bizibly

Multi-Cloud Connectivity

Make Multi-Cloud
Connectivity
Fast and Easy

Connect to IaaS/PaaS/SaaS in hours
with no CAPEX to manage

Aryaka’s fully managed multi-cloud connectivity solution provides a fast and cost-effective means for connecting to the most widely used IaaS or SaaS providers. Aryaka’s solution is built from 4 main components: the Aryaka Network Access Point (ANAP), our global private network of 30+ PoPs, the MyAryaka reporting and configuration portal, and direct routes to leading IaaS and SaaS providers.

Contact Us

Enterprises are in the midst of a major Information Technology (IT) transformation driven by innovations like cloud, virtualization and Internet of Things (IoT). As an increasing number of applications and workloads migrate to the cloud, enterprises are faced with the challenge of upgrading their wide area networks (WAN). Today, most enterprises depend on MPLS routers for their WAN, a technology that was first introduced in the 1990s. Legacy MPLS networks are woefully inadequate in dealing with the sheer volume and variety of traffic that traverses modern enterprise networks. A badly designed WAN can degrade the performance of cloud-based applications and adversely affect the end user experience.

Aryaka’s cloud connectivity solution caters to the needs of both IaaS as well as SaaS rollouts. While IaaS connectivity is addressed using private connections (i.e. AWS Direct Connect, Azure ExpressRoute) or IPSec tunnels, SaaS connectivity and application performance is addressed using Aryaka’s unique Virtual Office (VO) solution.

A VO is just what it implies. Instead of a physical site, it is virtual, handing off traffic from the Aryaka PoP to the nearest SaaS entry point. The customer’s SaaS traffic thus traverses the Aryaka backbone from the edge to a SaaS co-location point, ensuring application performance.

Multi-Cloud Resources

AWS
Azure
Oracle

How We Differ

In contrast to the Aryaka solution, traditional connectivity solutions rely on either IPSec through the Internet or private MPLS links, neither of which address the cloud connectivity challenge. Issues with these approaches are detailed in the Aryaka Blog here.

Cloud connectivity via IPSec and MPLS
IaaS and SaaS connectivity

ARYAKA MULTI-CLOUD CONNECTIVITY ARCHITECTURE

Aryaka’s fully managed multi-cloud connectivity solution provides a fast and cost-effective means for connecting to the most widely used IaaS or SaaS providers. Aryaka’s solution is built from 4 main components: the Aryaka Network Access Point (ANAP), our global private network of 30+ PoPs, the MyAryaka reporting and configuration portal, and direct routes to leading IaaS and SaaS providers.

ANAP

ANAP

The Aryaka Network Access Point (ANAP) is a cloud-managed and provisioned device.

Private Network

Private Network

Private Layer 2 links from top service providers worldwide, connecting 30 PoPs located on 6 continents.

MyAryaka

MyAryaka

Self-service customer and partner portal for centralized configuration, management and reporting.

Direct Connectivity

Direct Connectivity

Direct connectivity to leading IaaS/PaaS providers and co-located access to SaaS providers.

ARYAKA – CLOUD CONNECTIVITY USE CASES

Aryaka’s cloud connectivity solution can be used in a variety of deployment scenarios be it IaaS connectivity, SaaS connectivity and application performance acceleration, multi-cloud connectivity etc.

Aryaka as Virtual Firewall for Cloud Services

USE CASE 1
BRANCH OR DATA CENTER TO CLOUD

Private direct connection is Aryaka’s recommended solution for connecting branch offices to applications hosted on Amazon Web Services (AWS), Microsoft Azure or Oracle Cloud.

BRANCH OR DATA CENTER TO CLOUD

This solution creates an easy way to connect directly to and between all the cloud resources, without MPLS, complicated appliances, or the need for peering. Using these direct connections, Aryaka links branch offices to AWS’s VPCs or Azure’s VNETs in a full mesh technology. In most locations, Aryaka offers a 10G dedicated link to AWS and Azure. In addition, the solution offers flexible bandwidth capacity for up to 300 Mbps per customer. A private direct connection enables employees to access applications in 30 milliseconds, securely, from anywhere in the world.

