Securing the Path to a Rebooted Hybrid Cloud

By Ajay Dankar
Vice President of Products, Aviatrix
July 7, 2017

As more enterprises embrace the public cloud to extend their on-premises environment, it’s impossible to ignore the friction involved in hybrid cloud management. Until now, hybrid cloud management has meant slow, error-prone manual provisioning; expensive operations and scaling; and highly skilled networking experts for even the simplest change requests.

To ease this friction, Nutanix and Aviatrix announced a joint solution at Nutanix .NEXT 2017 that aims to reboot the hybrid cloud. Nutanix customers can now have the one-click power of Aviatrix Cloud InterConnect (ACX) from inside Nutanix Calm, and can create an integrated hybrid cloud fabric across their private data centers and Amazon AWS in minutes, with a click of a button! Thanks to the one-click power of Aviatrix Cloud InterConnect (ACX) software, Nutanix customers can now enjoy seamless networking across their entire hybrid cloud infrastructure!

Despite the key benefits of the public cloud—operational agility and economic elasticity—enterprises struggle to adopt a hybrid cloud environment that enables a single unified operational model between their private cloud and public cloud. The top challenges we hear from enterprises are:

  • Disparate constructs to build and operate a private cloud vs a public cloud (e.g. VLANs vs VPCs, AMI vs templates, and, EBS vs volumes)
  • Disjoint lifecycle and operational workflows
  • Totally different Identity and Access Management (IAM)
  • IT control and separation of duties (operator vs developer)

What’s needed is a unified consumption experience that allows enterprises to manage and operate their business applications regardless of the underlying environment. The selection criteria to choose the right target environment should be based purely on economics, rather than on the choice of technology or on operational practices.

One key aspect of unifying the experience between a private cloud and a public cloud is the ability to access and consume the compute, storage and network resources in the public cloud from the data center without opening IT tickets.  Furthermore, to enable an on-demand self-service devops model, the network must be set up dynamically and seamlessly, just like compute and storage resources. Networking is a complex area for almost all enterprises, and is further complicated in the hybrid environment because it usually takes weeks to provision and configure the networking equipment at the edge.

Nutanix Calm provides seamless orchestration of enterprise applications across multiple clouds, thereby eliminating the complexities of multi-cloud management. Aviatrix Cloud InterConnect on Nutanix securely extends the enterprise’s datacenter network into the public cloud with a single click—creating a unified, secure network on demand that spans multiple clouds, enabling self-service devops via dynamic hybrid cloud network provisioning.

Hybrid Cloud Use Cases

Why is the hybrid cloud important for enterprises? Let’s look at some of the use cases:

Application Mobility between private and public cloud: Enterprises looking to leverage the public cloud for incremental infrastructure capacity need to move applications and data between private and public clouds. For example, several companies are moving Dev/QA environment in public cloud while keeping their production site on-premises.

DevOps on Demand in the public cloud: DevOps teams have unpredictable and seasonal needs for on demand infrastructure for dev/test needs. These applications, although born in the cloud, have dependencies on applications and data still residing on-premises, and need a seamless way of interacting and accessing them.

Backup, Disaster recovery and high availability: Enterprises can use public clouds as a target for backup and disaster recovery, leveraging the benefits of the public cloud and avoiding upfront capital outlay that’s otherwise needed to build these solutions themselves.

The cost of disparity in technologies and operational workflows

Disparate compute, storage, networking and security technologies, coupled with disjoint operational workflows make today’s hybrid cloud environments complex, expensive, and inflexible. Let’s look at the impact closely:

  • Today’s hybrid cloud environment is provisioned mostly by hand, making it error prone besides the long lead time to build
  • Hybrid cloud is expensive to operate because many point tools and DIY scripts are cobbled together
  • Hybrid cloud requires highly skilled IT to work on even the routine modify-add-delete change requests
  • Last, but most important, today’s hybrid cloud fails to deliver on the unified experience for the customers

Why is the network a problem?

  • Disparate point-to-point networking and encryption technologies to connect data center and the public cloud – IPSEC VPN, SSL VPN, DirectConnect, ExpressRoute etc., impact the hybrid cloud network architecture and performance
  • Lack of technology choices to seamlessly extend the private IP address space to the public cloud causes IT to offer disjoint experiences
  • Lack of options to securely connect multi-cloud or inter-regions result in hybrid cloud environments without end-to-end security
  • Multiple teams need to be involved – Networking team, virtualization team, cloudops team, security team, compliance team etc. that causes
    • Long lead times, often several weeks to establish hybrid cloud connectivity as the edge router needs to be reconfigured as well which requires additional scrutiny due to the associated business risk
    • Errors due to manual configuration, open source tools, or legacy 3rd party tools, all of which require some degree of manual configuration
  • Cost of operationalizing a hybrid cloud environment increases exponentially as it scales since there is no end-to-end network connectivity or performance visibility, no central place for logs/events and no single-console for all things networking

Details of the Joint Solution

Under the joint solution (see figure 1), Nutanix is breaking the multi-cloud barrier with the introduction of Calm, a cloud agnostic application orchestration product offering, whereas Aviatrix complements Nutanix’s offering by adding a pre-integrated multi-cloud secure connectivity layer — Aviatrix Cloud InterConnect (ACX), that runs in a VM inside Nutanix. The joint solution enables the IT operations teams to leverage public cloud on-demand, as a seamless extension of the compute, storage and networking resources provisioned on premises.

