Service edge interfaces
Connecting to third party networks and services#
A backbone network may need to be connected to third party services and networks in order to access critical applications, storage options or security platforms.
The traditional way of networking would require phsyical interconnects between datacentres. This is still possible, but often not required, in favour of more modern methods.
Connecting to major cloud hyperscalers#
Whether to MS Azure, AWS or GCP, organisations that have taken the leap to move workloads and data into one of the big hyperscalers will often want to connect their entire network to that provider or providers.
There is a sliding scale of connectivity options, from self managed VPNs through to managed cloud interconnects. The Intelligent Network Fabric has the ability to peer directly with these cloud providers, or interface over the internet using managed VPNs such as IPSec.
Zero Trust Network Access (ZTNA)#
Many organisations are now moving to a fabric approach to security, with controls at the user and application level. These options, whether Cisco Umbrella & ISE, Zscaler, Axis or others can be integrated seamlessly with networks created using EVXs and the INF.
Backbone tunnels from individual NFRs can be established, for example pairs of GRE tunnels for Zscaler access, and a routing design can be created so that the correct traffic is sent over those tunnels.
Connecting to modern and legacy networks such as MPLS or VXLAN, or connecting security stacks#
The following interface and fabric options are available to connect networks, third party servers or security stacks.
Resilience and redundancy#
Options are available for each service or location connected, in order to match the needs of the organisation and network. Each backbone can have customised options.
Example: Network backbone consisting of 2x geographically distinct datacentres acting as transit hubs for internet, Azure cloud and ZTNA through Zscaler. Internet transit bandwidth and gateways are provided at both datacentres, Zscaler GRE tunnels are established from every Network Fabric Router in each datacentre, and cloud connectivity to Azure is comprised of dual redundant peering to Azure through a single datacentre.