What is a VPC?

As on-premises and cloud services mature, many IT leaders are weighing the costs and benefits of public vs. private clouds more vigorously than ever. Many are moving from on-prem to the public cloud and repatriating back to owned data centers to find the best performance and efficiencies. Even as more workloads move to public cloud services, a study by IDC found that 80% of companies considered “digital leaders” intend to keep their on-prem environments intact. 

Even if that study was released in 2020, this momentum remains as hybrid multicloud becomes the preferred IT environment for most IT decision makers. 

“Public clouds have reset expectations for how responsive IT can be, but they are not a magic bullet,” said Andrew Buss, Research Director for Enterprise Infrastructure at IDC. 

“Most applications and services delivered in on-premises IT environments need modernizing and simply lifting and shifting apps to the cloud without doing so or changing how they are managed will produce an outcome that is far from optimal.”

Learning this the hard way can send IT decision makers back to the drawing board to rework a strategy centered around their own private cloud, powerer by a virtualizing hypervisor and hyperconverged infrastructure.

Then there are the enterprises who don’t like the idea of putting any of their data into the public cloud or being part of a shared pool of resources (that potentially includes competitors), according to David Linthicum, Chief Cloud Strategy Officer at Deloitte Consulting told InfoWorld. 

“I was in so many of those meetings back then, hearing CIOs proclaim that their data would never exist outside of their firewall, ” Linthicum said. “When moving to cloud, it was going to be their cloud in their data center: a private cloud.”

Too many organizations still value the security and autonomy of owning their own data center to give up that resource completely, Peter Panfil, vice president, global power at Vertiv told Data Center Frontier.

“They’re going to maintain or even add enterprise data centers, but those facilities are going to evolve to better serve the organization’s needs,” Panfil said. 

Recent innovations spawned more choices for tackling the cost, workforce and other challenges IT leaders face as they embrace cloud technologies. There’s the newer trend of on-premises infrastructure as-a-service, which is experiencing a strong uptick adoption via platforms such as HPE GreenLake, according to ESG practice director Scott Sinclair. It’s an approach centered on deploying private cloud infrastructure services on premises, managed by the vendor, has already shown benefits in reducing operational burdens on internal staff, he wrote in Tech Target. 

“In addition, the most commonly identified benefit of these consumption-based procurement models (such as as-a-service options) is the ability to accelerate digital initiatives by shifting costs out to future quarters,” explained Sinclair.

New technologies like Nutanix’s NC2 for AWS and Azure now allows private cloud-like data centers to run inside the most commonly used public cloud services. All of this shows that the concept of virtual private clouds is maturing and morphing.

What Is a Virtual Private Cloud (VPC)?

In the simplest of terms, a VPC is a private cloud computing model contained entirely within a public cloud. Sort of, like a reserved table at a restaurant. A set of the public cloud’s resources is logically isolated and reserved for use by only one client. This means compute, storage, networking and software operations are kept separate from all the other tenants of the public cloud.

Source: Cloudflare

Users can store data, run applications and code, host websites and do pretty much anything else they can do in a private cloud. A unique, private IP subnet is assigned to each client, enabling the use of virtualized hardware and software resources as if they are part of an on-prem environment. This also lets VPCs use a separate, secure network to connect to the internet, along with an optional dedicated circuit to the public cloud vendor.

Of course, all VPC resources are available and scalable on-demand just like the public cloud, while doing away with private cloud limitations such as acquiring and maintaining hardware, software, data center space and a team of skilled IT personnel.

“VPCs were really a marketing response by public cloud providers that found themselves competing with private cloud platforms such as OpenStack,” said Linthicum.

How Does a Virtual Private Cloud (VPC) Work?

The virtual private cloud combines the best of private and public cloud environments into a versatile, overlapping infrastructure. Basically, it is a private cloud that runs on a shared public cloud architecture.

In the context of cloud service delivery models, the VPC could be classified as Infrastructure-as-a-Service (IaaS), where one vendor provides the underlying infrastructure and other vendors could supply or manage VPC services on top of it. However, it is the responsibility of the public cloud infrastructure provider to ensure data security and integrity for the client organization.

