Cloud Provider Interconnect

The Cloud Provider Interconnect (CPI) service is a CDT managed statewide solution that provides customers with secure direct connectivity from the CDT Data Centers to Cloud Service Providers (CSPs) such as Microsoft Azure and Amazon Web Services (AWS).

The CPI service allows customers to isolate their cloud connections from existing internet traffic through direct, encrypted connections to CSPs. This not only reduces potential security exposures of the Internet, but also allows customers to take advantage of the existing CDT Data Center security features. The CPI service provides secure, reliable connectivity with extreme flexibility, allowing customers to:  enable multi-cloud solutions, connect to multiple cloud service providers in multiple regions, and increase and decrease bandwidth as needed to support the changing demands of their cloud services.

NOTE:  Although not required, CPI is recommended when confidential and/or sensitive data will be transferred.

N

Benefits

  • CPI allows customers to bypass the public Internet, providing a private and secure network experience.
  • Customers gain access to CSP services with more reliability, faster speeds, and lower latencies than typical Internet connections.
  • Available to any customer with network connectivity to CDT’s State Data Centers.

 

  • CPI leverages Service Level Agreements (SLAs) with the associated circuits, hardware and CSP connections to deliver an Enterprise solution for the State of California.

 

  • Seamless, automated provisioning using integrated capabilities enables CDT and its customers to set up virtual connectivity and CSP services quickly.
  • Redundant and diverse interconnectivity paths to and from CSP cloud environments and CDT resources for high reliability.
  • Superior data privacy and security.

For a monthly per-connection subscription fee, customers gain private connectivity to one or more Cloud Service Providers (CSPs), including Amazon Web Services (AWS) and Microsoft Azure.

  • Private connectivity – CPI allows customers to take their traffic off the public Internet
  • Redundant Equinix Cloud Exchange (ECX) ports and CSP connectivity for higher reliability
  • Wide Area Network (WAN) vendor agnostic – any customer site(s) connected to CGEN (single vendor or multiple vendors) can utilize the service
  • Unlimited CPI data transfer (CSP charges for data transfer are separate)
  • DR/OR services available
  • Ease of provisioning using integrated capabilities enables CDT and its customers to set up virtual connectivity quickly
  • 24 x 7 x 365 CDT Service Desk support for Network connectivity
  • Service Level Agreements (SLAs) for the associated circuits, hardware and CSP connections offer more reliability and performance than Internet connectivity
  • Multiple CSP Region availability

What is CDT Cloud Provider Interconnect (CPI)?

CDT CPI Service provides a flexible and secure physical and logical connections between a customer’s network and select Cloud Service Providers (CSPs).

How does CPI work?

CPI extends a customer’s network (via CGEN) to the compute resources at select cloud services providers, providing customers with an efficient and highly-secure way to utilize their cloud services.

What connectivity is required to access the Cloud Provider Interconnect (CPI) Service?

CPI service is available to any customer with network connectivity to CDT’s Statewide Data Center.

What is the difference between Cloud Provider Interconnect (CPI), Azure Express Route, and AWS Direct Connect?

Cloud Provider Interconnect (CPI) – CDT CPI Service provides flexible and secure physical and logical connections between customer’s network and select Cloud Service Providers (CSPs).

 

 

 

 

 

 

 

 

 

 

Azure Express Route & AWS Direct Connect— While CPI establishes the direct physical connectivity to CSPs, CSPs require a subscription to utilize this connectivity for logical data transfer. Amazon Web Services (AWS) Direct Connect and Microsoft Azure Express Route are the respective brand names for this direct connection subscription service.

Note: CSPs charge customers based on measured data transfer (egress) from their cloud computing environments. Please consult your CSP of choice for further information.

Will public Internet users of a CSP hosted state application, need to be routed through the CPI service?

Yes

What Microsoft Azure services are available via CPI and Azure Express Route?

At this time, the CDT plans to use Microsoft Azure Express Route for:

  • Office 365 identity and authentication services available in Azure via Express Route.
  • IaaS/PaaS services

Note: General O365 connectivity currently leverages the public Internet. CDT and Microsoft are working towards moving this to an option for CPI and Express Route users. No ETA at this time, O365 services (except identity and authentication) expected to stay on the Internet for the near-term.

How is CPI billed?

CPI is predictable with flat rate billing based on subscribed bandwidth. CPI is billed per connection (primary and backup included) to a particular CSP (on a peering path basis). CPI is offered at multiple speed tiers with unlimited data transfer.

Note: Other CSP charges may apply. CSPs may charge monthly to enable a private connection, CSP may charge for ingress or egress data transfer (connecting via CPI vs. public Internet may result in lower data transfer costs). Rates for Measured Services vary among CSPs and are billed directly by CSPs to the customer. Other CSP specific requirements may need to be considered.  Please consult your CSP for details.

How can I order CDT CPI?

Customer enrollment into the Cloud Provider Interconnect (CPI) Service is a two-step process that begins with the Customer submitting a request for Cost Estimate/Design for CPI.   CDT will contact the customer regarding the request and provide a cost estimate.  Once the cost estimate is provided the customer submits a second request for CPI Implementation, attaching the provided Cost Estimate.  Please contact your Account Lead should you require any assistance with the request process.

Is there a term agreement?

No, CPI is a month-to-month service.

Which CSPs can I connect to?

The service allows connectivity to multiple CSPs in multiple regions. Currently, CDT has established connectivity with Microsoft Azure and Amazon Web Services (AWS). Please consult with your CDT Account Lead for further information.

What bandwidth options are available?

CPI is offered at ≤ 50 Mbps, 100 Mbps, 200 Mbps, 500 Mbps, 1 Gbps, 2 Gbps, 5 Gbps and higher.

