Share →
Hybrid Networks

Hybrid Networks

Hybrid cloud networks are all the rage.  It’s a concept that been bandied about quite a bit lately.  But what is it?  Why does it matter?  Should you spend your valuable resources looking into it, and, what does it take to use it?

Hybrid cloud networks consist of an on-premises network connected to a cloud-network, acting as a single network.  Essentially, the cloud network acts as an extension to an existing on-premises network.

But, why should you extend an existing on-premises network with a cloud network?  Isn’t your on-premises network good enough?  Why would an organization go through the hassle of configuring such a potentially complex infrastructure?  On the flipside, why wouldn’t you just implement a cloud network infrastructure and move away from hosting your resources in an on-premises network?

The value of an on-premise network is control and security (or the perception of security).  There are other arguable aspects to the value of on-premises networks, including reduced cost, though this argument is subjective and there are many factors which must be considered – the initial cost of infrastructure, the maintenance of hardware, management of OS patches and security, and cost of both hardware and software upgrades.  There’s also hardware depreciation, the opportunity cost of managing the budgets and finances for acquisition, maintenance, and management of the network infrastructure, and the costs incurred by operations staff who act as the gatekeepers to the infrastructure.  There are many costs, obvious and hidden, which must be considered before deciding that the cloud is too expensive to use.

The value of a cloud-based infrastructure is ease of administration, easily provisioned infrastructure, reduced cost of infrastructure administration (no need to purchase new hardware), and if moving to PaaS, the cost of managing OS’s is also removed.  Of course, moving to a cloud-based infrastructure has its own costs, and it could be argued that the costs can be a little easier to manage because the fee structure is already known.  There are many resources available for evaluating the cost of moving to a cloud-based infrastructure.  Whether moving to the cloud or not, it’s important to have a thorough understanding of the complete array of costs before making a decision.

Which brings up to the reason for a hybrid infrastructure – having the best of both worlds.

Easier provisioning
The hybrid network allows you easier provisioning of resources while still enabling connectivity between these resources and your network.  It is quite possible you are using virtualization technology, whether Hyper-V or VMWare.  The benefit of virtualization is in the simplicity of deploying new servers when desired, easy backups, and the ability to snapshot as needed.  The one major challenge of on-premises virtualization infrastructure is resource availability.  It’s costly to upgrade hardware, as it’s difficult to know what your organization’s needs will be three years down the road, which makes planning (and requisitioning hardware) challenging. Most organizations do not have enough resources available to enable a comprehensive program for enabling user-managed provisioning of environments.  The cloud removes these limitations.  Improving virtual machine performances is as easy as selecting the upgrade from a drop-down, and enabling user-managed provisioning of environments can be implemented simply by adding a new subscription.

With user-provisioned machines in the cloud, operations can use technologies such as Chef, Puppet, and Desired State Configuration to define configurations for environments. This ensures that newly provisioned machines meet specific configuration requirements.  It also simplifies the user’s experience by giving them on-demand environments while making sure the environments meet organizational standards.  Of course, you can still use your on-premises virtualization technologies; you’re just adding additional functionality to support your user community.

Backups and recovery
The hybrid network allows an easy-to-manage backup and recovery process.  You can backup your on-premises network resources to Azure, giving you a relatively easy disaster-recovery solution.  This eliminates the need for media management and makes sure that your backups are off-site.  It also improves the recovery time when a true disaster happens.  When a disaster strikes your on-premises network, you virtualized servers, which were backed up to the cloud, can be restored to the cloud, so you can be back up and running while you are rebuilding your on-premises network, reducing organizational down-time.

DevTest infrastructure
If you are using Microsoft Test Manager, Test Runner will connect to the TFS Server to create bugs and update test cases. So any environment on which you are using Test Runner will need network access to the TFS Server.  Whether through a routed subnet or on the same subnet, Test Runner must be able to connect directly to a TFS server.   When using a provisioned environment in your on-premises network, as long as Test Runner can reach the TFS server through firewalls or across routers, no worries.  If, however, your tests are being run on a provisioned environment in Azure, the network containing your provisioned environment will need to be connected via VPN to your on-premises network.

Creating a Hybrid network between your on-premises network and an Azure Virtual Network requires the use of VPN technology.  To set up the VPN, you can use RRAS services with Windows, or other compatible VPN device.  (Here’s the current list of compatible devices)  You will need to setup a Virtual Gateway on Azure and configure routing between your two sites.  It is also a good idea to place another domain controller in the Azure virtual network so you can authenticate in the virtual network without having to send authentication traffic over the VPN.

What are the challenges?
Of course, with any hybrid setup you will be faced with some challenges.  You will need to manage the VPN and deal with any connectivity issues between the two networks.  DC replication can be challenging if you do not have sufficient bandwidth, or you are unfamiliar with using Inter-Site communications between domain controllers.  Enabling self-provisioning of environments requires a good plan and trust between the various groups in the DevOps organization.  And, should you want to have standardized environments, you will need to work with the Dev team to make sure you have the setup scripts pre-built and available.  Of course, once you setup up the configuration scripts you will find that your operations duties can be much simpler because you’re abstracting away a lot of what you used to do manually.  (And I’d suggest you keep your configuration scripts in your source control repository to keep it managed.)

One more important note: You will need to make sure you harden the virtual network so that your users do not compromise your network by opening up ports in the virtual network, exposing your internal network to the Internet!  Take time to design your hybrid network infrastructure before beginning the process of hybridizing your network.

A hybrid setup offers the best of both worlds.  You can maintain the existing on-premises environment while taking advantage of the strengths of the cloud.   Before making a decision, consider setting up a virtual hybrid environment to better understand what it takes to configure a hybrid network.  And of course, it’s wise to take a look at what it will take to modernize your existing environment provisioning process and work with your development teams to identify how their existing practices can take advantage of a hybrid network.

If you are interested in setting up a hybrid network or you wish to know more about it, there are resources available to you.  Check out to learn about our upcoming webcasts and live events!

Print Friendly