Invented by Abhishek Chauhan, Peter Downing, Citrix Systems Inc
Public cloud services offer scalability, flexibility, and cost-effectiveness, while private clouds provide greater control, security, and customization. By bridging these two environments, businesses can create a hybrid cloud that meets their specific needs.
The demand for cloud bridging solutions is driven by the increasing adoption of cloud computing by businesses of all sizes. According to a report by Gartner, the worldwide public cloud services market is projected to grow 17.5% in 2019 to total $214.3 billion, up from $182.4 billion in 2018. As more businesses move their workloads to the cloud, the need for cloud bridging solutions will continue to grow.
There are several systems and methods for cloud bridging available in the market. One of the most popular methods is virtual private cloud (VPC) connectivity, which allows businesses to connect their private cloud infrastructure with public cloud services through a secure virtual network. VPC connectivity is offered by major cloud providers such as Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform.
Another method for cloud bridging is cloud bursting, which allows businesses to use public cloud resources to handle peak workloads when their private cloud infrastructure is unable to handle the load. Cloud bursting is particularly useful for businesses with unpredictable workloads, such as e-commerce sites or seasonal businesses.
Other systems and methods for cloud bridging include hybrid cloud management platforms, cloud gateways, and cloud brokers. These solutions offer businesses a range of options for connecting their private and public cloud environments.
The market for systems and methods for cloud bridging is highly competitive, with major cloud providers such as AWS, Microsoft, and Google offering their own solutions. However, there are also many smaller vendors offering specialized cloud bridging solutions that cater to specific industries or use cases.
In conclusion, the market for systems and methods for cloud bridging between public and private clouds is growing rapidly as more businesses adopt cloud computing. Cloud bridging allows businesses to create a hybrid cloud environment that meets their specific needs, combining the scalability and cost-effectiveness of public cloud services with the control and security of private clouds. With the increasing demand for cloud computing, the market for cloud bridging solutions is expected to continue to grow in the coming years.
The Citrix Systems Inc invention works as follows
The cloudbridge may consist of a tunnel that connects a datacenter via a wide area network to a cloud. Cloud bridges make cloud-hosted apps appear to be running on a single contiguous enterprise networking. “With a cloud-bridge in place, administrators and tools believe that the application is on the enterprise network.
Background for Systems and Methods for Cloud Bridging Between Public and Private Clouds
Enterprise organisations may want to benefit from cloud computing, but they don’t want to give up on their own datacenters. This suggests a hybrid strategy, which is a mix between public and private cloud. To succeed with hybrid clouds, there are several challenges to overcome. The first is the complexity of applications. Enterprise applications rely on shared services such as directories and databases that reside on premises. These applications must work in the cloud, without migrating the shared services or duplicating them. Second, there are IT (information technologies) silos. Although the cloud and on-premise datacenters are distinct infrastructure environments it can be difficult to avoid creating duplicate tools, processes, or teams. Third, secure and private connectivity is a challenge. “Incompatible network policies, misaligned IP addresses and other issues must be resolved to allow applications to run in both on-premises and cloud environments.
To address these challenges, enterprises may extend their networks to cloud data centers located off-premises. Cloud-hosted apps are made to appear on enterprise networks by the cloud bridge. This is done for administrators, tools, and the applications themselves. Cloud bridges of the current solution offer the following benefits.
The various service models of software-as-a-service (SaaS), platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) are cloud related solutions that may be used by various enterprises. Cloud solutions can provide enterprises with a number of benefits including increased elasticity, flexibility, efficiency, and cost savings. There are three deployment models to choose from when moving or adopting cloud solutions: public, hybrid, and private. When choosing deployment models, enterprises may have to ask difficult questions and make tough choices in order to overcome the challenges they may face.
In the IaaS case, it is often a question of whether to use private or public clouds. These deployment models have many differences and unique benefits. Public clouds, for example, allow for a reduction in capital expenses (CapEx) as well as fewer staff members to manage infrastructure. Private clouds give full control over governance and security, and allow for direct physical control of infrastructure. Hybrid clouds are a way to combine public and private cloud services.
Private clouds and public cloud coexist.” Some enterprise organizations do not want to move their entire datacenter to the public cloud. Some of their IT infrastructure could still be behind the corporate firewall. Many enterprise organizations also want to leverage or take advantage of the unique benefits that public clouds offer. Public clouds provide more benefits, such as large temporary capacities. Private clouds are controlled but do not offer the same level of control. Private clouds can be on-premises, provide full control and security, but have high fixed costs. Public clouds can be located off-premise, have low utility costs, and offer self-service with full elasticity. In certain cases, an enterprise might adopt, or even deploy, a hybrid cloud. A hybrid cloud strategy that uses private and public clouds can include IT infrastructure on-premises and off-premises components with low utility costs, self service, full elastics and trusted security under corporate control.
There are some challenges involved in integrating the datacenter with a cloud strategy” Integrating the datacenter into a cloud-based strategy is not without its challenges.
Another challenge is the complexity of applications. Even the simplest applications can be moved to a cloud using a virtual machine. The majority of applications rely on services like a directory infrastructure and identity management. All of these common services are located in one central location within the enterprise datacenter, so that they can be used by all applications. It is therefore extremely difficult to remove an application completely from the datacenter. It is not enough to find and reproduce every component in the application. Every direct, indirect, and environmental dependency also needs to be identified and replicated. These are some of the problems with this approach.
