Two major government IT policy developments over the past year are working to drive the pace and sophistication of Federal cloud-based network adoption – and the advent of Cloud Ready Networks (CRN) that are designed to accommodate those policy trends and the long-term benefits they envision.
Major Policy Developments
The first is the final version of the Office of Management and Budget’s (OMB) Cloud Smart Policy, released in June 2019. Cloud Smart finalized the Federal government’s shift away from the 2011 Cloud First policy, and toward a new approach that “offers practical implementation guidance for Government missions to fully actualize the promise and potential of cloud-based technologies.” Cloud Smart emphasizes the three pillars of security, procurement, and workforce, and sets a total of 22 action items.
The second is the Cybersecurity and Infrastructure Security Agency’s (CISA) release in December 2019 of draft guidance documents for version 3.0 of its Trusted Internet Connections (TIC) initiative. TIC broadly aims to improve network and perimeter security across Federal networks, and the policy’s latest proposed iteration is intended to provide a better approach by giving agencies flexibility to use modern security technologies.
Cloud Ready Networks
As Federal agencies embark on the long journey of breaking free from legacy and on-premise infrastructure and moving to cloud infrastructures, the market has come to meet them with CRNs.
In the past, agencies relied on facilities that housed applications, data, and security components on site and under agency ownership. The introduction of the cloud challenged the legacy on-prem approach and necessitated a total restructuring – applications and data moved from inside agency walls to the remote and uncertain public cloud.
The change in application workloads to the cloud brought with it understandable growing pains in terms of how agencies approach security and wide area network (WAN) design. Now, agencies are identifying how to control access to applications with less visibility and control than on-prem working.
As agencies move further toward cloud migration, one less discussed component begins to play a larger and more vital role in the success of the public sector cloud environment – the network.
One barrier to success is the security and connectivity from on-premise environments to cloud service providers. For example, when agencies need to create new connections and increase bandwidth of existing connections it can result in months of lead time and project delays. Agencies also struggle to address the unique requirements and challenges presented when utilizing multiple cloud providers.
Cloud Ready, Set, Go – Overcoming the Barriers
That’s where CRN architecture comes in. As agencies migrate applications to the cloud, a solid, deterministic, and secure network becomes the lifeblood of the end-user experience.
The CRN approach redefines the cloud edge demarcation point. Typically, this is done by leveraging colocations (co-lo) to establish a security control point for any and all traffic leaving the agency. While the cloud edge could be established inside an agency’s walls, colocations offer a number of services essential to modernization, including scalable connections, secure hosting facilities, foundational security, and partnerships with cloud providers. These offerings make co-lo centers an obvious choice for establishing the cloud edge and building in-depth security controls.
“The CRN provides validated architecture principles that can be leveraged to build secure, agile, and scalable connections to multiple cloud providers” said Craig Hill, Distinguished Architect at Cisco. By extending the current on-premise cloud edge to co-lo centers where they are adjacent to cloud providers, agencies can benefit from a local connection that ensures more deterministic latency, and a newly defined security perimeter for tighter security control and visibility, closer to those agency applications in the cloud.
Cloud Policies on the Up and Up
The recent Federal IT policy developments serve to put wind into the sails of CRN, and network modernization writ large. Speaking of the ongoing TIC policy changes, Cisco’s Systems Architect, Chris Hocker said, “The TIC 3.0 initiative is a big step forward in terms of modernizing network and security architectures for cloud.”
With the continued backing of policymakers on the Cloud Smart and TIC 3.0 fronts, the Federal government can see a clearer path to a secure, scalable, and future-proofed cloud environment.