ExperTeach Networking Logo

Network architectures for multi-cloud solutions

SD-WAN, Cloud Connectivity and IT Security

ExperTeach Networking Logo

Cloud solutions are an important part of enterprise IT, with hybrid cloud and multi-cloud scenarios mostly being applied. This inevitably raises the question of how on-premises IT should ideally be networked with the various clouds. A distinction must be made here between client-server connectivity and connectivity between private and public clouds. In both cases, there are many aspects to consider.

 In this training, typical SD-WAN solutions and IT security concepts are highlighted, which create an optimal user experience when accessing IT services in multi-cloud environments. Furthermore, the different Cloud Connect variants are presented and their advantages and disadvantages are discussed. The special network functions and connectivity options of the so-called hyperscalers - Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform and Alibaba Cloud - will be discussed in detail, in addition to Oracle, IBM and SAP. With this knowledge, typical solution scenarios will be worked out interactively.

Course Contents

  • Multi-cloud - network aspects and challenges
  • Application requirements
  • Special case Office 365
  • Structure and limitations of classic WANs
  • SD-WAN: Concepts, solutions and market overview
  • Security concepts for SD-WAN: SASE, zScaler and Cisco Umbrella SIG
  • Network and security concepts for Microsoft Azure, AWS, GCP, Alibaba, Oracle, IBM and SAP
  • Connectivity options for Microsoft Azure, AWS, GCP, Alibaba, Oracle, IBM and SAP
  • Cloud Exchange Colocation & Interconnection Solutions
  • Colocation via Equinix Cloud Exchange (ECX) and NTT Global Data Centers EMEA (formerly eShelter)
  • Interconnection via DE-CIXCloud Exchange via private cloud provider
  • Interconnection via Carrier
  • Typical designs, case study and best practices
  • Outlook
  • Final discussion and feedback round

Print E-Book PDF Symbol You will receive the comprehensive documentation package of the ExperTeach Networking series – printed documentation, e-book, and personalized PDF! As online participant, you will receive the e-book and the personalized PDF.

Target Group

This course is aimed at networkers, security specialists and IT architects who want to build or optimize network and security solutions for multi-cloud solutions. In addition to the possible connectivity options, it also covers the typical terms and concepts used by hyperscalers and large cloud providers in this context.

For networkers, security and IT architects who have been less involved with these topics, the course provides an ideal introduction to the world of SD-WAN, cloud connectivity and modern security concepts.
Prerequisites

Knowledge Prerequisites

A basic understanding of WAN technologies, cloud computing and IT security is required.

1 Multi-Cloud—Networking Aspects and Challenges
1.1 Definition: Cloud Computing
1.1.1 Cloud Computing Service Models
1.1.2 The Different Cloud Variants—Private Cloud, Public Cloud,...
1.2 Client/Server Communication
1.3 Server/Server Communication
1.4 Edge Computing
1.5 SLAs: Shared Responsibility
1.6 Requirements of the Applications
1.7 Public IP Services
1.8 Special Case Office 365
1.9 Connectivity Options for Multi-cloud Solutions
1.9.1 Public Internet Peering
1.9.2 IP VPN
1.9.3 Dedicated WAN
1.9.4 SD-WAN
1.9.5 Cloud Exchange
1.9.6 Cloud Provider as a Carrier
1.10 Availability of Services in the Cloud
1.11 Application Migration into the Cloud
1.12 Landing Zone
1.12.1 Cloud Strategy
1.12.2 Further Development: Landing Zone Life Cycle
1.12.3 Best Practices
   
2 SD-WAN and Security in Multi-Cloud Solutions
2.1 Setup and Limitation of Classic WANs
2.2 SD-WAN
2.2.1 SD-WAN: Customer Benefit
2.2.2 SD-WAN Concept
2.2.3 Overlay Network over the Hybrid WAN
2.2.4 Application-Based Routing
2.2.5 Direct Internet Access (DIA)
2.2.6 Orchestration
2.3 Security Concepts for SD-WAN
2.3.1 Local SD-WAN Security
2.3.2 Regional Access
2.3.3 Secure Access Service Edge (SASE)
2.3.4 Zscaler
2.3.5 Cisco Umbrella Secure Internet Gateway (SIG)
2.4 SD-WAN Market
2.5 VMware VeloCloud
2.6 Fortinet Secure SD-WAN
2.7 Versa Networks—Enterprise SD-WAN
2.8 Cisco SD-WAN (Viptela)
2.9 Cloud Network as a Service (CNaaS)
   