Another problem is private and secure connectivity.” Connecting a cloud off-premise to an enterprise network can introduce traffic over the public internet. Only approved traffic is allowed to enter either IT environment. Data must remain private and secure during transit. Although firewalls are important, it can be hard to maintain and define safe and optimal rules. “Configuration errors can create security risks when connecting an off-premises cloud to the enterprise’s network.
Cloud environments are run on separate networks, which adds to the complexity. It may result in unaligned or incompatible IP address ranges and network policies. “Network issues prevent resources from being visible in different datacenters and cloud environments.
Embodiments in the present solution allow a hybrid cloud to address the challenges above by providing:
The present solution, in some aspects is a method of transparently bridging traffic between a network private and a network cloud. The method involves establishing a secure IP layer tunnel between a first intermediate device deployed for the private network and a secondary intermediary device for the cloud network. The cloud network is separate and independent from the private network. The method includes also establishing, through the first intermediary and second intermediary devices, a secure IP layer tunnel. The network bridge extends IP addresses from the private network to cloud networks. The method also includes communicating via the networkbridge a request made by a device on the private networks to access a resource that is identified using an IP address on the private network, and hosted on a device on the cloud network.
In some embodiments the method comprises receiving the request via the first intermediary and transmitting the request to the other intermediary device using the network bridge. In some embodiments the method involves communicating the request by the second intermediate device to the second device that corresponds to the IP of the private network. In some embodiments the method involves communicating to the first device, via the network, a response from the second device. In some embodiments the method comprises receiving the response from the second device via the cloud network by the second intermediary and sending the response to first intermediary. The response contains the IP address for the first device in the private network. The method may include communicating the response of the second device from the cloud network to the first device via the first intermediary device.
In some embodiments, establishing a secure IP layer tunnel includes establishing IPSec communication over a Layer 2 tunnel. In certain embodiments, establishing a network bridge is part of the method to extend the virtual local area networks (VLANs) from the private network to cloud network. In some embodiments the cloud network is a public network. In some embodiments, the network is a private network.
In certain aspects, the present system is directed at a system that transparently bridges network traffic between private networks and cloud networks. The system can include a first intermediate device deployed for the private network and second intermediary devices deployed for the cloud network which is independent and dissimilar from the private network. The system can establish a secure IP layer between the first and second intermediary devices and then a network tunnel via the first and second intermediary devices over the secured IP layer tunnel. The network bridge extends IP addresses from the private network to cloud networks. The network bridge is used by the first intermediary device to communicate a request received from a private network device requesting access to a resource identified using an IP address. The resource is located on a cloud network on a second device.
In some embodiments, a first intermediary device receives a request from a first device and transmits it to s second intermediary via the network bridge. The second intermediary communicates the second device with the request corresponding to IP address of private network. The response to the initial request is communicated by the second device via the network bridge to the first device. The second intermediary receives the answer to the request sent by the second device in the cloud network, and sends it to the first intermediate device. The response contains the IP address for the first device in the private network. The first intermediary device transmits the response of the second cloud device to the first device in the private network.
In some embodiments, IPSec communication over a Layer 2 tunnel is used to create the secure IP layer. In certain embodiments, a network bridge extends the virtual local area networks (VLANs) of the private to the cloud network. In some embodiments the cloud network is a public network. In some embodiments the cloud network is a private network.
The description and accompanying drawings show the details of different embodiments of the invention.
The following sections of the specification with their respective contents can be useful for reading the descriptions of various embodiments:
Before discussing the specifics about embodiments of systems and methods for a cloudbridge, it might be useful to discuss the computing and network environments in which these embodiments could be deployed. Now, let’s look at FIG. In FIG. 1A, a particular embodiment of a networking environment is shown. Briefly, the network environment consists of one or multiple clients 102a-102n (also commonly referred as local machine(s), or client(s), 102) that are in communication with one-or-more servers 106a-106n (also commonly referred as server(s), or remote machine(s), 106) through one or several networks 104. (generally known as network 104). In certain embodiments, the client 102 can communicate with a server via an appliance 200.
Although FIG. “Although FIG. The clients 102, 106 and servers 106 could be on the same network. What are the networks 104-104? It can be one type of network, or several types of networks. The network 104 or the network 104? It can be a local area network (LAN), like a company Intranet or a metropolitan area network, or a wide-area network(WAN), like the Internet or the World Wide Web. Network 104 is one example. Network 104 could be a private network, while network 104 might be a public one. Network 104 and network 104 can be considered private networks in some instances. A public network. Networks 104 and104 may be used in another way. Both networks may be private. Clients 102 could be at a branch office or corporate enterprise and communicate via a WAN connection through the network 104 to the corporate data center servers 106.
The network 104 or 104?” Any type or form of network may be used. It can include any number of the following: a network 104 and/or 104, a broadcast network network, large area network network networks, a wide-area network network network, and a telecommunications network. The network 104 can include a wireless link such as an infrared channel, satellite band, or a wireline network. What is the topology of network 104 or 104? It could be a bus, star or ring network topology. What is the network 104 or 104? The network 104 and/or 104 may have any network or network topology that is known to those who are skilled in the art of the art.
Click here to view the patent on Google Patents.