As cloud computing has matured, the promise of automation has become a reality for many aspects of IT infrastructure. **Compute and storage resources**, which once required manual setup and configuration, are now available on demand, scalable with the click of a button or the execution of a script. This transformation has enabled organizations to operate with unprecedented agility, deploying applications at scale and rapidly adjusting to fluctuating demand. For DevOps teams, developers, and IT managers, compute and storage have become as easy to manage as writing code.
However, one essential part of infrastructure has not kept pace with this transformation: networking. While compute and storage can be deployed programmatically, networking requires substantial manual configuration, especially in complex, multi-cloud, or hybrid environments.
The impact is significant: companies face increased security risks, higher operational costs, and time-intensive setups as they attempt to configure, deploy, and scale networks that meet their business needs. This article explores why networking hasn’t reached the same level of programmability as compute and storage and what the implications are for organizations that need secure, flexible, and efficient infrastructure.
In the early days of IT infrastructure, setting up compute and storage resources was a manual, resource-intensive process. Teams would provision physical servers, allocate storage volumes, and configure the necessary software and hardware to support applications. Scaling these resources required ordering and installing new equipment, a time-consuming approach that limited agility and increased costs.
With the advent of cloud computing, this model changed dramatically. Cloud providers introduced infrastructure as a service (IaaS), which enabled organizations to provide virtual machines and storage on demand. Compute resources could be deployed within minutes, and storage options evolved to include scalable object storage, managed databases, and archival solutions that are adjusted automatically based on usage. Over time, automation tools and Infrastructure as Code (IaC) platforms, like Terraform and CloudFormation, allowed teams to write code that defined infrastructure deployments, making the process repeatable, reliable, and scalable.
Today, computing and storage resources deployment has reached an unprecedented level of ease. Organizations can set up, scale, and manage these resources across multiple regions and cloud providers through a simple script or API call, allowing them to handle dynamic workloads and fluctuating demands. Serverless technologies, auto-scaling, and containerized deployments add further flexibility, enabling organizations to deploy compute and storage infrastructure in real time without managing the underlying hardware. This programmability level has allowed businesses to innovate faster and with greater flexibility, but it remains an unattainable standard for networking.
As organizations adopt multi-cloud, hybrid, and inter-company networking setups, the complexity of configuring, deploying, and managing networks has grown exponentially. Unlike compute and storage, which can be programmatically deployed and adjusted, networking requires significant manual input, especially in the following areas:
When deploying applications across multiple cloud providers—such as AWS, Google Cloud, and Azure—each platform has its unique networking configurations, naming conventions, and security policies. Integrating these networks requires setting up Virtual Private Clouds (VPCs) for each environment, configuring IP ranges to avoid overlap, and establishing peering connections or VPNs to enable secure communication between clouds. This fragmented setup introduces a high degree of complexity. It requires in-depth knowledge of each provider’s networking tools, increasing the potential for configuration errors that could lead to security vulnerabilities or connectivity issues.
For companies that need to connect their cloud resources with on-premises infrastructure or with other organizations, the challenge of creating a seamless, secure network is even more significant. Hybrid environments require consistent configurations and security policies, and connections between internal networks and third-party networks (such as those of partners or clients) must be carefully monitored to prevent unauthorized access. Achieving the necessary level of coordination often means investing considerable time in planning and configuration, leaving less time for innovation and increasing operational costs.
In multi-cloud and hybrid environments, developers and IT managers frequently encounter a need to configure multiple **Network Address Translation (NAT) layers** to connect internal resources across clouds, regions, and services. From containerized applications within Kubernetes clusters to VPC configurations, each component typically requires a unique NAT layer to ensure secure, routable communication. This need for multiple NAT setups introduces a heavy maintenance load, as each layer must be carefully managed to prevent misconfigurations and unintended exposures.
Manual configuration of networking components, including firewalls, IP whitelisting, and security groups, can lead to inconsistencies and vulnerabilities that are difficult to detect and address. When each environment is configured independently, enforcing security policies across all environments becomes a logistical challenge. Without centralized control, companies face a higher risk of configuration drift (when network settings vary from the original plan) and exposed assets that may go unnoticed. This setup creates gaps in visibility and increases the likelihood of security breaches.
Many organizations rely on public IP addresses and internet gateways to enable cross-region and multi-cloud networking, exposing parts of their infrastructure to the public internet. While these components are essential for connectivity, they introduce risks by making critical resources accessible outside the organization. This exposure requires additional security measures, such as monitoring and encryption, and even then, the risk of data interception or unauthorized access remains high.
These challenges illustrate how networking requires significant manual effort and expertise, particularly in complex cloud environments. Organizations must constantly weigh the trade-offs between flexibility, security, and the efficiency of their network deployments—a level of complexity not seen in modern compute or storage provisioning.
While tools are available to help automate some aspects of network configuration and management, they often fall short of providing the simplicity and programmability available for compute and storage. Here’s a look at some prominent tools and where they fail to meet the needs of today’s complex network deployments.
