Leverage the power of the cloud without the security worry.

Private Connectivity to Your Cloud Applications with EarthLink Cloud Express™

www.earthlink.com

November 2015

SOLUTION WHITE PAPER

Cloud Express™:

SOLUTION WHITE PAPER

2

Private connections provide a predictable cloud experience.Cloud services continue to change the way we do business. They offer new levels of scalability, innovation and cost-effectiveness never before possible. Originally used for development and other low-risk computer environments, they are now a mainstream IT feature, and businesses naturally are looking for new ways to leverage the cloud to be more competitive, innovative and profitable.

But concerns around security and performance have led many IT decision makers to keep critical applications in-house or have forced them to create complex and expensive private infrastructure solutions.

Internet-based connections are unpredictable and are a constant target for denial-of-service attacks and other threats that could lead to lost revenue and damage to a company’s reputation and long-term success.

With Cloud Express™, connectivity to the cloud is provided over a private EarthLink wide area network (WAN) and a highly available switching infrastructure that connects with leading cloud service providers.

The main components of the service include:

• EarthLink multi-protocol label switching (MPLS) network

• Cloud Express platform

• Cloud service providers

Cloud Express™

Amazon Web Services™Microsoft® AzureIBM® SoftLayer®

Microsoft® Office 365IaaS Saas

myLink

View and track network utilization

Private MPLS connections isolated from Internet security threats

Secure high availability connection

Access these leading cloud providers

HQ

Branch

Store

MPLS Network

SOLUTION WHITE PAPER

3

EarthLink MPLS — performance starts with the WAN

Traditional connectivity to cloud services meant connections that were based on the Internet — mostly because it was cheap and ubiquitous. For companies that want to take advantage of the cloud for more critical workloads, that configuration is too risky. The Internet and its “best-effort” performance are not acceptable for delay-sensitive applications, especially in converged networks, where voice, video, internet, data replication and enterprise applications are all competing for access to the same bandwidth. Without controls in place, an employee downloading a video stream from a social media site on their lunch hour could impact the performance of an e-commerce application trying to perform a database transaction for an on-line customer.

MPLS, however, provides quality of service (QoS) as well as other benefits, making it the smart choice for enterprises looking for a more “business grade” wide area network solution. When using MPLS to connect to Cloud Express, you can:

• Prioritize mission-critical applications – The ability to assign priorities to your traffic types when they enter the network helps ensure that critical and delay-sensitive applications have preferred status when bandwidth is allocated across the MPLS core network.

• Gain efficiency with any-to-any connections – Meshed topology is another inherent feature of MPLS. Every endpoint and user has direct connectivity to every other network endpoint, without having to configure multiple physical or virtual circuits to each location. This is particularly valuable when running enterprise applications in the cloud that need to be reachable by all of your employees. It eliminates the need to aggregate the traffic at a hub site, as with many Internet-based VPN solutions. And your users are instantly connected as you migrate more applications to the cloud.

• Quickly resolve problems – If problems arise on your MPLS network, they are easily isolated and resolved by your EarthLink support team, because they have end-to-end visibility and control over the connection from your users to their cloud applications. Under Internet-based connections, where there are different access providers, ISPs and other hardware and software vendors in the mix, resolving the problem quickly and correctly is a much greater challenge.

• Control bandwidth costs – Because Internet-based network connectivity does not have the features and controls of MPLS connections, a common solution is to buy more than you need. Overbuilding or ordering multiple connections to isolate your application traffic just adds cost and complexity, because you have to upgrade the downstream capacity of switches, routers, firewalls and other equipment.

Cloud Express Technical Information

Locations:

• East Coast (Ashburn, VA)

• West Coast (San Jose, CA)

Access Options:

• Standard MPLS

• Single-site option

Physical Cloud Interconnect:

• 4x10Gbps connections (LR-SMF)

• Dot1Q encapsulation

• 2N redundancy

• Link aggregation (LAG)

• Virtual network connections

(VNC)

• 2N redundancy (link, switch

and router)

• 50M, 100M, 200M, 300M, 500M

and 1G speeds available (varies

by provider)

Provisioning:

• Layer 2 virtual connections and

Layer 3/BGP

• Optional server migration into

cloud

Firewall:

• Optional virtual firewall

Management:

• EarthLink managed VNC®s

• 99.999% VNC availability

Cloud Service Providers include:

• Amazon Web Services™

• Microsoft® Azure

• Microsoft® Office 365

• IBM® SoftLayer®

• Additional providers available

SOLUTION WHITE PAPER

4

Better security for critical cloud applications

On top of unpredictable Internet performance, businesses also face a significant and growing concern for security. With data breaches, hacks and denial of service attacks on the rise, many IT managers have already been the target of an attack or believe it’s only a matter of time before they become one. By taking every precaution to secure your network, you can minimize risk and minimize the potential severity and length of an attack.

