August 28, 2018
In August 2018, U of T’s enterprise infrastructure solutions (EIS) group successfully took its first steps towards linking local networks to the Microsoft Azure cloud.
“What we have demonstrated with this technology are the beginnings of a hybrid IT environment,” explains Ted Sikorski, manager, EIS systems infrastructure.
Harvard Business Review describes hybrid IT as “a way of managing an IT environment that includes not only hybrid cloud systems but also legacy software that may be hosted in a corporate data center or by a third party. Hybrid IT is the method companies use to manage these multiple types of systems to create an integrated and unified infrastructure—including the networks that connect these systems to users—in order to improve efficiency, manageability, agility, and scalability” (Hybrid IT Takes Center Stage, 2016).
As part of Information Technology Services’ (ITS) ongoing investigation into cloud technologies and the introduction of Microsoft Office 365 cloud-based service offerings to U of T faculty & staff in fall 2017, the next step was to explore Azure, Microsoft’s cloud computing service for building and deploying applications.
Traditional hybrid cloud models extend an organization’s network out to the cloud to mimic their environment – including firewalls, routes, and custom configurations –with a correspondingly high price tag.
However, EIS’ systems infrastructure team made the connection using equipment that had already been provisioned in U of T’s data center, leveraging U of T’s current infrastructure to seamlessly access cloud architecture without incurring additional costs from extending our networks to the cloud.
In the future, the EIS systems infrastructure team, which provisions virtual machines in a local VMWare environment, will be able to offer this hybrid approach as an option.
Gartner research director, Alan Waite, writes “Technical professionals must design for a hybrid world, where applications and data reside within an interconnected mesh of public cloud services, private clouds and data centers” (Waite, 2017).
ITS is in the early stages of developing a working hybrid IT model and one of as one of the first steps, EIS connected a local network defined in a Cisco virtual switching system (VSS) environment to the Microsoft Azure cloud.
Using an internet protocol security (IPSec) tunnel, the EIS systems infrastructure team connected a U of T network to a subnet defined in Azure and in the Azure environment, provisioned a virtual machine.
In Azure, you have the option of defining an external (publicly visible) IP address to your virtual machine as well as a private address. In this circumstance, the software infrastructure team chose to only define a non-routable internal address.
As a result of routes defined to the router, the systems infrastructure team effectively extended its local network into the Microsoft Azure cloud.
This would not have been possible without the assistance of John Calvin, Lloyd Kwong and Andrew Tomkins of EIS and Nenad Karlovcec of information security and enterprise architecture (ISEA), who each contributed to defining this connection.