Software-defined networking (SDN) was designed to address some of these networking challenges by separating the control plane (where decisions about data routing are made) from the data plane (where data moves). SDN platforms allow for centralized management of network paths and policies, making network traffic flow more controllable and programmable. However, SDN is primarily suited to private data center environments and often requires proprietary hardware, which can be costly to implement and maintain. Network-as-code solutions and SDN extensions into the cloud lack the flexibility and ease of true programmatic provisioning, especially in multi-cloud environments where no single control plane can span all vendors.
IaC tools, like Terraform, Ansible, and CloudFormation, have made significant strides in enabling network configuration through code. With IaC, network settings—such as IP ranges, subnets, and security rules—can be defined in code, providing consistency across deployments. However, IaC implementations for networking are often static, meaning they lack the real-time flexibility needed for dynamic workloads. Additionally, IaC-based networking is usually managed separately from compute and storage configurations, complicating multi-cloud deployments and making enforcing unified policies across regions and clouds harder.
Some vendors, such as Cisco (with Cisco ACI) and VMware (with VMware NSX), offer network automation platforms to centralize and streamline network management across data centers and cloud environments. While these tools provide more control, they have limitations, such as vendor lock-in, high setup and licensing costs, and complex integration requirements. These tools also lack the simplicity and speed of compute or storage solutions, requiring specialized skills to operate effectively.
Example: Consider an e-commerce company operating in multiple regions on AWS and Azure. While the company can use IaC to manage network configurations in each cloud, deploying a multi-cloud networking solution that offers real-time, secure communication between regions remains an arduous task. Networking tools can’t match the simplicity or flexibility of compute and storage deployment, meaning DevOps teams must invest substantial time and expertise to maintain network configurations manually.
These limitations underscore the fact that while networking tools have evolved, they have not reached the programmatic simplicity available for compute and storage. As a result, organizations are left with tools that only partially address their needs, highlighting the gap in networking automation and programmability.
To illustrate the limitations of current networking deployment methods, here are a few examples of how organizations struggle to configure, secure, and scale networks compared to compute and storage.
Imagine an e-commerce company that operates in multiple regions, serving customers from North America to Europe and Asia. The company’s application requires low latency and high availability, which means they need to deploy their infrastructure across several regions and cloud providers for redundancy. While provisioning compute resources and storage can be automated with Infrastructure as Code (IaC) scripts, the networking setup across regions presents a much larger challenge.
In this multi-region setup, the company must configure Virtual Private Clouds (VPCs) or Virtual Networks (VNs) in each region, connect these VPCs through inter-region peering or VPNs, and establish NAT layers to route traffic securely. Each cloud provider has its own configuration standards, meaning DevOps teams must individually adjust settings for each region and provider. Additionally, maintaining secure and efficient communication paths for critical customer data becomes an ongoing challenge, requiring specialized skills and significant time to manage manually. This complexity leads to increased operational costs and a higher risk of misconfigurations, ultimately limiting the agility needed for a high-demand e-commerce environment.
Consider a financial services company that uses a hybrid setup with both on-premises and cloud resources. To enable secure communication between its data centers and cloud environments, the company must configure VPNs, direct connections, or dedicated circuits between the two. However, establishing and maintaining secure connections in a hybrid setup is a time-consuming process, requiring continuous monitoring and adjustment to prevent unauthorized access.
When connecting on-premises infrastructure with cloud environments, the company often has to expose services using public IP addresses or internet gateways to enable secure access. Even with IP whitelisting, encryption, and firewall rules, the risk of exposure remains high, particularly if there is a misconfiguration or if IP addresses are unintentionally left open to the public. Additionally, NAT and firewall configurations must be manually adjusted with each new deployment, further increasing the likelihood of human error and exposing the organization to potential security breaches. Compared to compute and storage, where resources can be deployed and managed securely without exposing them to the public, networking remains a more challenging area to secure in real time.
These examples highlight the significant challenges that organizations face in deploying and managing networks in a way that matches the flexibility and security of compute and storage. Despite advancements, current networking practices often fall short, requiring extensive manual configuration and expertise.
While compute and storage have evolved to support real-time, programmatic provisioning, networking remains complex and less agile. There are several reasons why networking hasn’t yet reached the same level of programmability.
Networking requires the coordination of many interdependent components, such as IP addresses, DNS, routing, and access control lists (ACLs). Each of these components plays a critical role in maintaining a secure and efficient network, but their interdependence makes programmatic deployment challenging. In contrast, compute and storage resources are more isolated in terms of their dependencies; an individual compute instance or storage volume can often be deployed without impacting the configuration of other instances or volumes.
Each provider has its own proprietary networking tools and configurations in a multi-cloud environment, making it difficult to standardize network deployment. Unlike compute and storage resources, which are largely standardized regarding virtual machines or storage types, networking varies significantly between providers. AWS, Azure, and Google Cloud each offer their versions of VPCs, VPN configurations, and routing tables, but their interfaces, policies, and management tools differ. This lack of standardization forces organizations to work with provider-specific APIs or tools, reducing the potential for unified, programmatic networking across multiple clouds.
