Cisco Cisco Intercloud Fabric for Provider White Paper
© 2015 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public.
Page 5 of 10
The Intercloud fabric director, Cisco Virtual Supervisor Module (cVSM), and Intercloud fabric secure extender
infrastructure components are deployed in the private cloud (enterprise data center), and the Intercloud Fabric
Switch (ICS) and integrated gateway deployed in the public cloud (Microsoft Azure). For additional information,
refer to
Deployment of the cloud services router integrated gateway (Cisco Intercloud Fabric integrated router) allows
routing of the overlay extended networks within the cloud provider environment. The Cisco Intercloud Fabric router
was configured to allow external clients (that is, clients not connected to the enterprise) to access the SQL
reporting services using the public Internet.
All data in motion (SQL replication data) is cryptographically isolated and encrypted within the Intercloud fabric
secure extender. This data includes traffic exchanged between the private and public clouds (site to site) and the
virtual machines running in the cloud (virtual machine to virtual machine). A Datagram Transport Layer Security
(DTLS) tunnel is created between endpoints to more securely transmit this data. DTLS is a User Datagram
Protocol (UDP)
–based, highly secure transmission protocol.
The SQL Server primary database instance is deployed in the private cloud (enterprise data center), and
secondary instances are deployed in the Azure cloud. The replication between the primary and secondary
databases occurs through this secure tunnel. This process requires the opening of appropriate ports in the
enterprise firewall: for example, in this setup, ports 443 and 22 are opened.
Microsoft SQL Server 2014 AlwaysOn in Hybrid Cloud
SQL Server 2014 AlwaysOn availability groups can protect multiple databases by replicating all database
transactions on up to eight replica servers. Combining infrastructure as a service (IaaS) with AlwaysOn availability
groups enables customers to create and host replicas in the hybrid cloud, creating a high-availability solution
without the need to set up their own high-availability and disaster-recovery site. If a primary site or primary SQL
Server database fails, the database instance in the hybrid cloud can provide data until the primary on-premises
database is available. Customers can gain these high-availability benefits without the need for any additional
capital expenditures. With the hybrid cloud, you pay only for the resources that you require.
For the purpose of this study, a primary server and a secondary replica are configured with synchronous commit on
premises, and a third replica is configured with asynchronous replication in the Azure cloud. The Intercloud Fabric
Switch (ICS) can perform the routing and Network Address Translation (NAT) functions using the integrated
gateway feature with the Azure cloud.
Organizations have complete control over both the operating system and the installed applications and can achieve
almost complete compatibility with the on-premises SQL Server and take advantage of AlwaysOn availability
groups. They can use secondary replicas for high availability, disaster recovery, reporting, and backup Figure 2.