What are some of the key benefits?

CDT’s Cloud Provider Interconnect is the technical standard for Executive Branch customers connecting to the cloud. In many circumstances, private network connections can reduce costs, increase bandwidth, and provide a more consistent network experience than Internet-based connections.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Key benefits include:

  • Network Reliability – Deliver important cloud-based business applications more quickly and with extremely high availability utilizing CDT’s low-latency, highly redundant network.
  • Security – Safely run your applications and move sensitive information between public and private clouds using CDT’s CPI with customer or CDT managed encrypted tunnels (optional). CDT security standards are maintained.
  • Expert Network Design – Collaborate with the CDT Network Engineering Team to implement a highly efficient network.
  • Service Level Agreements – Unlike accessing CSPs via the public internet, CPI leverages Service Level Agreements (SLAs) with the associated circuits, hardware and CSP connections to deliver an Enterprise solution for the State of California.

Additional Benefits include:

  • Private connectivity – CPI allows customers to take their traffic off the public Internet and isolate cloud traffic from other traffic
  • Improved Performance – Redundant ECX port and CSP circuit connectivity for higher reliability
  • Vendor agnostic – any customer site(s) connected to CGEN (single vendor or multiple vendors) can utilize the service
  • Ease of provisioning using integrated capabilities enables CDT and its customers to set up virtual connectivity quickly
  • 24 x 7 x 365 Service Desk support
  • Multiple CSP Region availability
  • Distributed Denial of Service (DDoS) mitigation

 

 

 Shared Responsibility Diagram for CPI Connectivity

 (click header to download PDF version of graphic)

Cloud security is a joint effort between the customer, CSPs, and CDT.   CPI was developed with security in mind – allowing customers to securely and reliably take advantage of the benefits of cloud computing.

The CPI Service offers the following security features:

  • Part of the CDT Statewide Security Perimeter
  • Private connectivity – CPI allows customers to take their traffic off the public Internet and isolate cloud traffic from other traffic
  • Encryption (optional) – Customers or CDT can encrypt from specific network point(s) to the CSP.
  • SLA’s
  • Distributed Denial of Service (DDoS) mitigation for CDT ISP customers

Note: Customers are responsible for security of their content, platforms, applications and systems within the CSP environment.

StageCDTCustomerCSP
PlanningParticipate in design meetings to determine customer requirements and appropriate solutions.Actively engage with CDT and CSP to collaboratively determine the best network connectivity option. Consider access mechanisms, security, integration, application architecture, disaster recovery, bandwidth needs, and customer specific requirements.Provide information related to establishing private connectivity.
ProvisioningTurn up and test logical connections.
Document connectivity.
Provide CDT with any CSP or customer side of network information required to provision private connectivity (subscription, IPs, etc…).
Secure content, platform, applications, and systems within the cloud.
Provide portal with Application Program Interface (API) allowing private connectivity.
Support24 x 7 x 365 CDT Service Desk support for network connectivity.
Collaborate with customer and vendor partners for CPI trouble resolution.
Plan and augment capacity as needed.
Monitor Customer CSP environment.
Collaborate with CSP for trouble resolution.
Contingent on CSP and Customer selected service plans. Consult your CSP for further information.
Service CodeService DescriptionUnit of MeasurementRateNotes
N110Cloud Provider Interconnect 50MbpsConnection/Month $390.00
N111Cloud Provider Interconnect 100MbpsConnection/Month $440.00
N112Cloud Provider Interconnect 200MbpsConnection/Month $540.00
N113Cloud Provider Interconnect 500MbpsConnection/Month $740.00
N114Cloud Provider Interconnect 1000MbpsConnection/Month $1,140.00
N115Cloud Provider Interconnect 2000MbpsConnection/Month $1,690.00
N116Cloud Provider Interconnect 5000MbpsConnection/Month $2,490.00
N117Cloud Provider Interconnect over 5000MbpsConnection/Month $3,390.00
N118Cloud Provider Dedicated Direct Connect up to 1000MbpsConnection/Month $2,940.00
N119Cloud Provider Dedicated Direct Connect over 1000MbpsConnection/Month $5,090.00

Subscriptions to this service are available. Rates may also be referenced in the CDT Rate Schedule.

 

Customer enrollment into the Cloud Provider Interconnect (CPI) Service is a two-step process that begins with the Customer submitting a request for Design/Cost Estimate for CPI (link below).   CDT will contact the customer regarding the request and provide a cost estimate.  Once the cost estimate is provided the customer submits a second request for CPI Implementation (link below), attaching the provided Cost Estimate.  Please contact your Account Lead should you require any assistance with the request process.

Enrollment in Cloud Provider Interconnect (CPI) Service

  1. The Customer contacts their Account Lead.
  2. The customer submits a Service Request for New Network Design/Cost Estimate for CPI. A Design meeting can be scheduled at the customer’s request.
  3. CDT reviews the request and attaches a cost estimate to the Service Request for customer review.
  4. Service Request is closed.
  5. The customer submits a second Service Request for CPI implementation by selecting Cloud Provider Interconnect (CPI).
  6. CDT works with the Customer and cloud provider to implement design, test connectivity, and turn over administration to customer.
  7. Service Request is closed.

To Request a Design and Cost Estimate for CPI Service: Request Cost Estimate

Prior to submitting the Service Request for CPI Implementation, customers must have completed enrollment in CDT’s Off-Premises Cloud Services and have a Cloud Service Provider subscription.

To Request CPI Implementation: Request Implementation

If you have questions or need further clarification, please contact your CDT Account Lead by using the Account Lead Directory, or call Customer Engagement at (916) 431-5390.