Java IoT Authors: Elizabeth White, Carmen Gonzalez, Jim Kaskade, Yeshim Deniz, Pat Romanski

Related Topics: Industrial IoT, @CloudExpo, Cloud Security

Industrial IoT: Article

Combining the Cloud with the Computing: Application Delivery Networks

What new challenges does Cloud Computing present for the enterprise?

IT executives are being asked to increasingly evaluate new cloud-based services to improve business agility while lowering operating and capital costs within the enterprise. Yet often very little is known about the “cloud” itself. How does it work? What new challenges does it present for the enterprise?

While cloud vendors continue to roll-out new technology to capture the imagination of application development and IT organizations – one area continues to remain noticeably cloudy and overlooked – the cloud itself.

The first of the two words in cloud computing is often not well understood. It’s almost always drawn very minuscule in pictures while dwarfed by the virtualized server farms providing on-demand computing power. Implying as if the cloud is secondary and works in a simple way – something goes in one side of the cloud and then shows up instantaneously on the other side. Or perhaps it’s a control issue – after all, the cloud is seemingly outside of the data-center beyond direct control of IT...or is it?

In order for cloud computing to realize its full potential and become commonplace for a range of business processes and applications within the enterprise the cloud itself needs to be treated equally as important as the computing aspect. The two must go hand-in-hand. For decades, enterprises have grown accustomed to private IP-VPN services such as MPLS offered by network providers. Such services offer high degrees of uptime, low latency and packet loss guarantees, and a sole point of escalation for problem resolution. Yet the on-demand accessibility promised by cloud computing services are best fulfilled when any type of user can access applications – anywhere in the world, and at any time thru a common interface such as a Web browser. And it simply isn’t possible to run private IP-VPN services to everywhere application users have access to a Web-browser. As a result, the Internet is more often than not the de facto cloud used to fulfill the ubiquitous reach and economies of scale necessitated by on-demand cloud applications.

Herein lies the challenge. The Internet cloud is not like a private network offered by a service provider. The Internet is a network-of-networks, consisting of over ten thousand individual network providers. And unlike traffic carried within a private-WAN, not all networks are economically motivated to carry the bulk of Internet traffic generated by an on-demand cloud computing service. The first-mile provider offering bandwidth for the data-center and the last-mile access provider are the two providers who directly get paid to connect the user to the application. All other Internet network providers have little economic incentive to exchange and deliver traffic and apply sub-optimal, unreliable relationships called peering. Peering relationships manifest themselves by adding extra round-trip latency and packet loss by way of the Border Gateway Protocol (BGP) which is used to route application requests thru the cloud between application users and the infrastructure1. Yet any latency or service interruption, whether caused by either the computing infrastructure or the cloud, degrades user experience and can damage customer satisfaction resulting in abandonment issues and low adoption of cloud computing services.

To make matters even worse, other protocols used to govern Web application delivery such as the chatty TCP protocol for transport and HTTP for applications introduce new application delivery bottlenecks for distributed users of on-demand cloud based applications. Users far away from computing infrastructure will experience slower response times and worse availability than those users close to the resources. And the Internet opens new security vulnerabilities ranging from Domain Name Server (DNS) and distributed denial-of-service (DDoS) attacks to more advanced malicious activities exposing application-specific vulnerabilities.

The challenges associated with the Internet cloud are very real. What happens to application adoption when one user gets a 5-10x slower application response time than another, merely because of their increased distance from computing servers? What if applications are unavailable due to issues associated with the Internet itself such as congestion, de-peering, cable cuts or earthquakes? What happens if your in-cloud application is attacked by Internet hackers? As evidenced by a recent State of the Internet Report2, attack traffic on the Internet was originated in over 139 unique countries. Over 400 unique ports were attacked, a twenty fold increase from just the prior quarter. DDoS attacks continued to exploit tactics that were identified years ago along with numerous high-visibility DNS hijackings. Network and routing outages remain commonplace. And Website and application hacks, such as SQL injections and cross-site scripting (XSS) attacks have infected hundreds of thousands of Web properties. It is clear the Internet must transform into a predictable, reliable application delivery platform suitable for business use to fulfill the promise of cloud computing within the enterprise.

Cloud computing providers need a strategy for optimizing the cloud for their on-demand applications and computing services on a global scale, while remaining as cost-effective as possible, in order to survive what is undoubtedly becoming increasingly competitive environment. At the same time, they are pressured to ensure their infrastructure can cope with a rapidly escalating volume of data and shield users from in-the-cloud bottlenecks outside of the data-center. For this reason, they are increasingly reliant on proven third-party providers for the reliable and cost-effective delivery of on-demand content and applications in the cloud in to solidify their position in this rapidly evolving and promising market.

