VIDEO – What is a Virtual Private Cloud (VPC)?

5 min read

By: Ryan Sumner

A brief and concise overview of the architecture and benefits of virtual private clouds (VPC).

A virtual private cloud (VPC) is a public cloud capability that provides you the ability to define and control isolated virtual networks and then deploy cloud resources into those networks.

In my latest lightboarding video, I walk you through a basic virtual private cloud architecture and explain the many benefits it can provide to an organization.

Make sure you subscribe to the IBM Cloud YouTube channel if you'd like to see more videos like this! 

Learn more about virtual private clouds and networking

Video Transcript

What is a virtual private cloud (VPC)?

Hi, I'm Ryan Sumner, and I'm a Chief Network Architect with IBM Cloud.

What is a virtual private cloud (VPC)?

Do you know what VPC means, and why it even matters to you in your public cloud journey? Well, today, I'm going break it down.

VPC, or virtual private cloud, is a public cloud capability that provides you the ability to define and then control isolated virtual networks and then deploy cloud resources into those networks.

What is a virtual network?

So, what is a virtual network?

Well, to help you understand that, let me first help you understand how we would deploy networks in a standard public cloud.

Define a backbone

An administrator is going to define a backbone—now, that backbone is going to carry all the traffic in that cloud.

There's going to be some segmentation on that backbone to create a separation between one client and another client. Or, let's even say, separation between one application and another application within that same client.

Network backbone

Network function/router

So, now that we have that segmentation, we need a network function that will actually allow us to have communication between those segments.

A network function we're going to call router.

Network function router

Firewall function

So, now that we have communication between these segments, I might choose to say I don't want traffic to flow between this segment and that segment. Let's say because this is customer A and this is customer B.

So, now I have a firewall function that provides us with filtering capabilities.

Firewall function

So, now I have my cloud defined, it's completely isolated, it's not connected to the rest of the world—but I need internet connectivity because I'm hosting web application here.

VPN function

So, now I need a network function that can provide me with NAT-ing.

In addition, I need to extend my enterprise. Or I have applications here that need to communicate and get data from my enterprise onsite.

So, I'm going to build a VPN function.

vpn function

Virtual networking

So, in a traditional cloud environment, almost of all these network functions are actually done with appliances. There done with appliances that require infrastructure administrators or network administrators to log into them using proprietary interface to define all these flows and controls.

If you look at virtual networking, however, we introduce all of these capabilities as a service. And we introduce all these capabilities to the user, where they can now create these functions and create this isolation and the segmentation with a UI or CLI or API.

Capabilities of a VPC

So, they might be able to say—I want four of these networks, and I want to find my own custom segmentation for this application for that application.

Capabilities of a VPC

Now, I want to have connectivity to my enterprise, I provision a VPN service to get connectivity to the internet. Instead of having to configure NAT-ing, I provision a service to be able to give me that ability.

So, now the user has this control, and they didn't need to know any proprietary interfaces to make these connections or define these flows. And, since each of these are networks, they are completely isolated with each other. They don't have connectivity between each network until I say so.

Benefits of a VPC

So now, let's talk about a few of the benefits. Now you understand where the virtual network comes into play and how that actually contributes to the private piece of VPC.

Security

So, some of the benefits are—because now I can get all these functions, and I have isolation built in—I have some security aspects.

Scale

In addition, since these are not appliances and it's actually provided has a capability of the cloud, I can do all of this at scale.

Custom

Again, developers need things that are customizable right. So, the aspect of being able to define the segmentation and say I want four, five, or six, or tear it all down and come back tomorrow to do it again, I need some aspects of customizing this environment.

Flexible

In addition, it's flexible enough to allow the user to be able to say—I need to be able to add virtual segmentation later on down the road, or I need connectivity to the enterprise down the road.

Agile

So, these two attributes here actually allow the developers to become more agile, which hopefully is going to save you some money. So, now you understand virtual private cloud and why it matters to you.

Benefits of a VPC

Be the first to hear about news, product updates, and innovation from IBM Cloud