Welcome!

Java Authors: Dana Gardner, David H Deans, Patrick Carey, Jack Newton, ChandraShekar Dattatreya

Related Topics: XML, Cloud Expo, Security

XML: Article

Combining the Cloud with the Computing: Application Delivery Networks

What new challenges does Cloud Computing present for the enterprise?

IT executives are being asked to increasingly evaluate new cloud-based services to improve business agility while lowering operating and capital costs within the enterprise. Yet often very little is known about the “cloud” itself. How does it work? What new challenges does it present for the enterprise?

While cloud vendors continue to roll-out new technology to capture the imagination of application development and IT organizations – one area continues to remain noticeably cloudy and overlooked – the cloud itself.

The first of the two words in cloud computing is often not well understood. It’s almost always drawn very minuscule in pictures while dwarfed by the virtualized server farms providing on-demand computing power. Implying as if the cloud is secondary and works in a simple way – something goes in one side of the cloud and then shows up instantaneously on the other side. Or perhaps it’s a control issue – after all, the cloud is seemingly outside of the data-center beyond direct control of IT...or is it?

In order for cloud computing to realize its full potential and become commonplace for a range of business processes and applications within the enterprise the cloud itself needs to be treated equally as important as the computing aspect. The two must go hand-in-hand. For decades, enterprises have grown accustomed to private IP-VPN services such as MPLS offered by network providers. Such services offer high degrees of uptime, low latency and packet loss guarantees, and a sole point of escalation for problem resolution. Yet the on-demand accessibility promised by cloud computing services are best fulfilled when any type of user can access applications – anywhere in the world, and at any time thru a common interface such as a Web browser. And it simply isn’t possible to run private IP-VPN services to everywhere application users have access to a Web-browser. As a result, the Internet is more often than not the de facto cloud used to fulfill the ubiquitous reach and economies of scale necessitated by on-demand cloud applications.

Herein lies the challenge. The Internet cloud is not like a private network offered by a service provider. The Internet is a network-of-networks, consisting of over ten thousand individual network providers. And unlike traffic carried within a private-WAN, not all networks are economically motivated to carry the bulk of Internet traffic generated by an on-demand cloud computing service. The first-mile provider offering bandwidth for the data-center and the last-mile access provider are the two providers who directly get paid to connect the user to the application. All other Internet network providers have little economic incentive to exchange and deliver traffic and apply sub-optimal, unreliable relationships called peering. Peering relationships manifest themselves by adding extra round-trip latency and packet loss by way of the Border Gateway Protocol (BGP) which is used to route application requests thru the cloud between application users and the infrastructure1. Yet any latency or service interruption, whether caused by either the computing infrastructure or the cloud, degrades user experience and can damage customer satisfaction resulting in abandonment issues and low adoption of cloud computing services.

To make matters even worse, other protocols used to govern Web application delivery such as the chatty TCP protocol for transport and HTTP for applications introduce new application delivery bottlenecks for distributed users of on-demand cloud based applications. Users far away from computing infrastructure will experience slower response times and worse availability than those users close to the resources. And the Internet opens new security vulnerabilities ranging from Domain Name Server (DNS) and distributed denial-of-service (DDoS) attacks to more advanced malicious activities exposing application-specific vulnerabilities.

The challenges associated with the Internet cloud are very real. What happens to application adoption when one user gets a 5-10x slower application response time than another, merely because of their increased distance from computing servers? What if applications are unavailable due to issues associated with the Internet itself such as congestion, de-peering, cable cuts or earthquakes? What happens if your in-cloud application is attacked by Internet hackers? As evidenced by a recent State of the Internet Report2, attack traffic on the Internet was originated in over 139 unique countries. Over 400 unique ports were attacked, a twenty fold increase from just the prior quarter. DDoS attacks continued to exploit tactics that were identified years ago along with numerous high-visibility DNS hijackings. Network and routing outages remain commonplace. And Website and application hacks, such as SQL injections and cross-site scripting (XSS) attacks have infected hundreds of thousands of Web properties. It is clear the Internet must transform into a predictable, reliable application delivery platform suitable for business use to fulfill the promise of cloud computing within the enterprise.