One way of optimizing delivery over the Internet cloud has been thru next-generation content delivery network (CDN) providers. To enable on-demand cloud computing services, however, such providers must transcend far beyond traditional CDN capabilities to address the fact that rich interactive websites and enterprise applications aren’t generally cacheable like a large media file or image. Dynamic content requires new application delivery optimizations addressing routing, transport and application layer protocol inefficiencies introduced by the Internet cloud for effective delivery. Such optimizations allow globally distributed users to feel as though they are close to centralized computing resources, regardless of their distance from the infrastructure, while addressing other key availability, security and scalability bottlenecks associated with Internet-based application delivery.

Next-generation CDN providers incorporate tens of thousands of distributed computing servers across the globe at the edge of the Internet, within one network hop away from both application infrastructure and the vast majority of the world’s Internet users. In essence, this creates a distributed global “overlay” of the Internet serving as the foundation for powering a better Internet experience. Thru software written on the platform, the application of a sophisticated set of algorithms and knowledge of real-time Internet conditions are applied towards accelerating content goes well beyond static caching and traditional CDN capabilities to optimize application delivery bottlenecks for fully dynamic, on-demand applications. Essentially, these services leverage their own optimized protocols to optimize the distance induced performance and availability challenges introduced by BGP, TCP and HTTP protocols. Next-generation CDN services, often referred to as “Application Delivery Networks” (ADN), improve the delivery of dynamic content in the Internet cloud, without the use of any additional hardware, new software or application code changes for any application user accessing an application over the Internet cloud. The operation of an ADN is described and illustrated in Figure1.

1. A dynamic mapping system based on DNS directs user requests for secure application content to an optimal edge server.

2. Malicious activity can be blocked at the edge of the Internet, outside the data-center, through a set of configurable rules

3. Dynamic route optimization technology identifies the fastest and most reliable path back to the origin infrastructure to retrieve dynamic application content.

4. A high-performance transport protocol transparently optimizes communication throughput between edge server and the origin, improving performance and reliability. 5. The edge server retrieves the requested application content and returns it to the user over secure optimized connections. Static and pre-fetched content leverages edge proximity to speed delivery when possible.

Figure 1 – How an Application Delivery Network (ADN) works

Providers of on-demand computing resources and applications leveraging ADN technologies benefit by keeping data-center build-out to a minimum while simultaneously addressing Internet delivery issues. ADN services are provided as a convenient managed service with no capital expenditure. The result is higher application availability, better performance, improved security, and significantly improved scalability and operations. Cloud computing providers can focus on their core strength – developing innovative hosting services, application development platforms and off-the-shelf software applications - while benefiting from a scalable and robust delivery platform which works on a global scale.

Figure 2 – Response times across 25 geographies to complete a 4-step dynamic transaction for a Web-based customer service portal hosted as a single instance in eastern United States. Prior to the use of an ADN, users in some cities such as Madrid, Singapore and Sydney experienced over 40-second response times. After the use of an ADN, all cities exhibited response times no more than 17-seconds – whereas someone in Singapore would “feel” as though they were located in Los Angeles.

Some of the large cloud computing providers will opt to build-out a multitude of big regionalized data-centers, often spending tens or hundreds of millions of dollars on big data-center investments. While this will undoubtedly place on-demand infrastructure in closer proximity to application users, there are architectural limitations to this approach.

On-demand browser applications are accessible on a global scale, which means if the application resides in a single data-center there will always be some portion of the user community who will be much farther away. Do you have your application run in a North America, Europe or Asia-Pac data-center? And replicating instances of a single application across multiple data-centers may often not be desirable or even possible due to a variety of considerations such as management, cost, integration, performance, regulatory compliance and security

For those applications which can be replicated in multiple instances, however, the big data-center approach remains flawed as the majority of application users are most likely not buying their Internet connectivity from the same provider servicing the regional data-center. In fact, measurements show the ten largest networks in the Internet provide last-mile subscriptions to approximately 30% of overall Internet users3. And no single network provides more than 10% of the access traffic. So even if application instances were replicated in large data-centers that happened to reside within the world’s 30 largest networks, the average distance from an application user to data-center would still exceed 1,500 miles. Let alone unless the data-center is in the same service provider as the application user, the user remains at the mercy of Internet delivery bottlenecks.