This architecture leverages cloud solutions including AWS Direct Connect, Microsoft ExpressRoute and Oracle’s FastConnect.

AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or colocation environment, which in most cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections. The Aryaka service also eliminates the requirement to build this capability on your own.

Microsoft’s ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider, such as the Aryaka core. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure, Office 365, and Dynamics 365.

Oracle’s FastConnect is a network connectivity alternative to using the public internet for connecting your network with Oracle Cloud Infrastructure and other Oracle Cloud services. FastConnect provides an easy, elastic, and economical way to create a dedicated and private connection with higher bandwidth options, and a more reliable and consistent networking experience when compared to internet-based connections.

USE CASE 2
BRANCH OR DATA CENTER TO CLOUD OVER IPSEC

Aryaka has built private direct connections to Azure and AWS in over 10 regions, covering the most important geographies. However, in locations where a private direct connection is not feasible, Aryaka provides cloud connectivity through IPsec tunnels to AWS or Azure. Further, static or BGP peering is added to route traffic between the branches/DCs and the AWS VPC.

BRANCH OR DATA CENTER TO CLOUD OVER IPSEC

Aryaka’s network connects all the branches using a single IPSec tunnel going from the PoP to the cloud provider’s VPC. This architecture is far superior to the traditional SD-WAN architecture, where a single VPC has a number of IPSec tunnels to connect the branches. Advantages of this solution include better reliability and a smaller Round trip time (RTT).

USE CASE 3
MULTI-CLOUD CONNECTIVITY

For most organizations, a multi-cloud architecture is a practical reality. In some cases, multi-cloud may be a conscious risk mitigation strategy to avert commercial, technical or operational reliance on one IaaS service provider, while in other cases it may be a transient migration strategy as they move from one cloud service provider to another. In either case, multi-cloud connectivity is a necessity. Current approaches for multi-cloud connectivity are inefficient as they require traffic to be backhauled across the entire enterprise network.

MULTI-CLOUD CONNECTIVITY

Aryaka with its PoP architecture simplifies multi-cloud connectivity. The PoP closest to the IaaS location acts as the transit point for the inter-cloud traffic by providing an efficient alternative to traditional solutions.

USE CASE 4
VPC TO VPC INTRA-REGION USING DIRECT CONNECTION AND ARYAKA PoP

It is common for customers to provision logically isolated virtual networks to host their AWS resources. Such customers tend to create multiple VPCs within the same region or in different regions. Aryaka VPC to VPC connectivity is useful for customers who require multiple VPCs for security, billing, regulatory, or other purposes, and want to integrate AWS resources between their VPCs more easily. More often than not, these different VPCs need to communicate privately and securely with one another for sharing data or applications.

VPC TO VPC INTRA-REGION

Traditional solutions for this connectivity has relied on partially meshed or fully meshed (VPC Peering). The drawback with these solutions is that these peering connections often require modifications to the associated VPCs’ route tables and, as the number of VPCs grows, this can be difficult to maintain. Furthermore, there is a limitation of a maximum of 125 peering connections per VPC.

peering connections per VPC

In Aryaka’s intra-regional VPC to VPC connectivity solution, the PoP acts as the inter VPC router, greatly simplifying the architecture. With this solution a BGP session is created between Aryaka PoP and AWS, a VLAN is then created for each customer VPC. Each VLAN then corresponds to a single VPC. The customer requires no Aryaka software within their VPCs.

USE CASE 5
VPC TO VPC INTER REGION USING DIRECT CONNECTION AND ARYAKA PoP

Aryaka VPC to VPC inter-region connectivity is useful for customers who require multiple VPCs for security, billing, regulatory, or other purposes, and want to integrate AWS resources between their VPCs more easily. More often than not, these different VPCs need to communicate privately and securely with one another for sharing data or applications.