Cloud computing providers need a strategy for optimizing the cloud for their on-demand applications and computing services on a global scale, while remaining as cost-effective as possible, in order to survive what is undoubtedly becoming increasingly competitive environment. At the same time, they are pressured to ensure their infrastructure can cope with a rapidly escalating volume of data and shield users from in-the-cloud bottlenecks outside of the data-center. For this reason, they are increasingly reliant on proven third-party providers for the reliable and cost-effective delivery of on-demand content and applications in the cloud in to solidify their position in this rapidly evolving and promising market.

One way of optimizing delivery over the Internet cloud has been thru next-generation content delivery network (CDN) providers. To enable on-demand cloud computing services, however, such providers must transcend far beyond traditional CDN capabilities to address the fact that rich interactive websites and enterprise applications aren’t generally cacheable like a large media file or image. Dynamic content requires new application delivery optimizations addressing routing, transport and application layer protocol inefficiencies introduced by the Internet cloud for effective delivery. Such optimizations allow globally distributed users to feel as though they are close to centralized computing resources, regardless of their distance from the infrastructure, while addressing other key availability, security and scalability bottlenecks associated with Internet-based application delivery.

Next-generation CDN providers incorporate tens of thousands of distributed computing servers across the globe at the edge of the Internet, within one network hop away from both application infrastructure and the vast majority of the world’s Internet users. In essence, this creates a distributed global “overlay” of the Internet serving as the foundation for powering a better Internet experience. Thru software written on the platform, the application of a sophisticated set of algorithms and knowledge of real-time Internet conditions are applied towards accelerating content goes well beyond static caching and traditional CDN capabilities to optimize application delivery bottlenecks for fully dynamic, on-demand applications. Essentially, these services leverage their own optimized protocols to optimize the distance induced performance and availability challenges introduced by BGP, TCP and HTTP protocols. Next-generation CDN services, often referred to as “Application Delivery Networks” (ADN), improve the delivery of dynamic content in the Internet cloud, without the use of any additional hardware, new software or application code changes for any application user accessing an application over the Internet cloud. The operation of an ADN is described and illustrated in Figure1.

1. A dynamic mapping system based on DNS directs user requests for secure application content to an optimal edge server.

2. Malicious activity can be blocked at the edge of the Internet, outside the data-center, through a set of configurable rules

3. Dynamic route optimization technology identifies the fastest and most reliable path back to the origin infrastructure to retrieve dynamic application content.

4. A high-performance transport protocol transparently optimizes communication throughput between edge server and the origin, improving performance and reliability. 5. The edge server retrieves the requested application content and returns it to the user over secure optimized connections. Static and pre-fetched content leverages edge proximity to speed delivery when possible.

Figure 1 – How an Application Delivery Network (ADN) works

Providers of on-demand computing resources and applications leveraging ADN technologies benefit by keeping data-center build-out to a minimum while simultaneously addressing Internet delivery issues. ADN services are provided as a convenient managed service with no capital expenditure. The result is higher application availability, better performance, improved security, and significantly improved scalability and operations. Cloud computing providers can focus on their core strength – developing innovative hosting services, application development platforms and off-the-shelf software applications - while benefiting from a scalable and robust delivery platform which works on a global scale.

Figure 2 – Response times across 25 geographies to complete a 4-step dynamic transaction for a Web-based customer service portal hosted as a single instance in eastern United States. Prior to the use of an ADN, users in some cities such as Madrid, Singapore and Sydney experienced over 40-second response times. After the use of an ADN, all cities exhibited response times no more than 17-seconds – whereas someone in Singapore would “feel” as though they were located in Los Angeles.