With MPLS, every company’s VPN traffic is segregated from other customers on the network, using label switching protocols. Protection is built into the core network. There’s no need for you to aggregate your traffic into a hub to apply security controls, as with hub-spoke VPN networks – which helps to reduce delay, latency and bottlenecks at Internet gateways and firewalls.

Additionally, your IP addresses are not at risk of being compromised or targeted by a denial of service attack because the MPLS network uses your private address space. Finally, as a managed service, delivered by a single network provider, isolating issues and restoring service can be easier than working with multiple network providers, ISPs and equipment vendors.

MPLS networks enhance security by:

• Using Multi-Protocol-Border Gateway Protocol to separate customer traffic and protect the routing tables of individual customers.

• Assigning unique identifiers to each customer, linking them to a specific VPN packet to prevent the intermingling of customer traffic.

• Providing label distribution protocol between all the routers in the MPLS core and label switching for an added layer of segregation over IP forwarding.

• Removing traffic from the Internet domain and avoiding the risks of denial of service attacks and other malicious activities.

• Providing any-to-any connectivity giving all users direct paths to cloud-based resources.

Portland

Seattle

Sacramento

Las Vegas

Phoenix

Salt Lake City Denver

Minneapolis

Kansas City St. Louis

Chicago

Indianapolis

PittsburghCleveland

Boston

Providence

BaltimoreWashingtonAshburn

Charlotte

Orlando

Tampa Bay

New Orleans

Houston

Fort Worth

Philadelphia

NewarkNew York

Detroit

Nashville

Atlanta

Rochester

Miami

Dallas

San AntonioAustin

Roseville

San JoseSan Jose

San Francisco

Sunnyvale

San Diego

Los Angeles

Camden

San Jose

Dallas

Rochester

Ashburn

MiamiCloud Express

EarthLink’s MPLS network

SOLUTION WHITE PAPER

5

Cloud Express platform — carrier grade connectivity

In the last couple of years, leading cloud providers like Amazon Web Services and Microsoft Azure recognized that customer concerns over security and performance were preventing many companies from moving their enterprise applications into their cloud platforms. To attract these heartier workloads into their clouds, providers quickly developed private connectivity into their platforms that was isolated from the public-facing interfaces.

Through these private interfaces, EarthLink Cloud Express extends connectivity between our customers and their cloud applications. Whether your business uses Amazon Direct Connect, Microsoft ExpressRoute, or any of the other available cloud providers, Cloud Express is a highly available, fault tolerant configuration of carrier-grade routers, switches and firewalls that use these direct paths into the cloud. EarthLink has essentially deployed new backbone nodes into two of the largest colocation, hosting and cloud aggregation complexes in the United States for the sole purpose of giving our customers a better cloud connection. You can direct your customers to our West Coast location near San Jose, Ca., or East Coast location near Ashburn, Va., for a better user experience, or you can deploy services out of both nodes to create a high-availability design.

Redundant fiber cross-connects provide scalable and 2n highly-available direct and private connectivity between our provider edge routers, aggregation switches and the downstream cloud service providers. Firewalls add a layer of protection between these public clouds and our private network customers.

With this infrastructure, EarthLink can rapidly provision customers using virtual network connections between their networks and their cloud provider of choice – or providers. If you are running development in one cloud and production in another, we can configure these virtual handoffs through software, so they are ready when and where you need them. When you’re done with development, you can easily turn down or turn off that virtual connection.

Cloud Express provides a cloud network solution that can scale from 50Mbps to 1Gbps, provisioned through software and visible to you through EarthLink’s customer portal, myLink.

CB meet-meAggregationEdgerouter

CB meet-meAggregationEdgerouter

BGP peering

HA Firewalls

MPLS Network

Amazon Web Services™

Microsoft® Azure

IBM® SoftLayer®

Microsoft® Office 365

Cloud Express

SOLUTION WHITE PAPER

6

Cloud Express architecture: high-performance, secure connections

Your private MPLS network provides a secure connection to cloud service providers by leveraging the Cloud Express architecture and implementation process.

• Edge routers — Interface between cloud-provider network and EarthLink MPLS core. MPLS labels segregate traffic as packets enter and leave the Cloud Express platform.

