By now, most organizations have realized the benefits of moving some, most, or all of their business applications to the cloud. The cloud typically offers better security and performance, at a lower price, than housing resources on-premises.

You may have helped them in that migration or you may have been hired after it was complete. Either way, a client with cloud hosting has different network requirements than one whose infrastructure is primarily on-premises.

In this three-part series, we’ll dig into the implications of a cloud migration and outline some of the network changes that are required to make sure a client is set up for cloud success. First up: the LAN.

Assess and redesign the LAN for lower bandwidth

The bandwidth requirements of a cloud-based office are much lower than an on-premises network, so when a client migrates to the cloud, you should be changing the internal network design.

They probably don’t require Gigabit Ethernet to the desktop, and they certainly won’t require 10GB- or 40GB-switch backbone connections. Everything is throttled by an Internet link that will rarely be more than 1Gbps.

How many users are in your client’s largest office? What’s their aggregate bandwidth requirement for accessing cloud services? There are no easy rules of thumb because different cloud applications have different per user bandwidth requirements.

You’ll need to benchmark how the various applications use bandwidth. Then you’ll need to construct a model that says how many people you expect to be using each application at any one time.

The real problem that arises in larger offices is that it may become impossible to provide reliable service over a single Internet link. In this case, you’ll probably need to completely redesign the network to subdivide the user groups geographically and provide each group with its own Internet link and its own edge firewall.

When application infrastructure is located in a central data center, it often makes sense to deploy a private WAN, such as an MPLS network. This has many benefits, including the ability to centralize firewalls for more effective security monitoring. But in a cloud-based environment, it generally makes more sense to deploy separate Internet links at each site, perhaps with VPNs to allow inter-site traffic.

Note that circuit costs are much lower when deploying a WAN based on Internet circuits and VPNs rather than a private network like MPLS. However, this advantage is at least partially lost because you’ll need to deploy good firewalls at every site, and you’ll need to monitor and manage all of these firewalls.

In my next post, I take a look at the specific Internet requirements for a company that has migrated to the cloud.