3 Cloud Connectivity in Detail
3.1 Microsoft Azure
3.1.1 Azure Network Structures for IT Architects
3.1.2 IP Addressing in Azure
3.1.3 Gateways (for VPN etc.) in Azure
3.1.4 Load-Balancing
3.1.5 N-Layer Windows Application in Azure
3.1.6 Routing in Microsoft Cloud Environments
3.1.7 Public Internet Peering
3.1.8 MS ExpressRoute
3.1.9 Azure ExpressRoute—Big Picture
3.1.10 IP VPN
3.1.11 Azure Virtual WAN
3.2 Amazon Web Services—Basics
3.2.1 VPCs and Subnetworks
3.2.2 AWS Landing Zone
3.2.3 Connectivity VPC to VPC
3.2.4 Hybrid Connectivity
3.2.5 Public Internet Peering
3.2.6 AWS Direct Connect
3.2.7 DNS, NAT, and Security
3.3 Google Cloud Platform
3.3.1 Logical Setup
3.3.2 Google Direct and Carrier Peering
3.3.3 Cloud Interconnect
3.3.4 Connection of the Google Cloud by Means of Transit VPC
3.4 Alibaba Cloud
3.4.1 VPN Gateway
3.4.2 Smart Access Gateway—Proper SD-WAN Solution
3.4.3 Express Connect
3.5 Oracle Cloud
3.5.1 Oracle Setup
3.5.2 VPN Connect
3.5.3 Fast Connect
3.6 IBM Cloud
3.6.1 IBM Cloud Direct Link Exchange and Cloud Exchange for Equinix
3.6.2 IBM Cloud Direct Link Connect
3.6.3 IBM Cloud Direct Link Dedicated
3.6.4 IBM Cloud Direct Link Dedicated Hosting
3.7 SAP HANA Enterprise Cloud
3.7.1 VPN
3.7.2 Direct Connection—MPLS
3.7.3 SAP Cloud Peering
   
4 Cloud Exchange
4.1 Cloud Exchange—Colocation & Interconnection
4.2 Equinix Cloud Exchange (ECX)
4.2.1 Service Level Agreements
4.2.2 Ports, Virtual Connections, and Connectors
4.3 NTT Global Data Centers
4.3.1 Multi-Service Concept via MSIP Port
4.3.2 Cloud Connect—Virtual Services
4.4 Cloud Exchange via DE-CIX
4.4.1 Implementation of AWS Direct Connect via DE-CIX DirectCloud
   
5 Case Study and Summary
5.1 Case Study
5.2 Summary, Discussion, and Feedback
   
A List of Abbreviations

Classroom training

Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!

Hybrid training

Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.

Online training

You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.

Tailor-made courses

You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses
PDF SymbolYou can find the complete description of this course with dates and prices ready for download at as PDF.

Cloud solutions are an important part of enterprise IT, with hybrid cloud and multi-cloud scenarios mostly being applied. This inevitably raises the question of how on-premises IT should ideally be networked with the various clouds. A distinction must be made here between client-server connectivity and connectivity between private and public clouds. In both cases, there are many aspects to consider.

 In this training, typical SD-WAN solutions and IT security concepts are highlighted, which create an optimal user experience when accessing IT services in multi-cloud environments. Furthermore, the different Cloud Connect variants are presented and their advantages and disadvantages are discussed. The special network functions and connectivity options of the so-called hyperscalers - Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform and Alibaba Cloud - will be discussed in detail, in addition to Oracle, IBM and SAP. With this knowledge, typical solution scenarios will be worked out interactively.

Course Contents

  • Multi-cloud - network aspects and challenges
  • Application requirements
  • Special case Office 365
  • Structure and limitations of classic WANs
  • SD-WAN: Concepts, solutions and market overview
  • Security concepts for SD-WAN: SASE, zScaler and Cisco Umbrella SIG
  • Network and security concepts for Microsoft Azure, AWS, GCP, Alibaba, Oracle, IBM and SAP
  • Connectivity options for Microsoft Azure, AWS, GCP, Alibaba, Oracle, IBM and SAP
  • Cloud Exchange Colocation & Interconnection Solutions
  • Colocation via Equinix Cloud Exchange (ECX) and NTT Global Data Centers EMEA (formerly eShelter)
  • Interconnection via DE-CIXCloud Exchange via private cloud provider
  • Interconnection via Carrier
  • Typical designs, case study and best practices
  • Outlook
  • Final discussion and feedback round

Print E-Book PDF Symbol You will receive the comprehensive documentation package of the ExperTeach Networking series – printed documentation, e-book, and personalized PDF! As online participant, you will receive the e-book and the personalized PDF.

Target Group

This course is aimed at networkers, security specialists and IT architects who want to build or optimize network and security solutions for multi-cloud solutions. In addition to the possible connectivity options, it also covers the typical terms and concepts used by hyperscalers and large cloud providers in this context.

For networkers, security and IT architects who have been less involved with these topics, the course provides an ideal introduction to the world of SD-WAN, cloud connectivity and modern security concepts.
Prerequisites

Knowledge Prerequisites

A basic understanding of WAN technologies, cloud computing and IT security is required.

