Building a Multi-Cloud Strategy with AWS Direct Connect and Azure ExpressRoute
With the growth of public cloud options such as AWS and Azure, more and more businesses are choosing a hybrid cloud and multi-cloud approach to their digital transformation and infrastructure needs. By choosing to place high-security applications into a private cloud and customer facing applications in the public, savvy IT departments are able to optimize their environments without compromising compliance or performance requirements.
But with this strategy comes the need for a reliable, secure connection between the two clouds. Often a VPN of some kind will meet the need but there are many use cases where it is crucial for low latency, highly stable connections.
This is where the AWS Direct Connect and Azure ExpressRoute and options come into play.
Using ExpressRoute or Direct Connect
DirectConnect from AWS and ExpressRoute from Microsoft Azure let you create private connections between the their data centers around the world and your on-premise or hosted infrastructure. These connections do not traverse the public internet, and the setups naturally provide the highest-possible degree of security, as well as lower and more consistent latency then you will experience on a Site-to-Site VPN.
Configuring either of these requires you to work with a partner (such as Level 3) for the private connection to the data center and a vendor to provide the “last mile” of the connection. For instance, we partner with the automation and software defined networking experts at Megaport for connections between our customers’ dedicated and private cloud environments and Amazon and Microsoft data centers. Additionally, HorizonIQ is able to connect into any of Megaport’s 157 points of presence around the globe. Because it’s a month-to-month service, it’s a truly flexible hybrid solution with variety of use cases that go beyond compute – e.g. short term migrations, DDoS mitigation, disaster recovery, etc.
The main benefit of both ExpressRoute and Direct Connect is that a consistent background connection allows your application or environments to talk to one another over a private and secure connection.
Depending on your needs and budget, cost is potentially the only real drawback to both of these. The higher tiers can get very pricey. This becomes even more of a factor if you have services in multiple regions, as you may need to have multiple private connections into your environments.
Consider Your Broader Multi-Cloud Strategy
If the cost consideration doesn’t drive this home on its own, it’s important to note that the hybrid environments enabled by ExpressRoute and Direct Connect are only as strong as your multi-cloud strategy in its entirety. Before you spin up a public cloud instance, make sure you follow a few key rules:
- Design your strategy around the needs of applications & workloads, not cloud platforms.
- Take the time to understand the different payment models available in Azure and AWS.
- Explore feature set availability, specifically which other add-on services like ExpressRoute and Direct Connect you’ll need to add to fully power your public cloud instances.
- Build a plan for ongoing management of multi-cloud platforms — e.g., skills/certs training, hiring a public cloud MSP for AWS or Azure, etc.
At the end of the day, both Azure ExpressRoute and AWS Direct Connect you will need to take some time to carefully consider the needs of your cloud strategy before you make any choices. However, if you do decide you need to utilize one of these services, you can be rest assured you’ll get the most reliable options for connecting public cloud applications to your data center.
Updated: January 2019