VMware Cloud on AWS: Solving the Challenges of Load Balancers, Active Directory & Disaster Recovery

VMware Cloud on AWS is an enterprise-grade platform. Most customers on VMware Cloud on AWS have load balancing, Active Directory, or authentication built heavily into their application stacks. And at the enterprise level, an attack or failure can be harmful to customer data and prevent them from accessing their information for hours or days at a time. 

There are unique requirements for each of these individual services depending on the specific use case of the environment. At Effectual, we gather the necessary information for each service to ensure requirements are met when we migrate our customer workloads. For example, what’s the most efficient way to build load balancing to handle spikes in traffic? How can we transition Active Directory to be more cloud-centric? What areas within disaster recovery is a company overlooking? 

These are important considerations every organization must make on its cloud journey, and if they’re overlooked during migration, they can pose significant challenges. Let’s explore each component more in-depth.

Load Balancers

Load balancing ensures that none of your servers bear the brunt of network traffic alone. Today’s modern applications can’t run without load balancers and advances in security have improved those applications — though they still require attention.

What could go wrong:

  • Surprise hidden costs
    Security on-premises and security on VMware Cloud on AWS are different – a load balancer sitting locally today would be on AWS after migrating. When that traffic leaves the boundaries of VMware Cloud on AWS and goes to AWS native, it introduces a split-cost model. If you’re not keeping track of spend from all sources, you could be surprised by hidden costs.
  • Overspending on licensing fees
    You could also be overspending on licensing fees. In some cases, load balancer and security mechanism licenses can be transferred over so make sure you understand the agreements on each license before moving forward with any migration – then monitor ongoing costs for upgrades.
  • Troubleshooting that costs you time and money
    If your physical hardware, load balancers, or termination points fail, or if your software-based load balancers scale beyond initial capacity, it can cause significant delays and require your team to troubleshoot on the spot. When that troubleshooting leads to hours of manual labor, it impacts your focus, increases costs, and opens the door to potential vulnerabilities. Therefore, if you’ve moved over to a new environment and the functionality isn’t working as desired, it may require a complete reworking.

Benefits of Load Balancers on VMware Cloud on AWS

When we work with customers, we migrate their workloads to VMware Cloud on AWS in a way that minimizes the impact to the underlying workload and their business operations. We can also ensure security with proper firewalling.

In addition, VMware Cloud on AWS forces updates, which mitigates potential vulnerabilities that could impact underlying workloads. While DDoS attacks are common in the world of cybercrime, having modern virtual load balancers, firewalls, and logging can complement a secure, efficient, and cost-effective solution.

Software load balancers with VMware Cloud on AWS are also more flexible and easier to scale. They’re compatible with more environments and can add or drop virtual servers due to demand, offering an automatic response to network traffic changes.

The advanced load balancing of VMware Cloud on AWS has tangible business results, too:

  • 41% less time spent troubleshooting
  • 43% more efficient application delivery controller management, and
  • Zero specialized hardware required

Active Directory Requirements

Active Directory (AD) is typically available for on-premises Microsoft environments, but you can integrate AWS Directory Services with Virtual Machines (VMs) running on VMware Cloud on AWS. Your AD will likely contain users, computers, applications, shared folders, and other objects – all with their unique attributes. 

What could go wrong:

  • The directory can’t read the AD
    Sometimes, a company will replicate an AD from one place and expect it to function in another environment. However, that doesn’t always work — the IP addresses or networking may have changed, so the internals of the AD would also change, depending on where it’s being migrated to. 

    If the directory service can’t read the AD, it will prevent logging on, authentication, and any services dependent on the directory. This can also happen due to software glitches or unwanted changes in the AD schema, either by accident or a malicious internal actor. 

Benefits of Active Directory Requirements on VMware Cloud on AWS

VMware Cloud on AWS helps you avoid these issues by transitioning to a different kind of cloud-based authentication mechanism. You can also extend the AD into the migration location prior to migration, so the VMs or workloads have something to authenticate to when they are migrated.

Using AD on VMware also allows you to synchronize server clocks in all environments. For networks that rely on time-sensitive updates, you can create consistency across your environments 

Disaster Recovery

As much as we’d like to expect perfection, we must be prepared for risks. Even with an operational disaster recovery solution in place, there are still circumstances where it can fail.

What could go wrong:

  • Vulnerable internet-facing assets
    Per the Verizon 2021 Data Breach Investigations Report, the median random organization with an internet presence has 17 internet-facing assets. All of those assets are open to attack, whether they’re human-induced or caused by a natural disaster.
  • Ransomware or other attacks
    Often, the government or a B2B partner will give an automation mandate that says an enterprise must be recoverable in a certain number of hours or else they won’t do business together. However, even without a mandate, an enterprise can be hit by ransomware or another attack. 

  • Troubleshooting that takes focus away from other tasks
    An on-premises solution has an isolated environment for each component. If something goes awry with that workload, it typically requires the brainpower of several people to fix it. If your team is not able to focus on their other tasks, each minute of troubleshooting is another minute where data is vulnerable.
  • Servers that have not been rebooted
    We have seen enterprise customers that haven’t rebooted their servers in three to five years. This represents serious security risks. The Verizon 2021 Data Breach Investigations Report states that 20% of companies that experienced a breach had vulnerabilities dating back to 2010.

Benefits of Disaster Recovery on VMware Cloud on AWS

In the cloud, as with many things, time equals cost. The more automation you can do, the quicker the time to operation. 

The VMware Cloud on AWS platform provides seamless disaster recovery service. It’s very easy to configure and replicate within the AWS realm to test failure and prove time and again that, should something happen to the primary workload, it’s recoverable in a timely manner.

To maximize your benefits, you need proper tuning, best practices, and a thorough understanding of what your workload consumes the most. All these elements are addressed by VMware Cloud on AWS — a hyperconverged platform where storage, networking, and compute are all bundled together. Instead of waiting for a disaster to hit, you can proactively predict failure. If needed, VMware Cloud on AWS simply replaces the node and it’s back to business as usual.

Finally, the platform maintains a 99.9% SLA uptime of its infrastructure and ensures stability and security with forced upgrades that reduce the possibility of an attack.

The value of a developing a single source of truth 

Think about a previous technology role you’ve had. You learned things along the way that were unique to you. Maybe it was a process for running tests, or a method for tagging and categorizing data. Before you left your company, you may have shared some of your experience with your teammates during calls or written some of it down, but chances are you did not transfer much of your knowledge before departing.

This scenario happens regularly. People leave organizations for new opportunities and take their technical knowledge with them. And with how quickly technology changes, even documentation that does exist may become antiquated after a few years.

Our goal is to understand what a company has, how it’s configured, and what actions can be taken against it. We capture all the anomalies and differences from what customers have done manually and replicate in a test environment. As things change, we then update the document.

When you have a single source of truth in place, it not only helps you stay calm if a disaster does occur, it also provides clear guidance across all teams so you can coordinate an immediate and effective response. Overall operations move more smoothly and efficiently, and your team has more time to focus on more improvements within your business.


VMware Cloud on AWS is a powerful platform for addressing challenges with load balancing, Active Directories, and Disaster Recovery. Working with a partner that understands how to utilize and deploy its solutions will make your next cloud project even more successful.

Learn how we can help you Cloud Confidently® with VMware Cloud on AWS.

Hetal Patel is the Senior VMware Technical Lead at Effectual, Inc.