AWS Direct Connect is the onramp and offramp from AWS instances to other clouds.  It provides you various options to connect your dedicated AWS infrastructure to other PaaS, SaaS and IaaS workgroups.  Connecting to AWS Direct Connect is simple, easy and painless and it can be turned on in minutes.  You must fully understand the benefits and costs of your Amazon Direct Connect including Egress charges which many Dev teams are unaware of.  In our prior post on Cloud Connectivity for 2021 we discussed everything from connecting using public Internet to Direct Hosted connections.

 

Virtual Cloud Routing

Connecting to AWS Direct Connect can be a great option for diversity and High Availability (HA) designs between instances.  For example, if you have AWS East and West deployed, using Direct Connect with a Virtual Cloud Router provides an excellent option to deploy Failover options or routing data between the two environments.  Designing with a Virtual Cloud Router, you can deploy BGP over a Software-Defined backbone connection in minutes.  This eliminates the need to contract long-term with a telco carrier and consume bandwidth on demand elastically.

Interested in a Virtual Cloud Routing Design?  Schedule time for a Demo with an Architect.

How much is AWS Direct Cost?

There are two cost elements you must be aware of, AWS Direct Connect Cost and whatever Transport (Hosted, SD, X-Connect, Internet VPN etc).

What is the Best Option to connect with AWS Direct Connect?

The best option is the one for your business!  Each use-case is unique, however here are the common options to Connect to AWS Direct Connect

  1. Public Internet:
  2. Software Defined Virtual Private Circuit
  3. Colocation Providers
  4. Fiber Cross-Connect:
  5. Telco Carriers Cloud Connectivity

This eliminates the need to contract long-term with a telco carrier and consume bandwidth on demand elastically..

Each connectivity option leverages either VPN or AWS Direct Connect and, while both are viable options, you might find that one or both are better for your business requirements.

Connecting to IaaS, PaaS and SaaS providers

AWS-managed VPN

AWS-managed VPN is a hardware IPsec VPN that enables you to create an encrypted connection over the public Internet between your Amazon VPC and your private IT infrastructure. The VPN connection lets you extend your existing security and management policies to your VPC as if they were running within your own infrastructure.

VPN is a great connectivity option for businesses that are just getting started with AWS. It is quick and easy to setup. Keep in mind, however, that VPN connectivity utilizes the public Internet, which can have unpredictable performance and despite being encrypted, can present security concerns.

AWS Direct Connect

AWS Direct Connect bypasses the public Internet and establishes a secure, dedicated connection from your infrastructure into AWS. This dedicated connection occurs over a standard 1 GB or 10 GB Ethernet fiber-optic cable with one end of the cable connected to your router and the other to an AWS Direct Connect router. AWS has established these Direct Connect routers in large colocation facilities across the world, providing access to all AWS regions. With established connectivity via AWS Direct Connect, you can access your Amazon VPC and all AWS services.

AWS Direct Connect is a great option for businesses that are seeking secure, ultra-low latency connectivity into AWS. While provisioning AWS Direct Connect can sometimes be more involved, it is worth it once the connectivity is established the because of the ease of predictable network performance and 60% cost savings.

 

Comparison of AWS AWS-Managed VPN and AWS Direct Connect

AWS-Managed VPN

AWS Direct Connect

Performance

<4 GB per VPC

<1 GB, 1 GB, or 10 GB ports Up to 40 GB with Link Aggregation Group (LAG)

Connectivity

1VPN Connection to VPC

2 port connection to multiple VPCs

Resiliency

1 VPN Connection = 2 VPN tunnels

1 AWS router = redundant connectivity to 1 AWS region

Costs

$0.05 per VPN Connection Hour $0.09 per GB data transfer out

$0.2 to $0.3 per GB data transfer out Port hour fees(varies based on port speed)