• Aggregation switches — Physically connect the EarthLink MPLS network edge routers to the cloud exchange meet-me interface. Redundant 10Gbps fiber connections are used in link aggregation groups (LAG) for port and link redundancy and offer bandwidth scalability between the aggregation switches and cloud broker meet-me interface. In-line firewalls add a layer of security to the perimeter of the Cloud Express platform.

• CB meet-me — Cloud broker meet-me switches provide the final physical interconnection to the cloud service providers. Virtual connections between the CB meet-me equipment and the cloud providers are provisioned in near real-

time and monitored through the portal and/or application program interface capabilities. As part of the Cloud Express service – all connections to Cloud Providers are established using redundant virtual network connections over diverse paths.

• Cloud providers — Cloud providers connect to the CB meet-me using direct connectivity service options. For example, Amazon Web Services customers would use AWS ExpressRoute to establish a path from the Cloud Express service into AWS cloud services, avoiding AWS pubic Internet connectivity. This can all be configured by EarthLink during the Cloud Express implementation process. All cloud provider services (compute, storage, etc.) are ordered directly from the cloud provider and are billed directly from each provider.

• BGP peering — Border gateway protocol (BGP) peering sessions must be established between the cloud provider and each Cloud Express customer. EarthLink will perform these configurations at the time of implementation.

SOLUTION WHITE PAPER

7

Best uses for network-enabled cloud

With concerns about cloud security and reliability of cloud connectivity addressed through Cloud Express and private networking, you can take a fresh look at the applications that would be better served in the cloud.

Why support a dedicated, costly internal application infrastructure when you can easily run most enterprise applications using cost-effective, scalable and innovative software as a service and infrastructure as a service providers in the cloud?

The total cost of ownership (TCO) of the cloud is tough to beat when you consider everything that goes into running an application in-house: hardware, software, licenses, maintenance, 24/7 support, space, power, cooling and more. In fact, some estimates suggest that a company can save up 70 percent a year by moving compute and storage infrastructure to the cloud.

And if you don’t think you have the resources to take on such a move — or to determine if it makes sense for your business – there are still options. Most cloud providers have a growing ecosystem of technology partners that can help you replace legacy systems with cloud-based solutions who run on their compute and storage infrastructure.

Consider all of the applications you haven’t moved out of your data center because of their critical dependence on a reliable network:

1. Collaboration – If you are still running an internal collaboration application it may be time to look to the cloud. With a growing number of SaaS solutions aimed at taking the pain out of content storage, management and collaboration, now coupled with predictable network performance for your users and employees, collaboration could be the low-hanging fruit in your internal data center.

2. Productivity tools – As Microsoft® adds ExpressRoute private connectivity to their Office 365 suite and other cloud providers follow suit, it may be time to look at how you are providing these tools to your employees. Because you no longer have to hub your users into a corporate data center for security, you can allow your users a better experience by connecting directly to the cloud over your private network.

3. Disaster recovery – Data replication has always been the 400 pound gorilla when it comes to a solid disaster recovery strategy. But with high-performing network access and class of service with MPLS, you can now send your data replication traffic alongside your other data streams without worrying about critical application response times. If you do need to activate your disaster recovery site, all of your existing users and locations are already connected to that failover site.

4. Point of sale – For businesses looking to lead the pack with a better customer experience and lower overhead, there is a shift to cloud-based point of sale applications underway. All the leading providers have been working on a delivery model that relies on infrastructure as a service (IaaS) provided by some of the big cloud providers. With private network connectivity and Cloud Express, it is now possible to provide secure links to all of your locations.

5. Cloud bursting – The original poster child of the cloud was “capacity on demand” – spillover to the cloud when your internal resources max out. This provided temporary relief during peak utilization periods and avoided deploying more internal infrastructure. Enterprise applications, however, need a predictable and scalable network to do this in an economical manner. With Cloud Express you can use your existing WAN and add cloud sites to your network so private bandwidth is there when you need it.

Cloud Express Features:

• Managed, private

connectivity to the

industry’s leading cloud

service providers.

• Turnkey service that

includes Layer 2 and Layer

3 implementation and

configuration.

• Dynamic, virtual

connections that can

better scale with your

cloud workloads.

• MPLS-based connectivity

supports class-of-service

for your converged

network.

• EarthLink Cloud

Professional Services to

assist with your on-going

migration to the cloud.

