As described in the recent IT@Intel white paper, “Building a Multi-Cloud-Ready Enterprise Network,” internal and external forces are driving network transformation at Intel. These include a steady 15 percent or more annual growth in demand for network bandwidth, budget pressures, adoption of public cloud services, and an evolving and complex cybersecurity landscape. To keep up with all these changes and meet Intel’s business needs, Intel IT has developed a holistic multi-cloud network strategy.
Multi-Cloud Networks Serve Two Masters
Times were simpler in the days when connecting on-premises data center servers was the only task that Intel’s enterprise network had to do. But as the internet has become ubiquitous, Intel has continued to expand its product line and adopt new business models, and software as a service (SaaS) has grown in popularity. Intel IT has had to think outside the box. We are in the process of transforming Intel’s network into a cost-efficient, flexible, automated, highly secure, and multi-cloud-ready system.
Keep Differentiating Capabilities in the Private Cloud
Every company has its secret sauce. For Intel, it’s chip design and manufacturing. That’s our bread and butter—the intellectual property that sets Intel apart from its competitors. Intel IT manages 297,500 servers that enable Intel’s designers to build and continuously improve state-of-the-art technology. For a financial services company, a differentiator might be risk-assessment processes. For a pharmaceutical or robotics firm, it might be new research and development data.
The point is, in our experience, core competencies should remain on-premises with internal hosting. As noted in our paper, “Data Center Strategy Leading Intel’s Business Transformation,” we realized a 3.4x unit-cost decrease in 2018 through internal hosting of differentiating capabilities, compared to what we would have spent hosting those capabilities in the private cloud.
It’s tempting to look only at short-term costs when deciding whether to host something in the public cloud. For example, upgrading a data center to accommodate growing compute, storage, and network needs might cost several million dollars, while a hyperscale public cloud provider might cost only several tens of thousands of dollars per year. But those annual costs add up, while data center upgrades are single investments that provide long-term value. Our strategy is to perform detailed total cost of ownership evaluations when deciding between internal and external hosting
Use Public Cloud for Everything Else
While it’s true that Intel has found it most valuable to host differentiating capabilities internally, the public cloud and SaaS make the most sense for more generic workloads such as productivity and for office services like voice over IP and collaborative conferencing, document sharing, and so on. The public cloud can often provide new capabilities (hardware and/or software) at a faster rate compared to internal hosting—putting the latest software and features to work for Intel. It boils down to being able to host the right workload in the right place for the right cost.
One Network to Serve Them All
With both private and public cloud needs, how do we make it all work together? Our multi-cloud network architecture is characterized by the following:
- Pairing with key public cloud providers at co-location facilities to easily expand Intel’s wide area network (WAN) and to integrate public cloud providers globally.
- Upgrading data center infrastructure with software-defined capabilities that automate network workflows and create significant efficiencies.
- Foundational capabilities that allow enterprise services to migrate from on-premises to public cloud as needed.
Boosting Multi-Cloud Network Security
By its nature, a multi-cloud network raises information security challenges. We have been able to use the same network security principles for public cloud services as we do for our private network: intrusion detection, policy management, and consistent deployment. We use on-premises firewalls and security controls, and maintain and extend service isolation from the co-location-based WAN routers to on-premises routers. We also may use a mixture of native network security capabilities provided by the cloud service provider and third-party capabilities, depending on the provider’s security maturity.
To learn more about Intel IT’s network transformation efforts, read the IT@Intel white paper, “Building a Multi-Cloud-Ready Enterprise Network.”