1 Multi-Cloud—Networking Aspects and Challenges
1.1 Definition: Cloud Computing
1.1.1 Cloud Computing Service Models
1.1.2 The Different Cloud Variants—Private Cloud, Public Cloud,...
1.2 Client/Server Communication
1.3 Server/Server Communication
1.4 Edge Computing
1.5 SLAs: Shared Responsibility
1.6 Requirements of the Applications
1.7 Public IP Services
1.8 Special Case Office 365
1.9 Connectivity Options for Multi-cloud Solutions
1.9.1 Public Internet Peering
1.9.2 IP VPN
1.9.3 Dedicated WAN
1.9.4 SD-WAN
1.9.5 Cloud Exchange
1.9.6 Cloud Provider as a Carrier
1.10 Availability of Services in the Cloud
1.11 Application Migration into the Cloud
1.12 Landing Zone
1.12.1 Cloud Strategy
1.12.2 Further Development: Landing Zone Life Cycle
1.12.3 Best Practices
   
2 SD-WAN and Security in Multi-Cloud Solutions
2.1 Setup and Limitation of Classic WANs
2.2 SD-WAN
2.2.1 SD-WAN: Customer Benefit
2.2.2 SD-WAN Concept
2.2.3 Overlay Network over the Hybrid WAN
2.2.4 Application-Based Routing
2.2.5 Direct Internet Access (DIA)
2.2.6 Orchestration
2.3 Security Concepts for SD-WAN
2.3.1 Local SD-WAN Security
2.3.2 Regional Access
2.3.3 Secure Access Service Edge (SASE)
2.3.4 Zscaler
2.3.5 Cisco Umbrella Secure Internet Gateway (SIG)
2.4 SD-WAN Market
2.5 VMware VeloCloud
2.6 Fortinet Secure SD-WAN
2.7 Versa Networks—Enterprise SD-WAN
2.8 Cisco SD-WAN (Viptela)
2.9 Cloud Network as a Service (CNaaS)
   
3 Cloud Connectivity in Detail
3.1 Microsoft Azure
3.1.1 Azure Network Structures for IT Architects
3.1.2 IP Addressing in Azure
3.1.3 Gateways (for VPN etc.) in Azure
3.1.4 Load-Balancing
3.1.5 N-Layer Windows Application in Azure
3.1.6 Routing in Microsoft Cloud Environments
3.1.7 Public Internet Peering
3.1.8 MS ExpressRoute
3.1.9 Azure ExpressRoute—Big Picture
3.1.10 IP VPN
3.1.11 Azure Virtual WAN
3.2 Amazon Web Services—Basics
3.2.1 VPCs and Subnetworks
3.2.2 AWS Landing Zone
3.2.3 Connectivity VPC to VPC
3.2.4 Hybrid Connectivity
3.2.5 Public Internet Peering
3.2.6 AWS Direct Connect
3.2.7 DNS, NAT, and Security
3.3 Google Cloud Platform
3.3.1 Logical Setup
3.3.2 Google Direct and Carrier Peering
3.3.3 Cloud Interconnect
3.3.4 Connection of the Google Cloud by Means of Transit VPC
3.4 Alibaba Cloud
3.4.1 VPN Gateway
3.4.2 Smart Access Gateway—Proper SD-WAN Solution
3.4.3 Express Connect
3.5 Oracle Cloud
3.5.1 Oracle Setup
3.5.2 VPN Connect
3.5.3 Fast Connect
3.6 IBM Cloud
3.6.1 IBM Cloud Direct Link Exchange and Cloud Exchange for Equinix
3.6.2 IBM Cloud Direct Link Connect
3.6.3 IBM Cloud Direct Link Dedicated
3.6.4 IBM Cloud Direct Link Dedicated Hosting
3.7 SAP HANA Enterprise Cloud
3.7.1 VPN
3.7.2 Direct Connection—MPLS
3.7.3 SAP Cloud Peering
   
4 Cloud Exchange
4.1 Cloud Exchange—Colocation & Interconnection
4.2 Equinix Cloud Exchange (ECX)
4.2.1 Service Level Agreements
4.2.2 Ports, Virtual Connections, and Connectors
4.3 NTT Global Data Centers
4.3.1 Multi-Service Concept via MSIP Port
4.3.2 Cloud Connect—Virtual Services
4.4 Cloud Exchange via DE-CIX
4.4.1 Implementation of AWS Direct Connect via DE-CIX DirectCloud
   
5 Case Study and Summary
5.1 Case Study
5.2 Summary, Discussion, and Feedback
   
A List of Abbreviations

Classroom training

Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!

Hybrid training

Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.

Online training

You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.

Tailor-made courses

You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
Request for customized courses

PDF SymbolYou can find the complete description of this course with dates and prices ready for download at as PDF.