IBM Cloud VPC Architecture Overview
Key Points
- IBM Cloud’s Virtual Private Cloud (VPC) lets you create isolated logical networks that you can build, modify, tear down, and deploy workloads into, delivering agility, security, isolation, performance, and scalability.
- A VPC is anchored in a Multizone Region (MZR) composed of at least three fault‑tolerant zones, each of which can host multiple subnets to define private IP address ranges and enable network segmentation.
- Security Groups act as network firewalls within the VPC, allowing you to define inbound and outbound allow/deny rules to protect your cloud deployments.
- Connectivity options include a public gateway with optional floating IPs for internet access, and private links via VPN as a Service or Direct Link circuits to extend on‑premises networks or connect to other VPCs.
- IBM Cloud provides Load Balancing as a Service—supporting HTTP/HTTPS with SSL offload and TCP—to improve application availability and performance before handing the VPC over to development teams.
Full Transcript
# IBM Cloud VPC Architecture Overview **Source:** [https://www.youtube.com/watch?v=KIjP0dDHu5w](https://www.youtube.com/watch?v=KIjP0dDHu5w) **Duration:** 00:04:05 ## Summary - IBM Cloud’s Virtual Private Cloud (VPC) lets you create isolated logical networks that you can build, modify, tear down, and deploy workloads into, delivering agility, security, isolation, performance, and scalability. - A VPC is anchored in a Multizone Region (MZR) composed of at least three fault‑tolerant zones, each of which can host multiple subnets to define private IP address ranges and enable network segmentation. - Security Groups act as network firewalls within the VPC, allowing you to define inbound and outbound allow/deny rules to protect your cloud deployments. - Connectivity options include a public gateway with optional floating IPs for internet access, and private links via VPN as a Service or Direct Link circuits to extend on‑premises networks or connect to other VPCs. - IBM Cloud provides Load Balancing as a Service—supporting HTTP/HTTPS with SSL offload and TCP—to improve application availability and performance before handing the VPC over to development teams. ## Sections - [00:00:00](https://www.youtube.com/watch?v=KIjP0dDHu5w&t=0s) **IBM Cloud VPC Overview** - Ryan Sumner explains IBM Cloud's Virtual Private Cloud, detailing its agility, security, and scalability benefits while outlining core components like multizone regions and subnet-based network isolation for deploying workloads. ## Full Transcript
Hi, I'm Ryan Sumner and I'm with the IBM Cloud team.
So, you're interested in VPC?
Well today I'm going to tell you how IBM does VPC.
Virtual Private Cloud, or VPC,
allows the user of the cloud environment
to define Virtual Private Networks,
manipulate them, control them, tear them down, recreate them,
and then deploy workloads into those definitions.
So, why does that really matter to you?
Why does it matter to the rest of the business?
Well, agility, security, isolation,
performance, scalability - I could go on and on.
But first I want to take you through the building blocks that have
broken out into a few key areas to help you understand truly what it is.
The first building block is all about the core components that make up VPC.
VPC is an isolated logical network that you create,
but the first thing that defines it is where it's located.
In IBM Cloud we call this location a Multizone Region,
or an MZR.
A Multizone Region consists of at least three zones that are
completely fault tolerant locations within that region that have absolutely
no dependence on the other zone and allow you to deploy your applications in
a resilient fashion. A VPC also defines at a high level the IP addresses that
will be used for private communication within that VPC, again across that
region. These IP addresses are further used and broken down by allowing you to
create one or more subnets within each zone. So, now you're starting to build an
IP network. You have complete control over this, create one subnet for a flat
network, or introduce segmentation with multiple subnets again in each zone. The
next building block provides a component to allow you to secure your cloud
deployments. Security Groups are a network function that allows you to
create rules that will either allow or deny network communication in, out, and
around the VPC. Now, that we've created our VPC and we've secured it, we need to
get connectivity to it. IBM Cloud provides both public and
private access and different components to provide connectivity for each of them.
For internet or public access, we provide public gateway, that's your outbound
access. We also provide a floating IP that you can tie to any of the cloud
resources that you've deployed in your VPC, providing both inbound and outbound
public access. For private connectivity, we provide VPN as a Service, or
traditional direct link private circuits. This is so you can extend your
enterprise into the IBM Cloud, or you can even connect your VPC to another VPC,
or an outside resource. We're getting close to deploying our workload in VPC
but first let's talk about what network functions exist to help us with
acceleration and availability. IBM Cloud provides a Load Balancing as a Service,
which is an application load balancer capable of both HTTP, HTTPS with SSL offload
and traditional TCP load balancing. Now, that we've built our VPC we've
secured it and we have connectivity in and out of it, we can hand it over to our
application teams to deploy their workloads. IBM Cloud VPC is enabled
today for virtual machines, deploy customizable infrastructure, or
Kubernetes for those containerized workloads. There are other capabilities
in VPC that provides security like encrypt a block storage, or flexibility
like image import, and much more. I hope all these building blocks help you
understand the value and benefits that IBM Cloud VPC brings to you in your
public cloud journey. Thank you. If you have any questions please drop us a line
below. If you want to see more videos like this in the future please like and
subscribe and don't forget you can always get started on the cloud at no
cost by signing up for a free IBM Cloud account.