VPC TO VPC INTER REGION

This solution leverages Aryaka’s multi-regional PoP architecture to simplify connectivity. Traffic goes from VPC1 via direct connect to Aryaka PoPx(region X) and further across Aryaka core network to the other Aryaka PoPy(region Y). Finally the traffic is routed from Aryaka PoPy to VPC2. As with the previous use case, the customer requires no Aryaka software within their VPCs.

USE CASE 6
CONNECTIVITY TO SAAS

Connectivity to SaaS applications like Office 365, Salesforce or Webex is a challenge. Traditional connectivity solutions for accessing SaaS applications depend upon the public internet, which is unreliable or slow, especially across regions. Even private MPLS networks cannot solve this problem as they are incapable of traffic segmentation based on the application type.

A public ‘Virtual Office; (VO) is Aryaka’s solution for improving the performance of cloud-based office applications that are commonly accessed over the internet. A VO is a virtual router with stateful firewall capability and public IP address integrated within an Aryaka PoP. It also provides multi-segment TCP optimization to reduce RTT.

VPC TO VPC INTER REGION

The solution leverages the power of Aryaka PoPs, by configuring them as VO. Two VO instance are created per customer running in active / standby mode. These VOs act as an exit point from Aryaka PoP to the cloud application, breaking out the traffic from the secure Aryaka backbone.

The VOs are at close proximity and act as clients to Microsoft, Webex, Salesforce or other application data centers. End users are connected into Aryaka’s network via an IPSec-edge tunnel to the PoP that is located closest to them. The private network allows the enterprise to bypass the congestion and packet loss associated with an unreliable public Internet. Further, the built-in WAN optimization minimizes the latency that is experienced by global end-users. This ensures a more consistent and reliable application performance, as well as guaranteed throughput and availability.

ARYAKA – CLOUD CONNECTIVITY USE CASES

Aryaka’s cloud connectivity solution can be used in a variety of deployment scenarios be it IaaS connectivity, SaaS connectivity and application performance acceleration, multi-cloud connectivity etc.

Aryaka as Virtual Firewall for Cloud Services

USE CASE 1
BRANCH OR DATA CENTER TO CLOUD

Private direct connection is Aryaka’s recommended solution for connecting branch offices to applications hosted on Amazon Web Services (AWS), Microsoft Azure or Oracle Cloud...

USE CASE 2
BRANCH OR DATA CENTER TO CLOUD OVER IPSEC

Aryaka has built private direct connections to Azure and AWS in over 10 regions, covering the most important geographies. However, in locations where a private direct connection is not feasible...

×

USE CASE 1
BRANCH OR DATA CENTER TO CLOUD

Private direct connection is Aryaka’s recommended solution for connecting branch offices to applications hosted on Amazon Web Services (AWS), Microsoft Azure or Oracle Cloud.

BRANCH OR DATA CENTER TO CLOUD

This solution creates an easy way to connect directly to and between all the cloud resources, without MPLS, complicated appliances, or the need for peering. Using these direct connections, Aryaka links branch offices to AWS’s VPCs or Azure’s VNETs in a full mesh technology. In most locations, Aryaka offers a 10G dedicated link to AWS and Azure. In addition, the solution offers flexible bandwidth capacity for up to 300 Mbps per customer. A private direct connection enables employees to access applications in 30 milliseconds, securely, from anywhere in the world.

This architecture leverages cloud solutions including AWS Direct Connect, Microsoft ExpressRoute and Oracle’s FastConnect.

AWS Direct Connect is a cloud service solution that makes it easy to establish a dedicated network connection from your premises to AWS. Using AWS Direct Connect, you can establish private connectivity between AWS and your data center, office, or colocation environment, which in most cases can reduce your network costs, increase bandwidth throughput, and provide a more consistent network experience than Internet-based connections. The Aryaka service also eliminates the requirement to build this capability on your own.

