Once upon a time, cloud and edge computing were seen as separate frontiers within an organisation. However, it’s becoming more apparent that for the strength of connections to be maintained, the cloud and the edge must collaborate, especially as companies continue to operate remotely.
“The real issue is not cloud vs edge, but how best to connect and secure this distributed continuum of compute. It’s a complex situation,” said Galeal Zino, CEO of Netfoundry.
“The traditional prescription was to establish VPNs to connect location to location. Now, throw in the need to support an entire workforce working from home, requiring hundreds or perhaps even thousands of connections – establishing and managing all these VPNs becomes a huge task.
“It bears mentioning, that when connected via a VPN, the user has complete unfettered access to the entire network. Any breach of a VPN exposes the heart of the network and all of the data centre resources on that network.”
Content delivery networks: Six criteria for selecting a suitable CDN
So, how can organisations, in a remote environment, ensure that cloud and edge technology work together effectively?
Establishing zero trust
Zino went on to explain how a zero trust system can go some way in ensuring visible end-to-end security across cloud and edge devices.
“What is wanted is a new type of networking platform that establishes a reliable, high performance, zero trust connection across the Internet — meaning one that will only connect an authorised device and authorised user using an authorised application (ie ‘zero trust’),” he said.
“With zero trust, every connection is continuously assessed to identify who or what is requesting access, have they properly authenticated, and are they authorised to use the resource or service being requested — before any network access is permitted.
“This can be achieved using software defined networking loaded into the edge device or embedding networking capabilities into applications with SDKs and APIs. This eliminates the need to procure, install and commissioning hardware. Unlike VPNs, these software-defined connections can be tightly segmented according to company policies (policy based access), determining which workgroups or devices can be connected, and what they can share and how.
“This suggests a new paradigm: an edge-core-cloud continuum, where apps and services will run wherever most needed, connected via zero trust networking access (ZTNA) capable of securing the edge to cloud continuum end to end. This paradigm can be stretched even wider to envision a ‘silicon to cloud’ continuum, where the initial establishment of identity and trust occurs specialized silicon in devices.”
Examine the situation
When looking to deploy cloud or edge technology across the enterprise, what is exactly needed for maintained connectivity could depend on a variety of factors that affect customer experience strategies.
Could channel-less CRM be the way forward for your company?
“Cloud technology and edge technology must be seen as complementary rather than competitive,” said Mark Bole, CEO of Quortus. “In most cases, the use case or service in question will determine which option — cloud, edge, or a hybrid of the two — is best. Usually, this depends on available CAPEX, time to launch, and the level of control the end-user requires.
“It is never a ‘one size fits all’ when it comes to cloud or edge deployments; the customer’s need will always dictate which architecture works best for them and their use case. Enterprises considering edge versus cloud deployments must therefore think carefully about their requirements, including: what they need from a latency perspective; how secure do their connections need to be?; what about remote survivability?; and where do they want the data to be stored, on premise or remotely?
“In many cases, a hybrid solution which leverages both cloud and edge technology will be most appropriate, but ultimately, it’s all connections, no matter how they are distributed.”
Building a hybrid model
If you do find that going down the hybrid route is the way to go, this can minimise network running costs while maintaining optimal performance.
“Organisations are no longer having to choose between edge or cloud technologies because a new transformation is underway,” explained Michael Wood, chief marketing officer at Versa Networks. “This transformation is enabling edge-centric devices and services to take advantage of a hybrid model, which includes both edge and cloud because the network connecting the edge to the cloud has improved dramatically in performance, reliability, and security.
“Technologies such as Secure SD-WAN and SASE (Secure Access Service Edge) have dramatically improved the performance, security, and application segmentation between the edge and cloud allowing more real-time dependent edge services such as IoT, video, and mobile devices.
“Organisations need to look at implementing services such as the above to ensure their network securely operates at peak performance and at a lower cost, and this can be done without having to choose between edge and cloud devices.”
Be wary of limitations
While these technologies can be ideal when it comes to connectivity and data storage, it’s important to be wary of, and address any possible limitations that could be present.
According to Paul Miller, chief technology officer at Wind River, these pitfalls can be minimised using cloud infrastructure software that accommodates edge devices.
“While various methods can be employed to improve network connectivity — in fact, 5G technology itself does tremendous things to improve this such as enabling the replacement of hard-wired infrastructure within automated factories, as an example — it’s helpful to realise that cloud and edge device connectivity will always have limitations, in bandwith and in reliable connectivity,” said Miller.
5G networking infrastructure spend to double in 2020 — Gartner
“It is for this reason that teams should look to technologies, such as technologies based on the StarlingX open source project, that can tolerate and self-heal during edge to core cloud network disruptions, ensuring that any connectivity issues do not impact the feasibility of a far edge cloud architecture. This is key for reaching high availability, survivability, and self-healing capabilities in a distributed edge cloud.”
Security and governance
Lastly, it’s vital that cloud and edge security, as well as governance, are kept in mind when it comes to deployment and maintaining connectivity.
“As a part of ensuring optimal connectivity between the edge and the cloud, two key areas that enterprises often tend to overlook or do not take into consideration immediately are security and governance,” said Dinesh Chandrasekhar, head of product marketing at Cloudera. “While edge device security will be considered when implementing an IoT solution, data security is of utmost importance.
“More than its significance, it is important for the data-in-motion platform to provide a capability to set up a security policy at the edge on some sensitive data and carry it through seamlessly all the way to the cloud. Without this ability, data access will get opened up to malicious actors or to unauthorised personnel as the data makes its way from the edge to the cloud.
“In a similar vein, data governance is also of utmost importance. A good data-in-motion platform will offer the ability to attach metadata to the data it is protecting and also document every single touch on that data and track its entire lineage from edge to cloud.
“Protecting PII (Personally Identifiable Information) such as account numbers, social security numbers etc. is pertinent but more so, the ability to know who touched the data, what changes were made to it and where the data is headed to next is extremely critical.”