Deciding to migrate your enterprise networks to the cloud can be a source of anxiety. After all, you are moving your data from within the comfortable confines of your own offices and data centers and transmitting it across states (and sometimes nations).
It is natural that businesses have sought to maintain a sense of security by using some of the cloud services provided by the big players (Microsoft, Amazon, Google etc.). With Amazon giving enterprises free tier access to their web services (AWS), many businesses – perhaps yours – have begun to dip their toes into the water (if you will excuse the mixed metaphors).
Happy with what they have experienced, the next logical step is AWS Direct Connect. This article looks at what this is and why it might be a good idea. It should also put you in a more informed position when you speak with your VPN or SD-WAN consultants.
AWS Direct Connect Explained
When enterprises initially start using amazon web services they will usually do so over the internet. AWS Direct Connect does what it says on the tin: provides a direct connection between your office premises, data centers or colocation center and AWS. This is a private virtualized network comprising multiple VLANs accessed via the AWS Management Console.
To dig a little bit under the surface requires a basic understanding of how LANs work and what virtualizing them means.
LANs and VLANs operate on what is termed OSI layer two, also known as the data link layer. Learning about the OSI seven layer model is well worth the effort if you want to know what goes on ‘beneath the hood’ of IT communications. However, for the purposes of this article, it will be enough to understand that layer two governs the transmission of data from one physical device to another along a cable.
If you want to really impress with your IT vocabulary, level two deals with the transmission of frames. A frame encapsulates raw data (bits and bytes) in a logical structure that identifies itself to layer 2 devices such as switches and hubs. Once these bits of hardware recognise a frame they will route it according to the instructions programmed into them.
So how do you virtualize a network comprised only of physical hardware and cables? The magic behind VLAN technology is nothing more or less than a logical tagging operation which occurs within a switch. If you will forgive a little extra technical information, a trunk port on a switch has the task of adding the tag to a frame’s header so that a similarly enabled ‘smart switch’ can read the header and correctly route the data at the other end.
The result of this technical wizardry? Multiple virtual networks can all travel along the same physical network without becoming mixed up. And that, in a nutshell, is what AWS Direct Connect does when moving your enterprise traffic to its cloud infrastructure.
Cost and Consistency Benefits of Direct Connect
Amazon probably enticed you to its web services by promising to save you a lot of money. That is why the cloud is so revolutionary: businesses of any shape and size can now use software to access a pool of shared computer resources rather than invest in dedicated hardware and a huge team of IT professionals to manage it all and keep it updated.
AWS Direct Connect can save you even more money because the data transfer costs are less than that levied by your ISP.
By cutting out the middle man, you can also expect a more consistent and reliable service. By connecting to AWS via the internet, you still have data going from point A to point B. However, the internet is similar to the national public road network in that roadworks or accidents might require traffic to be diverted at any point along its route. The process of managing data flow through a constantly shifting landscape is known as traffic engineering and is a complex and unpredictable operation involving multiple actors, each with their own agendas. From a business perspective, this can result in latency or even, in extreme cases, a lost connection.
With AWS Direct Connect you have a privileged place on Amazon’s private VLAN network and each packet of data you transmit will cost you less. Pricing is based on ‘billable port-hours,’ you only pay for what you use and there is no minimum fee.
Other Benefits of AWS Direct Connect
AWS Direct Connect also gives you more control over how your cloud services are configured. For example, you can set up a public IP address for accessing certain services (e.g Amazon S3) and a number of private VPCs for others (e.g. various EC2 instances). The more control you have over your data flow, the less likely it is that it will go missing or get hacked so Direct Connect also makes sense for security reasons.
Another advantage of AWS Direct Connect is real scalability. If you currently access AWS via an internet device you might get a shock if your throughput suddenly increases. Anything over 4 gbps can cause issues with your VPN hardware or ISP. AWS Direct Connect is much more flexible to your expanding business as it can provision you with extra capacity by simply adding more VPN connections, each with data rates of either 1 or 10 gbps.
To summarise, accessing cloud services such as AWS, Microsoft Azure and Google Cloud Platform via the open internet is a great way to get acquainted with this exciting new model of shared computing power. However, using dedicated VPNs such as AWS Direct Connect offers multiple benefits including lower data transfer costs, more control and scalability and enhanced security.
Note: Although this article was written mainly for businesses interested in AWS it is designed to point out the benefits of AWS Direct Connect over accessing AWS via the internet. It is not intended to promote Amazon over competing cloud service providers (e.g. Microsoft Azure) which also have their own direct connect services.
cloud concept -DepositPhotos