Figure 1: Nutanix Calm and Aviatrix Cloud InterConnect (ACX) Joint Solution
Figure 1: Nutanix Calm and Aviatrix Cloud InterConnect (ACX) Joint Solution

ACX eliminates the complexity of securely connecting to and across public clouds. Already, the Aviatrix software is fully integrated with Amazon Web Services (AWS), with Azure and Google Cloud support to come shortly. It makes use of the public cloud providers’ native APIs to configure customer’s public cloud resources including routes, and security groups to allow applications running in on-premises subnets and those in AWS VPCs to securely access each other.

Key benefits of the joint solution include:

One-Click Simplicity
  • Streamline all hybrid cloud infrastructure provisioning and management across compute, storage, and networking through a point-and-click interface
  • Support multi-cloud secure connectivity from a single interface
Cloud Agility
  • Provision a hybrid or multi-cloud topology in minutes, create subnets in AWS VPCs as an extension of your data center network
  • Self-service, on-demand deployment of the application blueprints across multiple clouds, without requiring any changes to the on-premises edge router
Rich APIs and Tools Integration
  • Comprehensive API support for end-to-end automation and operational visibility across DevOps lifecycle

How to Access the Joint Solution

The joint solution runs on Nutanix AHV and is available as a blueprint in the Nutanix Marketplace. Nutanix customers can access and deploy the Aviatrix Cloud InterConnect blueprint from Nutanix Calm, and they can work with a single interface to extend their infrastructure to the public cloud, coupled with built-in application orchestration—all with a single click!

Here’s the process to follow:

  • Download the Aviatrix Cloud InterConnect blueprint from the Nutanix Marketplace (figure 2)
  • Launch the blueprint from Nutanix Calm to instantiate Aviatrix Cloud InterConnect on a target Nutanix cluster (figure 3)
  • From the Aviatrix Calm app running on Nutanix, create and configure VPCs in AWS, which automatically configures secure connection to these VPCs with a few simple clicks
Figure 2: ACX Blueprint in Nutanix Marketplace
Figure 2: ACX Blueprint in Nutanix Marketplace
Figure 3: Launch ACX Blueprint from Nutanix Calm
Figure 3: Launch ACX Blueprint from Nutanix Calm

Start Your Cloud Adoption Journey with Us

The enterprise cloud adoption journey is just that – a journey!  Existing solutions fall short in paving the path to hybrid cloud. Aviatrix, a pioneer in hybrid cloud networking, and Nutanix Inc., a leader in enterprise cloud computing, are introducing an integrated hybrid cloud solution that enables enterprises to painlessly orchestrate applications across public cloud and hyper-converged private cloud environments. Together, Nutanix and Aviatrix provide a unified hybrid cloud consumption experience. Plus, you can enjoy this unified hybrid cloud experience without opening IT tickets or even knowing the details of cloud or networking operations.

To find out how to get started, contact us at or


Comments are closed for this post.

Latest Posts

Aviatrix Now Provides FIPS 140-2 Validated Encryption
By Sam Ghardashem, June 14, 2019

How Aviatrix’s intelligent orchestration and control eliminates unwanted tradeoffs encountered when deploying Palo Alto Networks VM-Series Firewalls with AWS Transit Gateway
By Sam Ghardashem, June 7, 2019

How to Use Aviatrix SD Cloud Routing to Build Azure Networks
By Karthik Balachandran, March 20, 2019

The Cloud in 2019 and Beyond: More of the Same, Only Better
By Steven Mih, December 6, 2018

Understanding AWS VPC Egress Filtering Methods
By Khash Nakhostin, November 14, 2018

Top Tags

Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FireNetAviatrix Firewall Network ServiceAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS Transit Gateway (TGW)AWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud Gatewaycloud governanceCloud MigrationCloud NetworkingCloudOpsCSRDevOpsEgress TrafficElon MuskEnterprise Strategy Group (ESG)FIPS 140-2GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNext Generation Firewalls (NGFW)NiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPCI CompliancePci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSafeLogicSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSquidSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringUse Casesvalidated encryptionVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVMwareVNet ConnectivityVPCVPC PeeringVPN