In building a self-service, secure and scalable public cloud infrastructure to meet the needs of demanding enterprises, China Telecom’s Cloud Computing branch (CTCC) has deployed the Nuage Networks SDN solution. We’re all very excited to have CTCC among our latest publicly announced customers, and this blog will add a bit more commentary to our press release.
As is the case with many cloud providers, a primary driver for CTCC was to achieve faster response to customer requests while achieving higher resource efficiency, and while simultaneously minimizing security threats through strict policy enforcement & traffic isolation. All within an architecture that could massively scale their Cloudstack environment, and leverage their investment in datacenter operational systems & interfaces.
Said another way, “No virtualization without micro-segmentation”, and no compromise on freedom of choice along multiple key dimensions.
CTCC’s aim is to meet the unique cloud computing needs of small and medium businesses (SMBs), as well as large businesses and organizations. In evaluating their public cloud architecture, CTCC determined that in order to build a fully automated and programmable network that was flexible enough for their cloud services, they needed a secure SDN solution built on open standards. To meet this need, Nuage Networks was chosen to provide CTCC with SDN capability that operates seamlessly across multiple orchestration engines, hypervisors, commodity hardware, and over any network infrastructure. CTCC was also concerned that in their massively multi-tenanted environment, Distributed Denial of Service (DDoS) attacks against one customer could impacted other customers, so Nuage Networks was chosen for its ability to ensure security while removing the constraints imposed by legacy and hypervisor-based networking. With Nuage Networks, CTCC can provide full network isolation by tenant (customers as well as organizational departments). As a result, DDoS attacks against one customer will not impact others, and the resource demands of one customer will not impact other customers.
Since a responsive and self-service cloud is critical to companies who are seeking a cloud provider in China, it was important for CTCC’s cloud architecture to incorporate an end-to-end cloud management system integrated with its programmable and fully automated network infrastructure. CTCC’s goal was to be able to create a virtual machine for a customer within minutes of a self-service request. Working in concert with Nuage Networks VSP and the Nuage Networks 7850 Virtualized Services Gateway (VSG), CTCC is able to leverage their non-virtualized assets and still take advantage of consistent automation and control across their virtualized and non-virtualized infrastructure, allowing them to establish customer policies that are instantiated and enforced within and across shared datacenter facilities that support their cloud services.
Working with Nuage Networks enables CTCC to implement public cloud services with control over how their cloud network extends and scales across the multitude of servers, virtual machines (VMs) and datacenters that comprise their vast infrastructure.
A few other important nuggets:
CTCC is spanning compute, network, and storage to provide a complete data center as a service, matching & even exceeding the current capabilities of many of the public cloud giants.
CTCC supported by Nuage Networks, is able to instantly and securely turn up and modify networking requirements for cloud services in accordance with individual customer policies.
Nuage Networks provides a common policy framework through which CTCC can offer its customers full control and visibility of their cloud service, while ensuring that performance guidelines are met.
Nuage Networks delivers significant operational cost savings by reducing requirements for physical infrastructure and staff through network virtualization and automation, reducing the time for turn-up and changes from days or weeks to minutes.
Nuage Networks VSP’s built-in security, including a default “Zero Trust” model, operates at the VM and virtual network levels. By protecting the data center at the first connection point to the network for VMs and applications, full security and isolation is provided within the rack, within each customer’s operations, as well within and across data centers.
We’re all very excited to have China Telecom’s Cloud Computing branch (CTCC) among our latest publicly announced wins, and appreciate everything that we continue to learn as we work with them on exciting projects such as this one.
Congratulations China Telecom CTCC & Xièxie 謝謝 from all of us at Nuage Networks!