Virtual Elephant
Multi-Cloud Strategy

The Cloud Shift:
Making the Move to Cloud with Confidence & Control

Discover how to safely and effectively migrate your business to the cloud with this expert guide. From assessing your business needs and choosing the right hyper-scaler to overcoming challenges and optimizing your cloud environment, you’ll get step-by-step guidance on cloud migration. Get the inside scoop on cloud computing security, managed cloud services, and SaaS cloud computing, and avoid common migration mistakes with this essential resource.

Enterprise Architect Role in Multi-Cloud Strategy

As a VMware Certified Design Expert and TOGAF Enterprise Architect, I serve as a consultant to many organizations, advising them on the best strategies for optimizing the private clouds, as well as migrating to the public cloud. I work closely with these companies to understand their specific needs and goals, and to develop a future state architecture that takes into account their business requirements and desired multi-cloud strategy.

For many organizations, the prospect of being able to offload the day-to-day operational tasks, including data center maintenance, hardware lifecycle management, and software lifecycle, as well as reducing costs is a primary driver for a multi-cloud or public cloud migration strategy. While cloud adoption can offer many benefits, including increased scalability, improved security, and reduced costs, it also poses a number of challenges.

Those challenges include compatibility issues, network connectivity and security policy gaps, as well as potential service outages for workloads not properly transformed to adopt a cloud strategy. It is important for organizations to carefully assess, identify, and manage these risks before and after the cloud migration project.

Application Migration Strategy

Identifying applications in the data center, whether they live on bare metal servers or are inside a VMware Cloud Foundation SDDC environment, is a crucial step in any cloud migration. There are several factors to consider when evaluating applications for cloud migration, including resource utilization, data sovereignty, compliance requirements, application complexity, and cost. This article is going to focus primarily on understanding application dependencies as this is the most common pain-point organizations experience when adopting a multi-cloud strategy where applications are being migrated to the public cloud.

Understanding how applications are loosely or tightly integrated with other applications or data sources will be a key indicator in determining if an application is a candidate for a migration to a public cloud environment. There are several dependency mapping tools available to assist organizations visualize the relationships between different applications and systems. By understanding the application dependency map, an organization can gain a better understanding of how changes to one application or system will impact others.

Currently available application dependency mapping tools include:

  • AppDynamics: AppDynamics is an application performance management tool that provides real-time visibility into the performance and the relationships between different components.
  • Dynatrace: Dynatrace is a software intelligence platform that provides real-time visibility into the performance and dependencies of applications and the infrastructure they run on.
  • VMware vRealize Network Insight: vRealize Network Insight (vRNI) provides detailed information on network flows, firewall rules, and security threats using machine learning algorithms and advanced analytics to provide detailed insights into application behavior.
  • New Relic: New Relic is a cloud-based application performance management tool that provides real-time visibility into the performance of applications and the relationships between different components.
  • Sumo Logic: Sumo Logic is a cloud-based log management and analysis tool that provides real-time visibility into the performance and behavior of applications and systems.

While not an exhaustive list, these tools can provide an organization with a clear understanding of the relationships between different components of their applications, which can be invaluable when planning and executing a cloud migration project.

Deeper Dive into Application Dependency Mapping

VMware vRealize Network Insight and AppDynamics are both powerful tools for monitoring the performance of applications and infrastructure, but they have different focuses and capabilities. As such, an organization will need to better understand where they currently have gaps in their existing tools when determining if one or both of these applications will assist them in understanding their existing application requirements.

The key differences between these two products are the focus areas. AppDynamics primarily focuses on providing real-time visibility into the performance of applications and the relationships between different components. vRealize Network Insight instead focuses on network visibility and security, by providing a comprehensive view of network traffic and security posture. The information vRNI provides can be critical in identifying ideal candidates for a cloud migration because it highlights detailed network flows, firewall rules, and security threats.

vRealize Network Insight uses machines learning algorithms, as noted above, and advanced analytics to provide the detailed information on network behavior. In contrast, AppDynamics focuses on KPIs such as transactions times, error rates, and root-cause analysis when issues occur. They both also provide security policy related information that can be leveraged when setting up the public cloud environment to support an application, to ensure it is adequately protected from malicious behavior and threats.

vRealize Network Insight can provide a security policy for an application that includes the following information:

  • Network Segmentation: Identifies different components of an application — front-end, back-end, and database — to segment these components into separate virtual networks to reduce the attach surface of the application.
  • Firewall Policy: Identifies the network flows between different components of the application, and defines firewall rules that control access to sensitive data.
  • Intrusion Detection: Detects and responds to security incidents in real-time, such as DDoS attacks, and can generate alerts based on malicious network traffic.

Likewise, AppDynamics can provide the following security policy information for an application:

  • Application Access Control: Will monitor the behavior of an application to control access to sensitve data and can generate a policy requiring two-factor authentication before access to sensitive data is allowed.
  • Event Detection and Alerting: Detects and responds to security breaches in real-time, such as a data breach or failure in the authentication process.
  • Performance Monitoring: Identifies potential DDoS events based on performance of an application when it deviates from observed standards.
  • Compliance Monitoring: Monitors for deviations within an applications compliance with security standards, such as PCI-DSS or HIPAA. Capable of generating a report that shows and application’s compliance status that can be reviewed by security teams and key stakeholders.
Whichever tools are leveraged to understand the application landscape, successful cloud migrations are determined by how diligent an organization is within this phase of a cloud migration strategy. When application dependencies are not properly investigated, documented, and discussed, organizations quickly find themselves in a situation where their businesses are impacted due to issues. I have seen it happen countless times where this phase is skipped over or not given proper attention and the result is a business quickly trying to repatriate an application into the data center or legacy environment where it originated from in order to bring the business-critical applications back online.

Understanding when to Re-architect an Application

The evaluation of applications during the application dependency mapping phase can also be leveraged by organizations as a way to identify which applications need to be re-architected prior to being migrated to public cloud. There are several key factors that can assist an organization that is trying to determine if an application needs to undergo a re-architect.

  • Scalability: If the application is not designed to scale easily, it may need to support the flexible scaling capabilities of the cloud. This can often involve designing the application to be stateless, breaking the application into smaller, independent components, and/or using cloud-native technologies such as containerization and Kubernetes.
  • Network Latency: If the application relies on low latency network connections, it may need to be transformed to accommodate higher network latency inherent in cloud computing.
  • Security: If the application analysis and dependency mapping identified security vulnerabilities, those will need to be addressed and could include updating the application to support newer security technologies, such as encryption and authentication.
  • Data Management: If the application has a complex data management model, it could be transformed to leveraged cloud-native data management technologies, such as databases as a service (DBaaS) and/or object storage. This could also include optimizing the data structures and algorithms used by the application.
  • Cost: The application may need to be modified to optimize the use of cloud-native technologies, such as auto-scaling and reserved instances. Cost optimization tools, such as AWS Cost Explorer, Google Cloud Cost Management, and VMware Cloud Health can each assist in this analysis.

In this article we focused on how migration an application, or set of applications, from a data center to a public cloud provider is highly dependent on understanding the dependencies of each application and the interactions it has with other applications and systems within the infrastructure. There are several tools and products available to assist in executing this analysis, including AppDynamics and VMware vRealize Network Insight. We also identified several key indicators that can assist your organization when determining if an application should undergo a redesign prior to being migrated to the cloud. By considering these indicators, companies can ensure that their applications are well-suited for cloud computing and that the migration will be successful.