Table of Contents
Information technology is currently in the midst of the largest movement in history – Cloud Computing. Cloud delivers flexible infrastructure which is adaptable to ever changing demands of business applications hosted on them along with availability, security, and scalability. Worldwide spending on the cloud has grown to nearly $500 billion in the year 2023. There is a natural shift towards multi-cloud environments to get best of all worlds however, the network has fallen behind in this marathon. The mass shift of applications onto cloud has big implications in terms of networking architecture.
Today we look more in detail about Aviatrix multi-cloud networking solution, its architecture, features and use cases.
What is Aviatrix Multi-Cloud?
Approach to multi-cloud networking involves such multi-cloud network design which provides a common network data and control plane access across networks operationally. Architecture which would be flexible and adaptable irrespective of the underlying cloud technology and provider. Aviatrix Systems was founded in the year 2014 by Sherry Wei and Steve Mullaney. Aviatrix is a hybrid cloud networking and security solution.
Aviatrix is used to build multi-cloud transit networks across public and private clouds with the use of native cloud construct and Aviatrix cloud networking platform. For security it provides Gateway inline L4 stateful firewall, egress security and high-speed secure access to AWS S3.
Challenges of Cloud Networking
Networking in cloud is a complex thing and there are areas which will only grow as time passes:
- Cloud networks (VPC/VNET/VCNs) are many orders in magnitude in terms of quantity then data centres
- Multiple accounts and their ownership are increasing number of cloud networks
- Mission critical applications moving onto cloud, require similar security requirements as of a physical data centre. Cloud security requires below as mandatory requirements:
- Egress to Internet: API access to publicly hosted services by backend applications
- On premises and cloud : moving data between two security zones
- East and West: moving data between cloud networks
- Ingress: Application access over cloud
- Data security: Data encryption during rest and transit
Related: What is Multi-Cloud Security?
Use Cases
Use cases for Aviatrix Multi-Cloud networking are:
- Firewall deployment in cloud in scalable manner
- Cloud to cloud VPNs
- User to cloud VPNs
- Site to cloud VPNs
- Multi-cloud VPNs
- Data center to cloud connectivity
Related: 6 Multi-cloud Architecture Designs for an Effective Cloud Strategy
Features of Aviatrix Multi-Cloud Networking
Aviatrix provides a set of features to enable cloud networking seamlessly as under:
- Abstraction – is to achieve simplicity during the configuration. Abstraction hides layers and layers of complex network protocols, and is use case driven in the presentation layer by combination of several networking features and components. APIs and Terraform templates also get the advantage of abstraction with less management.
- Service Extension – Service integration can be done with a variety of tools such as SumoLogic, Datadog, Splunk, SAML IDPs and Okta and firewall (appliance) deployment.
- Central Management – A single interface to manage all cloud accounts and cloud networks spread across regions and clouds. Zero downtime maintenance and operations with hitless software upgrades
- Flexibility in Consumption – pay-as-you-go model having metered images available on the marketplace of cloud providers. No negotiation of contract and commitment. Turn on / off with a click if you decide not to continue.
Features | AWS | Azure | GCP | OCI | AWS Govcloud | AzureGovCloud |
Launch from market place | Yes | Yes | Yes | Yes | Yes | Yes |
Supports multi-accounts | Yes | Yes | Yes | Yes | Yes | Yes |
Transit network spoke | Yes | Yes | Yes | Yes | Yes | Yes |
Transit Network Edge | Yes | Yes | Yes | Yes | Yes | Yes |
Firewall (Network) | Yes | Yes | Yes | Yes | Yes | Yes |
Transit Gateway Peering | Yes | Yes | Yes | Yes | Yes | Yes |
Native Peering | Yes | Yes | N/A | No | Yes | Yes |
FQDN Egress Control | Yes | Yes | Yes | Yes | Yes | Yes |
Stateful Firewall | Yes | Yes | Yes | Yes | Yes | Yes |
Remote Access User (VPN) | Yes | Yes | Yes | Yes | Yes | Yes |
Site-to-Cloud VPN | Yes | Yes | Yes | Yes | Yes | Yes |
Insane Mode (Encryption) | Yes | Yes | Yes | Yes | Yes | Yes |
Service Integration(Logging) | Yes | Yes | Yes | Yes | Yes | Yes |
FlightPath Expert (Diagnostics) | Yes | Yes | Yes | No | Yes | Yes |
Supports IPv6 | Yes | No | No | No | Yes | Yes |
PrivateS3 (for AWS) | Yes | No | No | No | Yes | Yes |
Security Group Management(Controller) | Yes | Yes | Yes | No | Yes | Yes |
Managed CloudN | Yes | Yes | Yes | Yes | Yes | Yes |