Microsoft’s ExpressRoute lets you extend your on-premises networks into the Microsoft cloud over a private connection facilitated by a connectivity provider, such as the Aryaka core. With ExpressRoute, you can establish connections to Microsoft cloud services, such as Microsoft Azure, Office 365, and Dynamics 365.

Oracle’s FastConnect is a network connectivity alternative to using the public internet for connecting your network with Oracle Cloud Infrastructure and other Oracle Cloud services. FastConnect provides an easy, elastic, and economical way to create a dedicated and private connection with higher bandwidth options, and a more reliable and consistent networking experience when compared to internet-based connections.

×

USE CASE 2
BRANCH OR DATA CENTER TO CLOUD OVER IPSEC

Aryaka has built private direct connections to Azure and AWS in over 10 regions, covering the most important geographies. However, in locations where a private direct connection is not feasible, Aryaka provides cloud connectivity through IPsec tunnels to AWS or Azure. Further, static or BGP peering is added to route traffic between the branches/DCs and the AWS VPC.

BRANCH OR DATA CENTER TO CLOUD OVER IPSEC

Aryaka’s network connects all the branches using a single IPSec tunnel going from the PoP to the cloud provider’s VPC. This architecture is far superior to the traditional SD-WAN architecture, where a single VPC has a number of IPSec tunnels to connect the branches. Advantages of this solution include better reliability and a smaller Round trip time (RTT).

USE CASE 3
MULTI-CLOUD CONNECTIVITY

For most organizations, a multi-cloud architecture is a practical reality. In some cases, multi-cloud may be a conscious risk mitigation strategy to avert commercial, technical or operational reliance on one IaaS service provider...

USE CASE 4
VPC TO VPC INTRA-REGION USING DIRECT CONNECTION AND ARYAKA PoP

It is common for customers to provision logically isolated virtual networks to host their AWS resources. Such customers tend to create multiple VPCs within the same region or in different...

×

USE CASE 3
MULTI-CLOUD CONNECTIVITY

For most organizations, a multi-cloud architecture is a practical reality. In some cases, multi-cloud may be a conscious risk mitigation strategy to avert commercial, technical or operational reliance on one IaaS service provider, while in other cases it may be a transient migration strategy as they move from one cloud service provider to another. In either case, multi-cloud connectivity is a necessity. Current approaches for multi-cloud connectivity are inefficient as they require traffic to be backhauled across the entire enterprise network.

MULTI-CLOUD CONNECTIVITY

Aryaka with its PoP architecture simplifies multi-cloud connectivity. The PoP closest to the IaaS location acts as the transit point for the inter-cloud traffic by providing an efficient alternative to traditional solutions.

×

USE CASE 4
VPC TO VPC INTRA-REGION USING DIRECT CONNECTION AND ARYAKA PoP

It is common for customers to provision logically isolated virtual networks to host their AWS resources. Such customers tend to create multiple VPCs within the same region or in different regions. Aryaka VPC to VPC connectivity is useful for customers who require multiple VPCs for security, billing, regulatory, or other purposes, and want to integrate AWS resources between their VPCs more easily. More often than not, these different VPCs need to communicate privately and securely with one another for sharing data or applications.

VPC TO VPC INTRA-REGION

Traditional solutions for this connectivity has relied on partially meshed or fully meshed (VPC Peering). The drawback with these solutions is that these peering connections often require modifications to the associated VPCs’ route tables and, as the number of VPCs grows, this can be difficult to maintain. Furthermore, there is a limitation of a maximum of 125 peering connections per VPC.

peering connections per VPC

In Aryaka’s intra-regional VPC to VPC connectivity solution, the PoP acts as the inter VPC router, greatly simplifying the architecture. With this solution a BGP session is created between Aryaka PoP and AWS, a VLAN is then created for each customer VPC. Each VLAN then corresponds to a single VPC. The customer requires no Aryaka software within their VPCs.

