You may have noticed that here at NetFoundry, we talk a lot about AppWANs. Thanks to the miracle of overlay networking, just about every time you see our name, we tell you how you can use our orchestration tools to spin up AppWANs in minutes. So what exactly are AppWANs?
They’re software-defined encrypted overlays created using our console, command-line interface, or APIs, that define how endpoints are permitted to access services (such as applications) across the Internet and/or existing private networks like MPLS.
Clear as mud, right? Let’s take a step back…
What is Overlay Networking?
Overlay networking is a method of using software to create layers of network abstraction that can be used to run multiple separate, discrete virtualized network layers on top of a physical network, providing new applications or security benefits. One major benefit of NetFoundry’s overlays (AppWANs) are that since they’re abstracted above the infrastructure, they’re completely service-provider agnostic. Overlay networks also add layers of security and isolation when you’re working over the Internet, in public clouds, or in shared environments.
SDxCentral describes it best: One way to conceptualize an overlay is to think of it as endpoints designated by an identification tag or number, somewhat like the phone system. A device can be located simply by knowing its identification tag or number in the networking system. In a traditional physical network, such as the original phone system, the phone number was used to locate a specific physical device hard-wired on to a network. However, in the modern phone system, a phone number can become “virtualized” – that is, assigned to devices or software, or programmed to follow the user. This is a form of virtualization, or overlay.
How Do NetFoundry AppWANs Work?
First, an administrator uses NetFoundry’s web-based orchestration console and/or APIs to design and instantly deploy cloud-native, application-specific networks (AppWANs). An AppWAN is created when an endpoint or group of endpoints (which can be any combination of virtual gateways, virtual machines, IoT devices, smartphones, laptops, etc.) is assigned permission to access a set of services (applications). The console and APIs enable the administrator to enforce their policies, without needing to manage the infrastructure itself.
Each AppWAN is managed by a NetFoundry controller, enabling the administrator to benefit from NetFoundry’s network fabric without needing to manage the underlying network. Controllers interact with business and application systems such as IAM, IoT identity, and cloud policies to enable each AppWAN to be programattically controlled by the application contexts and needs.
NetFoundry’s global network fabric and endpoint software enable secure, reliable networking from anywhere to anywhere. The endpoint software connects to the fabric from any Internet connection, extending each AppWAN to the application edge. The software routes each session to the NetFoundry network fabric, and adaptively manages Quality of Experience (QoE) during each session.
What Can I Do With AppWANs?
The sky’s the limit. Since AppWAN-based overlay networking is service-provider and infrastructure agnostic by design, there’s not much stopping you from connecting the things you need to connect to the applications they need to access. Plus, since administrators can “spin up” AppWANs from the console in minutes, you can extend the agility you demand from your DevOps teams to your network, opening up a whole new world of possibilities.
One of the most interesting use cases for AppWANs is multicloud connectivity. AppWANs designed for multicloud enable instant creation of cloud-to-cloud and cloud-to-edge private network fabrics over existing internet circuits.
The components within our orchestration console were designed to make building and augmenting AppWANs for multicloud situations easy and seamless. For example, our virtual gateways, which connect your AppWANs to cloud instances, come pre-built to integrate quickly and seamlessly with popular providers such as AWS, Microsoft Azure, Google Cloud Platform, and IBM Bluemix. They are also available as VMIs for ESXi 5.0 or greater for more custom deployments.
As a result, AppWANs designed for multicloud connectivity make stubborn, legacy applications cloud-portable with a layered security architecture that isolates and protects data flows through a data stream fragmentation (aggregation and disaggregation) and military-grade encryption. The result is a private, dark, zero-trust network.
The best part is, you’re not stuck with just connecting clouds. AppWANs are incredibly agile and elastic, so you can connect any combination of endpoints, whether employee laptops or IoT devices, in any combination that works best, at application-level granularity.