From IP traceroute measurements, it is easy to observe how users are sometimes routed outside of countries and even continents to reach data-center infrastructure. Even when having infrastructure in the same city as the end-user, but not the same service provider, applications can be subject to substantial latency challenges. As a result, despite pre-existing data-center build-out, the use of an ADN is highly beneficial to optimize from the application user to a nearby data-center.

Number of ISPs Crossed from Application User to Data-Center - Intra City






























Table1: It is very common for Internet routing to go outside of city and country when connecting application users to nearby data-centers.  For example, based on a sample of IP traceroutes, an application user in Frankfurt would traverse 3 or more ISP's 74% of the time to connect to application infrastructure also located in Frankfurt.

Leveraging CDN for static delivery of content via the public Internet is well established and understood. The next-generation of CDN services – Application Delivery Networks - are already proven and can be equally effective for transparent delivery of dynamic, on-demand applications developed and delivered within the Internet cloud. For many years now, leading managed service providers have been offering advanced services based on highly distributed global platforms which transform the Internet into a reliable and high-performing platform for on-demand application delivery to the global enterprise – for anyone, anywhere, anytime. An increasing number of applications and business processes are moving to a cloud-based delivery model. Whether it is for rich interactive Web 2.0 websites, web-enabled business processes such as extranet portals and supply chains, software-as-a-service and now on-demand cloud computing – the importance of optimizing the cloud itself moves to the forefront in order to meet the stringent demands of the enterprise.

Globally distributed Application Delivery Networks put the optimal architecture for in-cloud optimization right into IT and application development’s hands. The Internet cloud is tremendously complicated and those placing the same scrutiny towards optimizing outside of the data-center, as inside the data-center, are those who will be able to successfully satisfy the stringent demands necessary to bring cloud-based applications to the marketplace.

For those evaluating the use of any cloud-based platform or service… don’t forget the cloud. Ask probing questions to understand what is available to optimize cloud-based application delivery both inside and outside the data-center. The use of highly distributed Application Delivery Networks when applied to on-demand computing platforms is a powerful combination to help bring cloud based services to the enterprise market and is readily available today.

Recommended Reading and Viewing:

1 Historical Internet latency & packet loss measurements

2 Akamai - “Quarterly State of the Internet Report”

3 Akamai – How Will the Internet Scale?”

More Stories By Willie M. Tejada

Willie M. Tejada is Vice President, Application and Site Acceleration, at Akamai Technologies, Inc., where he is responsible for the Application and Site Acceleration Business Units targeted at optimizing the delivery of enterprise sites and applications over the Internet. With more than 15 years of marketing, product management, and business development experience, Tejada joined Akamai in March 2007 as part of the Netli acquisition. A seasoned executive, he has held various senior management positions in both start-up and large enterprise companies including Novell, where he led marketing, product management, developer and strategic relations organizations. An accomplished communicator and presenter, he is an inventor listed on US Patent 6,078,924, and also the author of Facilitating Competitive Intelligence: The Next Step in Internet-Based Research published in CRC Press' "Best Practices Series" in Internet Management.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.