This is how the various components of a VPC come together:

• The public cloud provider uses encryption to create a virtual private network (VPN) within its network. While VPN traffic passes through publicly accessible routers and switches connected to the internet, it is scrambled and therefore invisible to other users.
• A subnet with a unique range of private IP addresses is reserved for the client using the VPN. These IPs are not accessible to the public via the internet. The VPC admin can then create their own three-tier architecture (web tier that handles requests from browsers, application tier where the business logic resides and processing takes place, database tier where data processed in the application tier is stored) by assigning a subnet to each tier. Further, each of these subnets can be secured with an access control list (ACL) of its own.
• A unique virtual local area network (VLAN) – a group of devices connected to each other outside of the internet – is also assigned to the client organization. The VLAN partitions the network at the data link layer (layer 2) of the OSI model.
• Virtual server instances (VSIs) are presented to end users as virtual CPUs (vCPUs), each of which are allocated a predefined amount of compute and memory resources.
• VPC clients get a block storage quota, which they can scale up on a subscription basis.
• Networking functions such as load balancers (to distribute traffic across multiple VSIs), internet gateways (for communication with the regular internet), dedicated routers (for direct links between segments within the VPC), carrier gateways (for traffic to and from the carrier network), network address translation (NAT) devices and software (for connections to on-prem networks, other VPCs and private subnets on the internet), dedicated DHCP and DNS support, and prefix lists (classless inter-domain routing (CIDR) blocks of frequently-used IP addresses that can be referenced as a set by route tables and security groups) can be set up and managed by users.

Benefits of a Virtual Private Cloud (VPC)

Having access to a private cloud without the limitations of managing it is a boon for many SMBs and enterprises, according to Linthicum.

“If you gave me a choice of a private cloud or a VPC, I would likely pick the VPC for a standard deployment. It never made sense to me to build net-new physical hardware and software systems,” said Linthicum.

Benefits of VPCs include:

Agility and scalability – Each component of the VPC can be scaled up and down – in automated, dynamic and real-time fashion – as and when needed. The client organization has full and granular control over the network, storage and compute resources used by the VPC.

Availability – The underlying public cloud infrastructure provides redundant and highly fault-tolerant zone architectures. Business-critical workloads rarely face downtime because the cloud provider is constantly acquiring and upgrading the hardware that powers the VPC.

Security – VPCs are in effect virtualized replicas of private clouds hosted on-prem when it comes to security. A VPC is logically isolated from all other networks inside or outside the underlying public cloud environment. While public cloud security is automatically applied, it remains a shared responsibility between the client organization and the cloud provider.

Performance – The inherent performance advantage of cloud-hosted websites and cloud-native applications over on-premise deployments can’t be denied. VPCs take full advantage of these optimized and constantly-upgraded cloud resources.

Integration with hybrid cloud – A VPC is technically already connected to the underlying public cloud infrastructure. So it needs just one more hop to connect to another public or private cloud, or on-prem data center. And that much simpler to be part of a hybrid, multicloud environment.

Versatile Private Clouds

Many enterprises are running private or hybrid clouds for critical workloads while simultaneously growing their use of the public cloud, as per an IDC study. Further, 44% of over 2,000 respondents to the study said that their company plans to increase spending on the private cloud. 

VPCs provide a “common ground” environment for enterprises looking to find permanent homes for legacy and business-critical workloads.

The private cloud is no longer a fallback for what can’t go on public clouds, according to said Adam Stringer, Partner & Head of Business Resilience at PA Consulting.

“It is a misconception that regulation creates significant barriers to moving workloads to the cloud,” Stringer said. 

“Regulators do demand rigor, just as they do for other outsourced arrangements, but there are many successful examples of highly regulated firms migrating to the cloud. The key lies in careful planning.”

Organizations adopting VPCs are quick to realize the benefits of faster scaling, provisioning control, data handling and infrastructure governance.

Feature image by Pxfuel.

Dipti Parmar is a marketing consultant and contributing writer to Nutanix. She’s a columnist for major tech and business publications such as IDG’s CIO.com, Adobe’s CMO.com, Entrepreneur Mag, and Inc. Follow Dipti on Twitter @dipTparmar or connect with her on LinkedIn for little specks of gold-dust-insights.

© 2023 Nutanix, Inc. All rights reserved. For additional legal information, please go here.