When it comes to building and running the Cloud Networks, predominantly there are two distinct approaches available to Network/Security Engineers, Architects, and decision-makers.
- Owning the Network and Security Architecture Approach
- As a Service (SaaS) Approach
Let’s take a look at the following point and understand both approaches. In the end, an enterprise must pick the approach that would solve their business challenges and will satisfy the compliance, governance, and audit requirement.
Owning the Architecture Approach
- Enterprises should own the architecture end-to-end. Do not fall into the traps of the early days of Cloud adoption where shadow IT and DevOp guys took control and started building networking on their own
- Almost all the Enterprises I talk to, want to own, control, and management control, data and operations plane. Similar to the way they were owning the on on-prem networking and security
- How would you get the deep level of monitoring, logs and visibility from the SaaS platform? What I have seen that if enterprise do not own the platform, then they are at the mercy (SLA) of SaaS provider
- How much do you trust a SaaS based Multi-Cloud Networking and Security provider?
- You have to trust your CSP (AWS/Azure/GCP/etc) I get that. Buy should you add an extra layer of trust as an enterprise?
- It is trust (..cloud hardware) over trust (cloud hperplane) over trust (cloud provider security model) over trust (multi-cloud provider SaaS platform).
- Are you ok sitting next to multiple tenants on the same SaaS platform? One of them might be your competitors
- Again, this is something you have to decide as an enterprise.
- There is a reason that some retail customers are not hosting their applications on AWS and going to Azure. You could apply the same logic here as well.
- If this SaaS goes down, you and your competitor both goes down. Not good because where is your competitive advantage then?
Pace of Innovation
- Pace of innovation might be slow
- If there is a feature an enterprise need, then in the SaaS model, it will be hard for enterprise to ask to add that feature into the product.
- Typically SaaS providers need to support and enable a good number of tenants and it is not easy for them to quickly build and release new features
- In the SaaS offering, some one else dictates its own terms and conditions. It is hard for you as an enterprise to dicated and create your own policies, governance and operational model.
Following people helped me review and write this blog