Some of the large cloud computing providers will opt to build-out a multitude of big regionalized data-centers, often spending tens or hundreds of millions of dollars on big data-center investments. While this will undoubtedly place on-demand infrastructure in closer proximity to application users, there are architectural limitations to this approach.

On-demand browser applications are accessible on a global scale, which means if the application resides in a single data-center there will always be some portion of the user community who will be much farther away. Do you have your application run in a North America, Europe or Asia-Pac data-center? And replicating instances of a single application across multiple data-centers may often not be desirable or even possible due to a variety of considerations such as management, cost, integration, performance, regulatory compliance and security

For those applications which can be replicated in multiple instances, however, the big data-center approach remains flawed as the majority of application users are most likely not buying their Internet connectivity from the same provider servicing the regional data-center. In fact, measurements show the ten largest networks in the Internet provide last-mile subscriptions to approximately 30% of overall Internet users3. And no single network provides more than 10% of the access traffic. So even if application instances were replicated in large data-centers that happened to reside within the world’s 30 largest networks, the average distance from an application user to data-center would still exceed 1,500 miles. Let alone unless the data-center is in the same service provider as the application user, the user remains at the mercy of Internet delivery bottlenecks.

From IP traceroute measurements, it is easy to observe how users are sometimes routed outside of countries and even continents to reach data-center infrastructure. Even when having infrastructure in the same city as the end-user, but not the same service provider, applications can be subject to substantial latency challenges. As a result, despite pre-existing data-center build-out, the use of an ADN is highly beneficial to optimize from the application user to a nearby data-center.

Number of ISPs Crossed from Application User to Data-Center - Intra City

1

2

3

4

5

Frankfurt

5%

21%

30%

28%

16%

Singapore

19%

19%

25%

31%

6%

Chicago

10%

59%

31%

0%

0%

Seattle

3%

17%

47%

27%

6%

Table1: It is very common for Internet routing to go outside of city and country when connecting application users to nearby data-centers.  For example, based on a sample of IP traceroutes, an application user in Frankfurt would traverse 3 or more ISP's 74% of the time to connect to application infrastructure also located in Frankfurt.

Leveraging CDN for static delivery of content via the public Internet is well established and understood. The next-generation of CDN services – Application Delivery Networks - are already proven and can be equally effective for transparent delivery of dynamic, on-demand applications developed and delivered within the Internet cloud. For many years now, leading managed service providers have been offering advanced services based on highly distributed global platforms which transform the Internet into a reliable and high-performing platform for on-demand application delivery to the global enterprise – for anyone, anywhere, anytime. An increasing number of applications and business processes are moving to a cloud-based delivery model. Whether it is for rich interactive Web 2.0 websites, web-enabled business processes such as extranet portals and supply chains, software-as-a-service and now on-demand cloud computing – the importance of optimizing the cloud itself moves to the forefront in order to meet the stringent demands of the enterprise.

Globally distributed Application Delivery Networks put the optimal architecture for in-cloud optimization right into IT and application development’s hands. The Internet cloud is tremendously complicated and those placing the same scrutiny towards optimizing outside of the data-center, as inside the data-center, are those who will be able to successfully satisfy the stringent demands necessary to bring cloud-based applications to the marketplace.

For those evaluating the use of any cloud-based platform or service… don’t forget the cloud. Ask probing questions to understand what is available to optimize cloud-based application delivery both inside and outside the data-center. The use of highly distributed Application Delivery Networks when applied to on-demand computing platforms is a powerful combination to help bring cloud based services to the enterprise market and is readily available today.

