AWS Snowball Edge And Hyper Converged Infrastructure Will Revolutionize Global Enterprises

The recent announcement by Amazon AWS of a portable Snowball EC2 compute platform represents a significant advance in hybrid cloud/data center computing. When combined with a Hyper Converged Infrastructure  (HCI) super computer and Zero Trust Network, enterprises across a broad range of vertical markets can transform their operational model.

1st Generation Hybrid: Two-Stack Architecture

The 1st generation of hybrid cloud/data center was characterized by a two-stack design with legacy apps in the data center and new apps in AWS. Application developers loved the idea of experimenting with AWS Marketplace but the IT department didn’t like the fact that apps could not be ported back into their data center. Additionally the two-stack architecture suffered from disaster recovery and security issues if there was a cloud outage.

VMware noticed the issues IT departments were having with 1st generation hybrid environments and offered vSphere in AWS. VMware's solution improved load balancing and disaster recovery for legacy applications but it didn’t address the problem of AWS app portability.  Thus many global-scale enterprises waited on the sidelines for something better.

2nd Generation Hybrid Infrastructure: AWS Snowball Edge + HCI Super Computer 

The recent announcement of Snowball Edge by AWS represents a significant advance in hybrid infrastructure. For the first time enterprises can run apps using AWS software logic on a "physical" EC2 instance inside their data center. When combined with a Petaflop-scale Hyper Converged Infrastructure (HCI) super computer enterprises can operate a common application environment for legacy and new AWS apps across the data center and cloud infrastructure.

Looking at the image below we have a high level architecture of a 2nd generation hybrid compute architecture. The Snowball Edge in the data center allows enterprises to run software with embedded AWS logic outside the cloud. To allow enterprises to run legacy as well as compute intensive applications like machine learning there is a high performance Hyper Converged Infrastructure (HCI) super computer paired with the Snowball Edge. In the AWS cloud we have the enterprise’s VPC as well as vSphere environment. Connecting the Data Center and AWS environments we can have any combination of broadband satellite, SDWAN or VXLAN/MLPS.

One of the challenges with such a fluid architecture is routing users to the correct Secure Enclave and blocking self-propagating malware. A SDP-based Zero Trust Network ensures that users are only connected to authorized applications irrespective of where the workload sits.  Unlike standard VPNs, SDP blocks self-propagating malware from moving thru the hybrid compute environment by locking down physical and virtual network interfaces.

Some of the new technical capabilities of a 2nd generation hybrid cloud include:

Workload optimization: While EC2 is great for the majority of workloads sometimes a super computer is better for applications needing millions I/O operations per second. A 2nd generation infrastructure allows hyper-scale computing across super computing and cloud fabric for large data set machine learning or Smart Cities IoT management applications.

Partitioned Compute: The partitioning features of Snowball Edge and a Hyper Converged Infrastructure (HCI) allow for the creation of Secure Enclaves that can only be accessed by authorized users after their compute device has been remotely attested by a Zero Trust Network.  Lateral movement within the hybrid environment is blocked using encrypted APIs.

Disaster Recovery: A pure cloud-centric enterprise is a great idea except if one loses access to the cloud or it’s down. The Snowball-HCI combination allows enterprises to have true active:active redundancy that is synchronized in real time.

Micro Data Center: One interesting aspect of the Snowball-HCI super computer combination is that you can have a two box data center! The small footprint of a Micro Data Center opens the door to edge computing in a broad range of vertical market applications where installing racks of gear is impossible.

Vertical Market Applications

In addition to improving cost structure and functionality for enterprises, 2nd generation hybrid computing holds the promise to revolutionize vertical markets:

Finance & Healthcare: Financial and medical institutions have strict requirements on encryption and access control for regulated data that make it difficult to utilize a public cloud. The 2nd generation hybrid infrastructure provides regulated entities a way to develop business logic in AWS marketplace while processing sensitive data on a Hyper Converged Infrastructure (HCI) at their data center.

Energy & Transportation: Energy and transportation companies build expensive satellite networks to backhaul telemetry to centralized data centers. 2nd generation hybrid compute can reduce the need for expensive satellite communications by processing data in Micro Data Centers. Moreover the integrated security and intelligence of a Micro Data Center edge node allows for load balancing across multiple satellite providers to improve redundancy and cost structure.

Emergency Services: A hurricane, flood or earthquake can easily destroy the communications and compute infrastructure of a whole region. The autonomous operational capabilities of a Micro Data Center combined with 4G coverage and broadband satellite allows emergency personnel to "light up" impacted areas within 48 hours of an event. Moreover the ability to ingest live video feeds from drones and helicopters and fuze them provides on-site personnel improved situational awareness.

Smart Cities: Looking to the near future, the collection and processing of IoT sensor Petabyte-scale data is the single biggest challenge to Smart Cities. The massive data that energy, transportation and environmental sensors generate will overload any compute or network infrastructure. In contrast, 2nd generation architectures provide a high performance distributed compute model where IoT sensor data is first processed at Micro Data Centers and then transferred to centralized management systems. Additionally the Secure Enclave features of 2nd generation  infrastructure can be used to remove personal identifiable information while maintaining relevant data to ensure Smart Cities don’t become a giant surveillance system.

The ability to mix and match applications in a 2nd generation hybrid infrastructure frees enterprises to provision the optimal combination for each project thereby reducing cost and improving agility.  Moreover the ability to operate in a completely disconnected autonomous mode simplifies disaster recovery.

Other Amazon Reporting at CTOvision

Junaid Islam

CTO at Vidder
Junaid Islam is a cybersecurity expert with 30 years of experience in secure communications. Between 1989 and 1992 Junaid built data networks for the US and Canadian Governments in South America and the Middle East supporting emergency relief and diplomatic programs. In 1993 Junaid transitioned to developing network protocols.His accomplishments include developing the Frame Relay queing algorithms which was used by the US military for multilevel precedence and preemption (MLPP). In 1995 Junaid developed the first Frame-ATM integration protocol which became the foundation for MPLS. In 2002 Junaid developed the first Mobile IPv6 client under a DISA research contract.In 2012 he helped create the Software Defined Perimeter (SDP) architecture.Currently Junaid is leading the development of Zero Trust Networks using the SDP architecture.

Leave a Reply