Cloud Express

WEST COASTCLOUD PROVIDERS

IaaSPaaSSaas

CLOUD PROVIDERS

IaaSPaaSSaas

EAST COAST

Cloud Express

HQStore Store Store Store

MPLS Network

CLOUD PROVIDERS

IaaSPaaSSaas

EAST COAST

Cloud ExpressHQ

Site

Site

Site

Site

Site

MPLS Network

Standard MPLS

Single-Site

SOLUTION WHITE PAPER

8

Cloud Express configurations

There are two initial deployments available for Cloud Express customers: Standard MPLS and the single-site option.

Standard MPLS – This is for customers that already have or are planning to implement EarthLink MPLS services. During the implementation process, EarthLink will configure your MPLS network to include reachability to the Cloud Express nodes where your cloud applications are running. All of your current and future MPLS endpoints have direct access to applications running in your Cloud Express locations, as shown here in a high-availability, dual site design.

Single-site option – This approach is best for customers who need highly available and scalable connectivity but don’t have or need EarthLink MPLS service. Customers who need to connect only a primary headquarters or data center location to the Cloud Express service can order the service and EarthLink will provision the customer as a single-site MPLS network, enabling connectivity to the desired Cloud Express node(s) in the diagram below.

SOLUTION WHITE PAPER

9

Why EarthLink for cloud connectivity?

EarthLink continues to be a premier provider of enterprise cloud networking solutions. With a focus on helping our customers become industry leaders, we have developed solutions that provide valuable network-based services and support and solutions that let our customers focus on their business initiatives. By reducing costs and offering value-added managed services, we can free up your resources so you can invest in areas critical to your business success. Cloud Express is our latest solution to help customers focus less on their infrastructure and more on innovation and business development.

It provides:

• Secure network connectivity to multi-cloud environments – No business wants to think about what a security breach or denial of service attack could do to their reputation. Cloud Express extends the benefits of MPLS security features and controls directly into leading cloud providers.

• Better performance – No hubbing of traffic into corporate aggregation sites; efficient MPLS label switching technologies create a better overall end-user experience and a system that can handle even your critical applications.

• Business-grade reliability – 99.999s – When best-effort Internet isn’t acceptable for business applications, Cloud Express can provide better reliability and uptime. With resiliency and failover that can’t be achieved on public IP networks and a 24/7 management team that backs up the service with a 99.999% availability service level agreement, you can move more of your workloads to the cloud.

• Speed-to-market – It is not possible to focus on everything. If you want to stay ahead of your competition, you need your resources working on key initiatives and differentiating services – not patching servers and troubleshooting infrastructure. By leveraging cloud service providers, adopting the next technology is faster and easier. There is no capital investment and no need to manage day-to-day system-level capacity and availability. With the secure, predictable performance of Cloud Express you can stop worrying about running business applications in the cloud.

Cloud Express Benefits:

• Avoid hardware or other capital

expense — pay-as-you-go pricing.

• Improve total cost of ownership —

leverage cloud service providers.

• Be more competitive —

quickly adopt new technology

and solutions for better speed

to market.

• Gain predictable network

performance — without

Internet-based security threats.

• Reduced burden on internal IT

resources and staff.

SOLUTION WHITE PAPER

Summary

Cloud Express extends the benefits of the EarthLink network to include connectivity to leading cloud services. As companies look to shift critical applications into hybrid cloud environments with multiple vendors and solutions, a predictable and optimized underlying network becomes more important than ever. Whether you are connecting internal data centers, headquarters locations and/or remote sites to these cloud workloads, you’ll need a high-performing network to ensure the best experience for your users and customers.

EarthLink continues to deploy new technologies and solutions to enhance the value of our core network services so you can better serve your users and separate your business from the competition.

If you want to reduce infrastructure costs and increase the performance, security and reliability of your enterprise network and applications, contact your EarthLink representative. They can provide more information on Cloud Express and the other services we offer to help you meet the ever-changing technology challenges that IT professionals face today.

MPLS Private Backbone

Transactionprocessors

Location 1(T1)

Location 2(DSL)

Location 3(EOC)

Host site(ethernet)

DirectConnect

Data Center Connect

Multicast

Secure WiFi

Secure WiFi

Applicationvisibility &control

DynamicWAN selection

Location 4(4G Wireless)

Cloud Express™Internet

Cloud firewall

EarthLinkmanaged cloud

Amazon Web Services™Microsoft® AzureIBM® SoftLayer®

Microsoft® Office 365IaaS Saas

InternationalMPLS

Internationallocation

Contact us at 1-877-355-1501learnmore@elnk.com | www.earthlink.com

© 2016 EarthLink. Trademarks are property of their respective owners. All rights reserved. MKTPRINT-22

MPLS private backbone