Cisco Cisco Intercloud Fabric for Provider White Paper

Page 5 of 10

The Intercloud fabric director, Cisco Virtual Supervisor Module (cVSM), and Intercloud fabric secure extender

infrastructure components are deployed in the private cloud (enterprise data center), and the Intercloud Fabric

Switch (ICS) and integrated gateway deployed in the public cloud (Microsoft Azure). For additional information,

refer to

Deployment of the cloud services router integrated gateway (Cisco Intercloud Fabric integrated router) allows

routing of the overlay extended networks within the cloud provider environment. The Cisco Intercloud Fabric router

was configured to allow external clients (that is, clients not connected to the enterprise) to access the SQL

reporting services using the public Internet.

All data in motion (SQL replication data) is cryptographically isolated and encrypted within the Intercloud fabric

secure extender. This data includes traffic exchanged between the private and public clouds (site to site) and the

virtual machines running in the cloud (virtual machine to virtual machine). A Datagram Transport Layer Security

(DTLS) tunnel is created between endpoints to more securely transmit this data. DTLS is a User Datagram

Protocol (UDP)

–based, highly secure transmission protocol.

The SQL Server primary database instance is deployed in the private cloud (enterprise data center), and

secondary instances are deployed in the Azure cloud. The replication between the primary and secondary

databases occurs through this secure tunnel. This process requires the opening of appropriate ports in the

enterprise firewall: for example, in this setup, ports 443 and 22 are opened.

Microsoft SQL Server 2014 AlwaysOn in Hybrid Cloud

SQL Server 2014 AlwaysOn availability groups can protect multiple databases by replicating all database

transactions on up to eight replica servers. Combining infrastructure as a service (IaaS) with AlwaysOn availability

groups enables customers to create and host replicas in the hybrid cloud, creating a high-availability solution

without the need to set up their own high-availability and disaster-recovery site. If a primary site or primary SQL

Server database fails, the database instance in the hybrid cloud can provide data until the primary on-premises

database is available. Customers can gain these high-availability benefits without the need for any additional

capital expenditures. With the hybrid cloud, you pay only for the resources that you require.

For the purpose of this study, a primary server and a secondary replica are configured with synchronous commit on

premises, and a third replica is configured with asynchronous replication in the Azure cloud. The Intercloud Fabric

Switch (ICS) can perform the routing and Network Address Translation (NAT) functions using the integrated

gateway feature with the Azure cloud.

Organizations have complete control over both the operating system and the installed applications and can achieve

almost complete compatibility with the on-premises SQL Server and take advantage of AlwaysOn availability

groups. They can use secondary replicas for high availability, disaster recovery, reporting, and backup Figure 2.