daily tasks. 

Alexis
I’m going to answer the question then. “What are the benefits of networking on the cloud?” It’s easier, it’s easier if you know what you’re doing.  

Data Dave
Exactly. 

Patrick Walsh
We come across a lot of clients that I’ll go and look at their stuff and I’m like, “Ohh, like, this is not good stuff, it isn’t protected.” And so imagine, if you will, you’re trying to get from one side of the US to the other side, and you don’t even have a dirt trail. And then eventually the CSP started providing a dirt trail to get across the US. And then finally, the CSPs realize “Networking is kind of a big deal for security and compliance, etcetera. And if we’re going to get bigger companies in here, we need to lay the highway down.” They need to put a foundation.  

Networking, in my opinion, networking and security. Those are your foundational building blocks. When you’re moving to the cloud, you need to have a solid plan, whether it’s, “My entire organization is remote, so I need to create a client VPN for everybody to connect into to access resources like they were talking about earlier. We need to connect into our outlook and how do we prevent other people from accessing our resources?” Especially, like, if you’re using the Microsoft Cloud. Those are public resources. They’re available publicly across the board. “Well, how do we prevent one company from accessing another company?” 

Well this is part of your security layer, but if you’re building out a infrastructure and you have Docker containers running on virtual machines. Or where you have a database or whatever service that you deploy, that stuff needs to be protected. And you could protect it at that network layer by various protocols that you could implement. Whether it’s routing protocols or security groups or firewalls that surround that private network.  

So, there are various benefits of utilizing networking in the cloud. You could scale up. It’s cost-effective. You can build it securely. It’s reliable, It’s resilient because they have multiple paths across the wire. So, these are just some of the benefits in the “cloud networking”. But when you say benefits, I wouldn’t say it’s better than your traditional network because it’s all networking. You’re passing the same data across the same line.  

Benefits of utilizing private cloud networking in your environment is reliability, scalability, security, accessibility. 

Alexis
Reliability, scalability, accessibility, and security. Those are four good points. I think that we could call those all super big benefits. 

Patrick Walsh
Yeah. 

Data Dave
Sure.  

So, I think you’re right fundamentally, in this era of mass connectivity, it is much easier to build a cloud-based network with 500 endpoints than it is to build a private network with 500 endpoints spread across the country. 

Alexis
Awesome. That’s a good wrap-up. I like ending on a simple note as you guys both know. Thank you both for joining me on this episode and for answering my questions. To our listeners out there, if you have questions about all things data, all things cloud, all things technology, or all things D3Clarity, do not hesitate to e-mail us at talktech@d3clarity.com. We would love to answer your question on the podcast. Dave, Patrick, thank you so much for joining me this morning. I really appreciate it, and I hope you both have a fantastic day. 

Patrick Walsh
Thanks, Alexis. 

Data Dave
Thank you, Alexis, and thank you, Patrick.