Many existing tools, such as Software-Defined Networking (SDN) and Infrastructure as Code (IaC), provide some level of automation but are not designed for real-time deployment or on-demand scaling of networks. SDN is well-suited for data center environments but lacks the flexibility to handle multi-cloud or hybrid deployments seamlessly. IaC tools enable reproducible network setups, but these setups are static by nature, meaning any changes to the network configuration require additional planning and deployment time. This limitation is particularly problematic for organizations that adjust networks dynamically based on demand, similar to how auto-scaling works for compute resources.
The need for manual configurations in networking also introduces security risks that aren’t as prevalent in programmatic compute and storage deployments. With more frequent manual adjustments, there is a greater likelihood of misconfigurations, leading to vulnerabilities that attackers could exploit. Compute and storage resources are easier to secure programmatically, often by leveraging automated policies and access controls. In contrast, networking requires frequent human oversight to maintain secure configurations, particularly in environments where cross-region and cross-cloud connectivity is essential.
These factors illustrate why networking remains less automated and programmatic than compute and storage. The current tools available for networking do not fully address the needs of complex, multi-cloud, and hybrid deployments, leaving organizations to rely on manual configurations that limit their ability to innovate and scale.
As organizations increasingly rely on complex, multi-cloud, and hybrid environments, the demand for a programmatic approach to networking has become more urgent. Businesses today need the flexibility to quickly configure, deploy, and scale networks without the operational overhead of manual configurations or vendor-specific limitations. Here are some key reasons why networking should evolve to become as simple and programmable as compute and storage:
1) Streamlined Multi-Cloud and Hybrid Deployments
With a programmatic networking solution, teams could deploy and manage networks across multiple clouds and hybrid environments with ease. Rather than configuring individual components for each provider, a unified system would allow developers and IT managers to define network configurations in a consistent, standardized format. This would enable secure, seamless connectivity across different cloud providers, reducing the complexity and inconsistencies of managing multiple, proprietary network configurations.
2) Reduced Configuration Errors and Enhanced Security
Manual network configurations are prone to human error, leading to security vulnerabilities. A programmatic networking approach would allow teams to use Infrastructure as Code (IaC) principles for network setup, implementing automated checks and standardized configurations. With automated, code-defined configurations, companies could reduce the risk of misconfigurations that expose sensitive data or lead to network breaches. A programmatic approach could provide consistent policy enforcement across all environments, helping organizations better adhere to security standards and compliance requirements.
3) Real-Time Scaling and On-Demand Adjustments
Just as auto-scaling has become a critical feature for compute resources, networking needs similar capabilities to adjust dynamically based on demand. A programmatically controlled network would allow companies to scale bandwidth, manage load balancing, and optimize real-time routing without manual intervention. This real-time flexibility would improve application performance, reduce latency, and ensure that businesses can maintain high service levels during traffic spikes or unexpected demand surges.
4) Simplified Network Management Across Teams
As DevOps practices become more central to IT operations, network management has remained a bottleneck due to its dependence on specialized networking expertise. Organizations could empower developers and DevOps teams to manage networks with greater autonomy and speed by implementing a programmatic networking solution. A centralized, code-driven network approach would simplify collaboration, allowing teams to work together on networking tasks without requiring in-depth knowledge of each provider’s tools and configurations.
The evolution of compute and storage has shown the power of programmatic infrastructure, enabling teams to deploy, scale, and secure resources with a simple command or script. However, networking remains a complex, manual, and often fragmented process that slows innovation and exposes businesses to security risks. Despite the availability of tools like SDN, IaC, and network automation platforms, none have achieved the ease and real-time flexibility organizations now expect from infrastructure.
The question we’re left with is: why hasn’t networking evolved to match compute and storage in programmability? The answer lies in the technical complexities, vendor-specific constraints, and security risks deeply embedded in traditional networking models. Yet, as multi-cloud, hybrid, and interconnected deployments become the new norm, it’s clear that a better approach is needed.
A truly programmatic networking solution would allow organizations to deploy, configure, and manage their networks as easily as they do their compute and storage resources. It would enable real-time scaling, automated policy enforcement, and consistent configurations across all environments. Ultimately, the future of networking should empower organizations to build flexible, secure, and efficient infrastructure without the manual labor and risk of error that today’s methods require. By developing tools that make networking as simple as compute or storage, we can enable the next generation of agile, cloud-native infrastructure.
The networking revolution isn't just possible—it's already beginning. Forward-thinking organizations are already embracing solutions that treat networking as code, eliminating manual checklists and configuration drift. They're discovering that when networks become programmable infrastructure, teams can focus on innovation instead of maintenance.
If you're ready to explore this new paradigm, we invite you to learn more about how noBGP is helping organizations simplify their network operations. The future of networking is programmatic, and it's closer than you might think.
