Using the internet for transport is a great, low-cost option for accessing public cloud services, but it can sometimes fall short in terms of speed, latency, security, and manageability. Fortunately, cloud providers offer unique ways to easily and resiliently connect to their public clouds over private WAN links. In this post, I'll look at direct cloud connectivity options organizations can use with the "big three" cloud service providers: Amazon Web Services, Microsoft Azure, and Google.
AWS Direct Connect
Amazon's service, AWS Direct Connect, establishes a dedicated network link between your corporate office or data center and the closest AWS geographic region. A customer connects to one of the many Direct Connect partner locations, which in turn is directly connected to AWS, providing access to all of the services offered within that specific AWS geographic region. Customers can either keep the link simple or create segmentation using VLANs and standard 802.1q trunking to maintain logical separation between public and private cloud resources.
AWS Direct Connect provides either a 1- or 10-Gbps handoff. Actual port speeds vary from 50 Mbps to 10 Gbps on a single link. Multiple links can be aggregated for higher throughputs. Besides the obvious benefits found in WAN links such as dedicated throughput and low latency/jitter, AWS Direct Connect can lower costs by reducing internet bandwidth, and ultimately what the business needs to pay for. Additionally, transferring data into AWS is free over direct connect links. So, if you have large data sets that need to be moved to the cloud, Direct Connect could save you a bundle.
Microsoft Azure ExpressRoute
Microsoft's direct network connectivity option ExpressRoute allows for the extension of a private network to any of Microsoft's cloud services, including Azure and Office365. This can be useful for companies that heavily rely on one of Microsoft's latency sensitive cloud applications such as Skype for Business or Microsoft Teams.
ExpressRoute is configured using layer 3 routing as opposed to layer 2 switching, which AWS Direct Connect uses. Customers can opt for redundancy by provisioning dual links from their location to two Microsoft Enterprise edge routers (MSEEs) located within a third-party ExpressRoute peering location. The BGP routing protocol is then setup over WAN links to provide redundancy to the cloud. This redundancy is maintained from the peering data center into Microsoft's cloud network, and allows Microsoft to offer a 99.9% uptime SLA, something that AWS does not offer.
Unlike Direct Connect, which provides access only to a single region, a single connection to Microsoft's cloud using ExpressRoute allows for access throughout an entire geopolitical boundary, such as North America. If you require access to regions, this is an added option.
Just like AWS Direct Connect, transferring data into Microsoft's cloud over the WAN connection is free. Data coming out is charged by the gigabyte and the price depends on the region you are located in. There is also a model that allows unlimited data transfers both in and out. From a connectivity perspective, you can choose a dedicated bandwidth link that ranges between 50 Mbps and 10 Gbps.
Google Cloud Dedicated Interconnect
Google’s dedicated connectivity option has recently undergone several feature updates. Cloud Dedicated Interconnect offers similar network connectivity options as AWS and Microsoft and many global locations to link to. One distinct difference, however, is that Google’s service allows customers access to the entire global cloud network by default. It does this by connecting your on-premises network with the Google Cloud using BGP and Google Cloud Routers to provide optimal paths to the different regions of the global cloud infrastructure.
This provides a great deal of flexibility for enterprises that manage globally dispersed cloud assets. It also supplies excellent redundancy backed by Google two SLA tiers. One ensures 99.9% uptime, matching Microsoft’s offering. The second tier promises 99.99% availability, which is certainly attractive for mission-critical applications.
The biggest downside to Google Cloud Dedicated Interconnect is that the minimum bandwidth is 10 Gbps, which can scale to 80 Gbps by combining multiple links. The minimum option is much higher than both AWS and Microsoft Azure, which offer services with speeds as low as 50 Mbps. If you don’t require the high-throughput capabilities of Cloud Dedicated Interconnect, Google says you can opt for its Cloud VPN option with lower-bandwidth tiering. But this route doesn't come with the distinct benefits of the superior Dedicated Interconnect service.