USE CASE 5
VPC TO VPC INTER REGION USING DIRECT CONNECTION AND ARYAKA PoP

Aryaka VPC to VPC inter-region connectivity is useful for customers who require multiple VPCs for security, billing, regulatory, or other purposes, and want to integrate AWS resources...

USE CASE 6
CONNECTIVITY TO SAAS

Connectivity to SaaS applications like Office 365, Salesforce or Webex is a challenge. Traditional connectivity solution for accessing SaaS applications depend upon the public internet, which is unreliable or slow, especially across regions.Even private MPLS networks cannot solve this problem...

×

USE CASE 5
VPC TO VPC INTER REGION USING DIRECT CONNECTION AND ARYAKA PoP

Aryaka VPC to VPC inter-region connectivity is useful for customers who require multiple VPCs for security, billing, regulatory, or other purposes, and want to integrate AWS resources between their VPCs more easily. More often than not, these different VPCs need to communicate privately and securely with one another for sharing data or applications.

VPC TO VPC INTER REGION

This solution leverages Aryaka’s multi-regional PoP architecture to simplify connectivity. Traffic goes from VPC1 via direct connect to Aryaka PoPx (region X) and further across Aryaka core network to the other Aryaka PoPy (region Y). Finally the traffic is routed from Aryaka PoPy to VPC2. As with the previous use case, the customer requires no Aryaka software within their VPCs.

×

USE CASE 6
CONNECTIVITY TO SAAS

Connectivity to SaaS applications like Office 365, Salesforce or Webex is a challenge. Traditional connectivity solutions for accessing SaaS applications depend upon the public internet, which is unreliable or slow, especially across regions. Even private MPLS networks cannot solve this problem as they are incapable of traffic segmentation based on the application type.

A public ‘Virtual Office; (VO) is Aryaka’s solution for improving the performance of cloud-based office applications that are commonly accessed over the internet. A VO is a virtual router with stateful firewall capability and public IP address integrated within an Aryaka PoP. It also provides multi-segment TCP optimization to reduce RTT.

VPC TO VPC INTER REGION

The solution leverages the power of Aryaka PoPs, by configuring them as VO. Two VO instance are created per customer running in active / standby mode. These VOs act as an exit point from Aryaka PoP to the cloud application, breaking out the traffic from the secure Aryaka backbone.

The VOs are at close proximity and act as clients to Microsoft, Webex, Salesforce or other application data centers. End users are connected into Aryaka’s network via an IPSec-edge tunnel to the PoP that is located closest to them. The private network allows the enterprise to bypass the congestion and packet loss associated with an unreliable public Internet. Further, the built-in WAN optimization minimizes the latency that is experienced by global end-users. This ensures a more consistent and reliable application performance, as well as guaranteed throughput and availability.

SUMMARY

Cloud connectivity is an important challenge that organizations must overcome for a successful cloud transformation. Ignoring this aspect of cloud transformation can adversely affect application performance and therefore end user experience.

Aryaka’s fully managed SD-WAN service simplifies the cloud connectivity challenge by leveraging the of its global layer 2 PoP network, fully-featured SD-Branch hardware (ANAPs), the MyAryaka self-serve portal, and direct routes to leading IaaS providers.

Internet MPLS DIY
SD-WAN
Aryaka
Managed
SD-WAN
Global Private Network
Over 99.99% Availability
Quality of Service
Built in WAN optimization
Application Performance
Single Day Deployment
Instant Bandwidth Scaling

As an SD-WAN offering Aryaka offers better reliability and QoS compared to the public internet, while it is more flexible than private MPLS networks. However, Aryaka’s real advantage lies in combining fully managed services with leading SD-WAN technology and a private Layer 2 network with presence in over 30 locations worldwide.