The traditional Chinese language proverb beneath could be utilized to options that community engineers should consider each day. With regards to securing a number of knowledge facilities — we will examine it, see slide after slide, and perceive it conceptually. We will even run it in a lab surroundings. However till we will take a look at it stay in a real-world facility (over the supposed transport the place we will perceive its habits and fine-tune for optimum efficiency and safety) deployment will at all times be a guessing sport.
“Inform me and I overlook, train me and I could bear in mind, contain me and I be taught”
– Historic Chinese language proverb
Not too long ago, our Cisco networking specialists teamed with Equinix to achieve a transparent understanding of how a safe multi-data middle interconnect answer, protected with Cisco’s WAN MACsec encryption, would function between two or extra places over an operational Equinix Cloth transport. By utilizing this real-world surroundings, we have been in a position to achieve better strategic perception into its inside workings and greatest apply these findings for securing a number of knowledge facilities for our public sector clients.
The WAN MACsec path to securing a number of knowledge middle connections
At Cisco, we’re discovering that clients are trying to find new safe transport choices which have the aptitude to securely interconnect their multi–Regional Co-Location (Co-Lo) facilities collectively. And it’s key that any answer they deploy use encryption options that won’t impede the high-performance, low latency transport wanted between the facilities. For Cisco and Equinix, our testing particularly focused this functionality for verification.
We’re happy to current the outcomes of our testing in a joint Cisco/Equinix White Paper titled Securing Excessive-Velocity Interconnection Over Equinix Cloth Utilizing Cisco WAN MACsec For Public And Non-public Sector. In it, we element the safe high-speed “Inter Area” interconnect answer, together with:
- Configuration examples
- Router output
- Testing strategies utilizing Cisco WAN MACsec over the Equinix Cloth (between Equinix areas in Ashburn, VA and Miami, FL).
Securing a number of knowledge facilities
Our joint testing leveraged the Equinix Cloth providing to supply high-speed Ethernet transport. We then used Cisco WAN MACsec to safe the transport between the 2 Equinix knowledge middle places. For these clients requiring multi-tenant Layer 3 segmentation throughout this service as effectively, the testing additionally demonstrated BGP/MPLS IP VPN’s (RFC 4364) over Phase Routing (RFC 8402). This method is shortly establishing itself as the brand new software-defined MPLS transport to be used in IP backbones and interconnections.
For presidency businesses, establishing a WAN (SD-WAN, Phase Routing, MPLS) presence inside these cloud companion Co-Lo facilities is a primary step in direction of enabling a “Cloud Prepared Community” structure. Its worth is important. Co-Lo suppliers needs to be regarded as strategic “next-door-neighbors” for public cloud and SaaS suppliers. Particularly since they will provide knowledge middle internet hosting providers for these clients nonetheless internet hosting their very own non-public purposes; lowering their on-prem knowledge middle footprint and related overhead.
At Cisco, we’re dedicated to offering a wide range of safe and dependable options for purchasers working Co-Lo area together with routing, excessive pace encryption, safety, and visibility. We’re additionally serving to our clients meet the compute wanted to host these non-public purposes and with securing these connections into the cloud service suppliers.
Further sources
Authored by:
Craig Hill, Distinguished Architect, U.S. Public Sector at Cisco
Chris Hocker, Programs Architect, U.S. Public Sector at Cisco
Share:
