How overlay networking with new Docker technology economizes virtual machines
Virtual Networks in the Public Cloud
– Ryan Koop, Director of Products and Marketing, CohesiveFT, says:
In the past, anyone who wanted to run additional network services like Nginx, HAproxy, or Snort in the public cloud had to use additional virtual machines (VMs). Additional VMs mean more runtime fees and a more complex network topology to manage.
That’s history. Network function virtualization (NFV) can help enterprises solve real-life cloud adoption issues of costs and network complexity, without causing vendor or technology lock-in. Instead of building separate VMs you can streamline cloud networking functions, economize on CapEx, and save time. In fact, you can do more with virtual networking: you can create a single network that securely controls cloud deployments across both data centers and multiple public clouds. That’s virtual networks in the public cloud!
Security and flexibility across geographic regions are also critically important when your data crosses between data centers and multiple public clouds. Public cloud providers control the networking security inside their network edge. But, what about the security inside a cloud? Network security features such as end-to-end encryption and overlay networks can secure your cloud deployments while also helping them stay cloud neutral. By building secure networks over the top of public clouds, you can control the way your network connects and shares.
CohesiveFT’s VNS3 version 3.5 overlay networking device now includes Docker container technology. The virtual network device lets you create heterogeneous control in an environment where you can run your network over the top of cloud providers’ existing network. If you are in a highly regulated industry, you can now use public cloud and personally attest to security with VNS3 3.5 and Docker containers. The IPsec connections ensure data traveling to the cloud is secure, and data-in-motion encryption secures data traveling within the cloud. Furthermore, federating resources via the overlay network distributes them and fights cloud vendor lock-in.
We initially created CohesiveFT’s VNS3 version 3.5 overlay networking device with a customer looking to add more network features into their network security and management control. We included Docker to help customers securely manage their network setup and build in features such as reverse proxy, load balancing, content caching, and other network functions.
Cloud network routing and security appliances are typically hardware appliances and do not give customers access or customization. With Docker updates you can build custom functionality into a single VNS3 Manager instance to match your cloud networking use case requirements. Each use case saves VM run times, simplifies network management, and bundles customers’ applications functions in the same VM instance as VNS3.
Our customers drive our innovation, guide product design, and offer us invaluable feedback throughout the process. They wanted the ability to collaborate and create custom network functions. Customers are excited to take back control of their networks and ensure their own security with VNS3 because it uses end-to-end data in transit encryption, as well as the flexibility of federated resources across multiple public cloud regions.
James Elwood and his team at Geezeo use the VNS3 Manager UI to “manage all of our connections from a single control point and offer reliable, manageable, and secure tunnels.” By controlling all 6 devices in 1, VNS3 Managers allow customers to extend and connect virtual networks to multiple application deployments across data centers or cloud regions.
So far, VNS3 3.5 alpha users have built in features including proxy and reverse proxy with Nginx; network intrusion detection with Snort; load balancing with HAproxy; and content caching with Varnish. Our goal is to help people save runtime costs of additional VMs, create new solutions to networking pain points, and simplify their network administration.