Recommended Reading and Viewing:

1 Historical Internet latency & packet loss measurements
http://www.akamai.com/dv2

2 Akamai - “Quarterly State of the Internet Report”
http://www.akamai.com/stateoftheinternet/

3 Akamai – How Will the Internet Scale?”
http://www.akamai.com/dl/whitepapers/How_will_the_internet_scale.pdf

More Stories By Willie M. Tejada

Willie M. Tejada is Vice President, Application and Site Acceleration, at Akamai Technologies, Inc., where he is responsible for the Application and Site Acceleration Business Units targeted at optimizing the delivery of enterprise sites and applications over the Internet. With more than 15 years of marketing, product management, and business development experience, Tejada joined Akamai in March 2007 as part of the Netli acquisition. A seasoned executive, he has held various senior management positions in both start-up and large enterprise companies including Novell, where he led marketing, product management, developer and strategic relations organizations. An accomplished communicator and presenter, he is an inventor listed on US Patent 6,078,924, and also the author of Facilitating Competitive Intelligence: The Next Step in Internet-Based Research published in CRC Press' "Best Practices Series" in Internet Management.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


@ThingsExpo Stories
Bit6 today issued a challenge to the technology community implementing Web Real Time Communication (WebRTC). To leap beyond WebRTC’s significant limitations and fully leverage its underlying value to accelerate innovation, application developers need to consider the entire communications ecosystem.
The definition of IoT is not new, in fact it’s been around for over a decade. What has changed is the public's awareness that the technology we use on a daily basis has caught up on the vision of an always on, always connected world. If you look into the details of what comprises the IoT, you’ll see that it includes everything from cloud computing, Big Data analytics, “Things,” Web communication, applications, network, storage, etc. It is essentially including everything connected online from hardware to software, or as we like to say, it’s an Internet of many different things. The difference ...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world.
SYS-CON Events announced today that Windstream, a leading provider of advanced network and cloud communications, has been named “Silver Sponsor” of SYS-CON's 16th International Cloud Expo®, which will take place on June 9–11, 2015, at the Javits Center in New York, NY. Windstream (Nasdaq: WIN), a FORTUNE 500 and S&P 500 company, is a leading provider of advanced network communications, including cloud computing and managed services, to businesses nationwide. The company also offers broadband, phone and digital TV services to consumers primarily in rural areas.
"There is a natural synchronization between the business models, the IoT is there to support ,” explained Brendan O'Brien, Co-founder and Chief Architect of Aria Systems, in this SYS-CON.tv interview at the 15th International Cloud Expo®, held Nov 4–6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
The major cloud platforms defy a simple, side-by-side analysis. Each of the major IaaS public-cloud platforms offers their own unique strengths and functionality. Options for on-site private cloud are diverse as well, and must be designed and deployed while taking existing legacy architecture and infrastructure into account. Then the reality is that most enterprises are embarking on a hybrid cloud strategy and programs. In this Power Panel at 15th Cloud Expo (http://www.CloudComputingExpo.com), moderated by Ashar Baig, Research Director, Cloud, at Gigaom Research, Nate Gordon, Director of T...
An entirely new security model is needed for the Internet of Things, or is it? Can we save some old and tested controls for this new and different environment? In his session at @ThingsExpo, New York's at the Javits Center, Davi Ottenheimer, EMC Senior Director of Trust, reviewed hands-on lessons with IoT devices and reveal a new risk balance you might not expect. Davi Ottenheimer, EMC Senior Director of Trust, has more than nineteen years' experience managing global security operations and assessments, including a decade of leading incident response and digital forensics. He is co-author of t...

ARMONK, N.Y., Nov. 20, 2014 /PRNewswire/ --  IBM (NYSE: IBM) today announced that it is bringing a greater level of control, security and flexibility to cloud-based application development and delivery with a single-tenant version of Bluemix, IBM's platform-as-a-service. The new platform enables developers to build ap...

Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Architect for the Internet of Things and Intelligent Systems at Red Hat, described how to revolutioniz...
Technology is enabling a new approach to collecting and using data. This approach, commonly referred to as the "Internet of Things" (IoT), enables businesses to use real-time data from all sorts of things including machines, devices and sensors to make better decisions, improve customer service, and lower the risk in the creation of new revenue opportunities. In his General Session at Internet of @ThingsExpo, Dave Wagstaff, Vice President and Chief Architect at BSQUARE Corporation, discuss the real benefits to focus on, how to understand the requirements of a successful solution, the flow of ...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, and physical persons. In the IoT vision, every new "thing" - sensor, actuator, data source, data con...
"BSQUARE is in the business of selling software solutions for smart connected devices. It's obvious that IoT has moved from being a technology to being a fundamental part of business, and in the last 18 months people have said let's figure out how to do it and let's put some focus on it, " explained Dave Wagstaff, VP & Chief Architect, at BSQUARE Corporation, in this SYS-CON.tv interview at @ThingsExpo, held Nov 4-6, 2014, at the Santa Clara Convention Center in Santa Clara, CA.
Focused on this fast-growing market’s needs, Vitesse Semiconductor Corporation (Nasdaq: VTSS), a leading provider of IC solutions to advance "Ethernet Everywhere" in Carrier, Enterprise and Internet of Things (IoT) networks, introduced its IStaX™ software (VSC6815SDK), a robust protocol stack to simplify deployment and management of Industrial-IoT network applications such as Industrial Ethernet switching, surveillance, video distribution, LCD signage, intelligent sensors, and metering equipment. Leveraging technologies proven in the Carrier and Enterprise markets, IStaX is designed to work ac...
C-Labs LLC, a leading provider of remote and mobile access for the Internet of Things (IoT), announced the appointment of John Traynor to the position of chief operating officer. Previously a strategic advisor to the firm, Mr. Traynor will now oversee sales, marketing, finance, and operations. Mr. Traynor is based out of the C-Labs office in Redmond, Washington. He reports to Chris Muench, Chief Executive Officer. Mr. Traynor brings valuable business leadership and technology industry expertise to C-Labs. With over 30 years' experience in the high-tech sector, John Traynor has held numerous...
The 3rd International @ThingsExpo, co-located with the 16th International Cloud Expo - to be held June 9-11, 2015, at the Javits Center in New York City, NY - announces that it is now accepting Keynote Proposals. The Internet of Things (IoT) is the most profound change in personal and enterprise IT since the creation of the Worldwide Web more than 20 years ago. All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades.
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover how hardware commoditization, the ubiquitous nature of connectivity, and the emergence of Big Data a...
Almost everyone sees the potential of Internet of Things but how can businesses truly unlock that potential. The key will be in the ability to discover business insight in the midst of an ocean of Big Data generated from billions of embedded devices via Systems of Discover. Businesses will also need to ensure that they can sustain that insight by leveraging the cloud for global reach, scale and elasticity.
SYS-CON Events announced today that IDenticard will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY. IDenticard™ is the security division of Brady Corp (NYSE: BRC), a $1.5 billion manufacturer of identification products. We have small-company values with the strength and stability of a major corporation. IDenticard offers local sales, support and service to our customers across the United States and Canada. Our partner network encompasses some 300 of the world's leading systems integrators and security s...
IoT is still a vague buzzword for many people. In his session at @ThingsExpo, Mike Kavis, Vice President & Principal Cloud Architect at Cloud Technology Partners, discussed the business value of IoT that goes far beyond the general public's perception that IoT is all about wearables and home consumer services. He also discussed how IoT is perceived by investors and how venture capitalist access this space. Other topics discussed were barriers to success, what is new, what is old, and what the future may hold. Mike Kavis is Vice President & Principal Cloud Architect at Cloud Technology Pa...
Cloud Expo 2014 TV commercials will feature @ThingsExpo, which was launched in June, 2014 at New York City's Javits Center as the largest 'Internet of Things' event in the world. The next @ThingsExpo will take place November 4-6, 2014, at the Santa Clara Convention Center, in Santa Clara, California. Since its launch in 2008, Cloud Expo TV commercials have been aired and CNBC, Fox News Network, and Bloomberg TV. Please enjoy our 2014 commercial.