The benefits that the cloud can provide are well known across the IT sector. According to the NIST definition:
“Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources”
UKCloud is a strong advocate of multi-cloud across multiple deployment models. This comes from our extensive history of working with Public Sector organisations and having a deep understanding of the IT challenges they face. UKCloud offers choice for customers through a portfolio of products, which includes VMware, OpenStack, OpenShift, Azure Stack and Oracle.
The common element that underpins all of these services is the network.
Without the underlying network the fundamental services offered by cloud computing cease to exist, yet networking is often overlooked and considered as an afterthought.
In this blog we take a look at how we manage and maintain ubiquitous network services across the UKCloud platform for our customers.
The UKCloud network consists of over 500 devices, across 4 data centres to deliver services within 13 regions. The demands of cloud computing and Public Sector mean that the network has to offer high availability, redundancy and adequate capacity to meet the needs of modern services.
The majority of the network is built on Cisco ACI (Application Centric Infrastructure), which Cisco defines as “the ONLY industry-leading SDN [Software Defined Network] solution that automates network and security for workloads with and across heterogenous domains”.
In addition to this UKCloud provides the benefits of native connectivity to secure, community networks including:
- Health and Social Care Network (HSCN)
- Public Services Network (PSN)
- Restricted LAN Interconnect (RLI)
- Scottish Wide Area Network (SWAN)
Not forgetting of course our 60Gbps of internet connectivity to multiple resilient providers with zero ingress and egress data charges. All of which have the added benefit of free DDoS protection, which scales to over 10 Tbps of mitigation to protect our customer base.
One of the most significant considerations of the network is the potential impact of any type of failure, which could have a knock-on impact to multiple services across the platform. As such, changes are planned in detail before being raised. This can involve testing the proposed changes in a lab environment or engaging vendors to understand the potential impact.
The second biggest challenge is keeping apprised of the latest vulnerabilities and patching the platform when we’re directly affected by a vulnerability. The network team at UKCloud is comprised of a team of technical experts in their field and we’re all acutely aware that the network is the first point of entry for a would-be attacker. If we leave a vulnerability unpatched, we’re effectively leaving the door open for the platform to be compromised.
By using leading technologies and vendors we have confidence in knowing that they release workarounds and/or software updates in a timely manner when new vulnerabilities are announced.
The network team are always looking at new features and technologies to further develop our services. In our next network-focused blog, we’ll discuss our new Inter Region Connectivity service, which is underpinned by SD-WAN technology, to offer UKCloud customers self-service provisioning of private connectivity between regions.
Future blogs will go on to discuss our plans around offering Cisco Tetration as a service. In the meantime, we’re keen to engage our customers and partners in the UKCloud Community. If there’s a topic you’d like us to cover or a service you believe we should be offering, let us know in the comments on the community site.