@ThingsExpo Stories
WebRTC adoption has generated a wave of creative uses of communications and collaboration through websites, sales apps, customer care and business applications. As WebRTC has become more mainstream it has evolved to use cases beyond the original peer-to-peer case, which has led to a repeating requirement for interoperability with existing infrastructures. In his session at @ThingsExpo, Graham Holt, Executive Vice President of Daitan Group, will cover implementation examples that have enabled ea...
In past @ThingsExpo presentations, Joseph di Paolantonio has explored how various Internet of Things (IoT) and data management and analytics (DMA) solution spaces will come together as sensor analytics ecosystems. This year, in his session at @ThingsExpo, Joseph di Paolantonio from DataArchon, will be adding the numerous Transportation areas, from autonomous vehicles to “Uber for containers.” While IoT data in any one area of Transportation will have a huge impact in that area, combining sensor...
SYS-CON Events announced today that Coalfire will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Coalfire is the trusted leader in cybersecurity risk management and compliance services. Coalfire integrates advisory and technical assessments and recommendations to the corporate directors, executives, boards, and IT organizations for global brands and organizations in the technology, cloud, health...
November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Penta Security is a leading vendor for data security solutions, including its encryption solution, D’Amo. By using FPE technology, D’Amo allows for the implementation of encryption technology to sensitive data fields without modification to schema in the database environment. With businesses having their data become increasingly more complicated in their mission-critical applications (such as ERP, CRM, HRM), continued ...
SYS-CON Events announced today that Cloudbric, a leading website security provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Cloudbric is an elite full service website protection solution specifically designed for IT novices, entrepreneurs, and small and medium businesses. First launched in 2015, Cloudbric is based on the enterprise level Web Application Firewall by Penta Security Sys...
WebRTC sits at the intersection between VoIP and the Web. As such, it poses some interesting challenges for those developing services on top of it, but also for those who need to test and monitor these services. In his session at WebRTC Summit, Tsahi Levent-Levi, co-founder of testRTC, reviewed the various challenges posed by WebRTC when it comes to testing and monitoring and on ways to overcome them.
"Matrix is an ambitious open standard and implementation that's set up to break down the fragmentation problems that exist in IP messaging and VoIP communication," explained John Woolf, Technical Evangelist at Matrix, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
In his general session at 18th Cloud Expo, Lee Atchison, Principal Cloud Architect and Advocate at New Relic, discussed cloud as a ‘better data center’ and how it adds new capacity (faster) and improves application availability (redundancy). The cloud is a ‘Dynamic Tool for Dynamic Apps’ and resource allocation is an integral part of your application architecture, so use only the resources you need and allocate /de-allocate resources on the fly.
DevOps is being widely accepted (if not fully adopted) as essential in enterprise IT. But as Enterprise DevOps gains maturity, expands scope, and increases velocity, the need for data-driven decisions across teams becomes more acute. DevOps teams in any modern business must wrangle the ‘digital exhaust’ from the delivery toolchain, "pervasive" and "cognitive" computing, APIs and services, mobile devices and applications, the Internet of Things, and now even blockchain. In this power panel at @...
SYS-CON Events announced today that SoftNet Solutions will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. SoftNet Solutions specializes in Enterprise Solutions for Hadoop and Big Data. It offers customers the most open, robust, and value-conscious portfolio of solutions, services, and tools for the shortest route to success with Big Data. The unique differentiator is the ability to architect and ...
SYS-CON Events announced today that Embotics, the cloud automation company, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Embotics is the cloud automation company for IT organizations and service providers that need to improve provisioning or enable self-service capabilities. With a relentless focus on delivering a premier user experience and unmatched customer support, Embotics is the fas...
SYS-CON Events announced today that MathFreeOn will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. MathFreeOn is Software as a Service (SaaS) used in Engineering and Math education. Write scripts and solve math problems online. MathFreeOn provides online courses for beginners or amateurs who have difficulties in writing scripts. In accordance with various mathematical topics, there are more tha...
SYS-CON Events announced today that Niagara Networks will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
The best way to leverage your Cloud Expo presence as a sponsor and exhibitor is to plan your news announcements around our events. The press covering Cloud Expo and @ThingsExpo will have access to these releases and will amplify your news announcements. More than two dozen Cloud companies either set deals at our shows or have announced their mergers and acquisitions at Cloud Expo. Product announcements during our show provide your company with the most reach through our targeted audiences.
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, will discuss how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team a...
Virgil consists of an open-source encryption library, which implements Cryptographic Message Syntax (CMS) and Elliptic Curve Integrated Encryption Scheme (ECIES) (including RSA schema), a Key Management API, and a cloud-based Key Management Service (Virgil Keys). The Virgil Keys Service consists of a public key service and a private key escrow service. 

OnProcess Technology has announced it will be a featured speaker at @ThingsExpo, taking place November 1 - 3, 2016, in Santa Clara, California. Dan Gettens, OnProcess’ Chief Analytics Officer, will discuss how Internet of Things (IoT) data can be leveraged to predict product failures, improve uptime and slash costly inventory stock. @ThingsExpo is an annual gathering of IoT and cloud developers, practitioners and thought-leaders who exchange ideas and insights on topics ranging from Big Data in...
@ThingsExpo has been named the Top 5 Most Influential Internet of Things Brand by Onalytica in the ‘The Internet of Things Landscape 2015: Top 100 Individuals and Brands.' Onalytica analyzed Twitter conversations around the #IoT debate to uncover the most influential brands and individuals driving the conversation. Onalytica captured data from 56,224 users. The PageRank based methodology they use to extract influencers on a particular topic (tweets mentioning #InternetofThings or #IoT in this ...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
In an era of historic innovation fueled by unprecedented access to data and technology, the low cost and risk of entering new markets has leveled the playing field for business. Today, any ambitious innovator can easily introduce a new application or product that can reinvent business models and transform the client experience. In their Day 2 Keynote at 19th Cloud Expo, Mercer Rowe, IBM Vice President of Strategic Alliances, and Raejeanne Skillern, Intel Vice President of Data Center Group and ...