Every business will have its own take on what’s holding back digital transformation - development costs, skills shortages, disappointing return on investment, legacy systems and vendor lock-in are just some of the usual suspects.
That list hasn’t changed in twenty or thirty years, but we need to add a new item: cloud networking – the problem of building end-to-end network services in the cloud. From my perspective, this is the missing piece of the cloud puzzle.
First a bit of relevant background.
Koch Industries is one of America’s biggest privately held companies, with annual revenues estimated by Forbes of $115 billion.
The organisation has around 120,000 employees across 700 sites in 70 countries and after several major acquisitions Koch has a complex network infrastructure, including seven global networks, thousands of applications, thousands of routers and firewalls, tens of thousands of access points and hundreds of thousands of switch ports.
As chief technology officer with Koch Business Solutions (KBS), our IT services arm, my job is to make sense of this global spaghetti, including the security of data and the performance of the applications on which the business and its customers depend.
Ten years ago, we had a traditional network with MPLS connections between data centres, limited bandwidth to most other sites and all Internet access centrally controlled. Life was simple and, for many of our users, pretty slow.
At Koch, we believe in constant transformation and the need to disrupt ourselves. That’s how we stay successful and grew to the global, diversified technology-driven company we are today. Staying true to our transformation vision and realizing the imperative to stay relevant in the digital age, we needed to think and operate our businesses differently. The KBS team was tasked with preparing our foundational technologies, including the global network, for the rapidly growing digital business domains. We developed plans up and down the IT stack to decouple our businesses from the data centre and to implement cloud-native capabilities.
Our first major decision was to implement a global SD-WAN. This enabled a step-change in network performance – yielding a seven-fold increase in bandwidth across 500 locations.
At this time the cloud was already growing as a force. We settled on AWS as our preferred cloud partner, but soon realised that we weren’t going to be able to run production workloads over simple VPN connections.
So we developed a vision for cloud on-ramps dubbed “transport hubs” that we planned to implement first as physical connections to the cloud for data centres, then as virtual hubs for improving the experience of branches and remote users, and finally as transport hubs as a service, which would be capable of rapid deployment at scale.
The version 1 hubs provided high-speed connections for data centres to AWS, but approval, installation and testing took 18 months. The hubs also cost more than $2 million to put in place.
In order to be able to break ties with the data centre and improve application performance and user experience, we needed to replicate our physical transport hubs virtually in the cloud and allow users and sites to access those workloads through the SD-WAN.
Version 2 of the transport hub took “only” about six months – a great improvement over the data centre hubs.
Extending the network globally would require multiple hubs, and when we wanted to connect to other public clouds, the hub count would start to climb.
Even allowing for learning gained with AWS, expanding to other clouds would be months of work in each case.
While we’d solved some business and technology challenges we found that we’d created a highly complex set of solutions. Our network extended to only one cloud and we had no idea how to get to transport hub number 3, our vision of transport hubs as a service.
After scouring the market for a solution, we came across an interesting start-up named Alkira. We had history with the founders, Amir and Atif Khan, whose previous venture Viptela had been our SD-WAN partner.
The network cloud provider’s platform appeared to offer the seamless connectivity and full integration of higher-level services we were seeking.
As a pure software proposition, delivered as a service, it also promised three huge operational advantages:
1. Simplicity. Network teams wouldn’t have to learn every new capability in every cloud.
2. End to end visibility and governance– a single “pane of glass” to view all the traffic and transactions wherever they are on the network.
3. Delegated operations – the organisation doesn’t need to build, own and operate network assets and advanced services.
In the autumn of 2019, we got our hands on a preview version of the provider’s platform.
What had taken us over two years to evolve in our transport hub version 1 and version 2 deployments we were able to recreate with the software in a single afternoon.
We had gone from a mass of complexity and months of work to a dashboard that allowed you simply to draw your network and deploy it in a few hours.
This platform is enabling us to greatly reduce the amount of virtual infrastructure we run, manage and pay for. It should also simplify operations in cloud networking environments. We’re no longer dependent on a handful of wizards who know where all the magic rings are.
However, the really critical change is the time we’re able to save in connecting to different clouds. Building a production-ready on-ramp to Azure would have taken three to six months using the transport hubs in Koch’s previous system architecture. With the new solution we were able to stand it up in a single day.
The Azure connection was in place before the application teams were ready for deployment. The network team is no longer the long pole in the tent.
If you’re wondering why digital transformation still isn’t happening and you’ve interrogated all the usual suspects, maybe it’s time to ask a few searching questions about your cloud network. It may be holding up the future.