Navigating the New Networking Landscape In the Era of Public Cloud Computing

By Frank Cabri
Vice President of Marketing, Aviatrix
September 7, 2018

The cloud is a new and different playground. Every network architect is now a cloud architect, and every network engineer is now a cloud engineer.

—Sherry Wei, Founder and CTO, Aviatrix

These days, each cloud industry event includes announcements of new cloud networking capabilities. This constant change makes it difficult to keep track of who’s doing what.

As the pioneer of a networking architecture purpose-built for the cloud, Aviatrix has a unique perspective on the various solutions and options available for networking to, from, within, and among various cloud and hybrid cloud environments.

Here’s our first attempt at laying out the networking landscape as it is today and how various vendors fit into it:


At the bottom of the Network Landscape 2018 topology diagram sit all the familiar, traditional on-premises networking vendors, including those with wide-area network/Multiprotocol Label Switching (WAN/MPLS), data center networking, co-located, and corporate virtual private network (VPN) offerings. These vendors serve the traditional networking needs of data centers, branches, remote users, and smart edge and Internet of Things (IoT) networking.

Providing hybrid connectivity between the on-prem resources and the public cloud are vendors with software-defined WAN (SD-WAN), user-to-cloud VPN, and private-circuit offerings. Note that the Aviatrix cloud networking solution provides hybrid cloud connectivity—i.e., between on-premises sites and public cloud environments and for securing remote user access to the cloud—that overlaps with much of what SD-WAN and cloud VPN solutions provide.

Connectivity within and between public cloud environments of Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform is delivered by cloud routers. Making sure that outbound network traffic leaving a virtual private cloud (VPC) in the public cloud is headed for an authorized destination is handled by cloud egress security vendors.

Aviatrix plays an important role in both these public cloud networking categories. At Aviatrix, we believe these will be large markets and that networking in the cloud era needs to shed its complex on-premises roots.

Where Software-Defined Cloud Routers Fit in the Networking Landscape

Within the broader networking category of cloud routers, Aviatrix has established a new product category: software-defined (SD) cloud routers.

Why is this new class of products necessary? The answer lies in the expectations, skill sets, and scale associated with the adoption of public cloud.

Expectationsfor public clouds are sky high. Because it takes only minutes to spin up a VPC, the expectation is that connecting VPCs to on-premises resources or other cloud providers should be just as fast. In reality, using traditional networking technologies, it can take weeks to see those connection requests move through a change control process.

There’s an important skills setdeficit in the public cloud when it comes to networking. Cloud teams are the ones tasked with setting up VPCs, but they are often responsible for many cloud services rather than siloed to a specific area and rarely have the deep networking skills required to set up and manage virtual routers (vRouters) between VPCs and on-premises resources. Sufficiently skilled networking experts are hard to find.

For most organizations, the number of VPC networks within the public cloud will soon scaleto outnumber their combined data center and branch networks. VPCs are essentially the new micro data centers, yet their growth is organic rather than methodically planned. Teams get their own VPCs. Projects get their own VPCs. The sheer scale of networks being created creates massive challenges for the cloud and network engineering communities. Some estimates from AWS executives predict four-fold VPC growth over the next few years.

None of these challenges are addressed by existing categories of providers.The major public cloud infrastructure vendors offer only basic networking capabilities to their subscribers. They have known limitations when it comes to networking and security which are well documented. And traditional networking vendors have largely approached cloud networking by creating virtualized versions of their hardware-based data center or legacy campus routers and renaming them vRouters.

Unfortunately, neither public cloud vendors’ limited networking capabilities nor vRouters can keep pace with the ways and cloud speed of modern and rapidly evolving public cloud networking. As a result, organizations are hindered from reaping the full benefits of their public cloud operations.

Aviatrix’s SD cloud routers are purpose-built for public cloud environments and to support modern cloud networking. They aren’t modified forms of legacy hardware-based networking equipment, making them fundamentally different enough from vRouters to warrant their own classification.

To address the issues of public cloud adoption, Aviatrix SD cloud routers:

  • Help meet the high expectationsof the public cloud by providing rapid, centralized, point-and-click control over the setup and management of connections to and between essentially any number of VPCs.
  • Address the skill setdeficit by dramatically lowering the bar on the networking skill sets required to implement and operate cloud routing.
  • Scalewith ease to support as many VPCs as an enterprise can deploy.

Digging Deeper

Feel free to print out this infographic—it’s designed to print nicely in landscape mode—share it, and comment on it.

To learn more about SD cloud routers:


Comments are closed for this post.

Latest Posts

Aviatrix Now Provides FIPS 140-2 Validated Encryption
By Sam Ghardashem, June 14, 2019

How Aviatrix’s intelligent orchestration and control eliminates unwanted tradeoffs encountered when deploying Palo Alto Networks VM-Series Firewalls with AWS Transit Gateway
By Sam Ghardashem, June 7, 2019

How to Use Aviatrix SD Cloud Routing to Build Azure Networks
By Karthik Balachandran, March 20, 2019

The Cloud in 2019 and Beyond: More of the Same, Only Better
By Steven Mih, December 6, 2018

Understanding AWS VPC Egress Filtering Methods
By Khash Nakhostin, November 14, 2018

Top Tags

Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FireNetAviatrix Firewall Network ServiceAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS Transit Gateway (TGW)AWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud Gatewaycloud governanceCloud MigrationCloud NetworkingCloudOpsCSRDevOpsEgress TrafficElon MuskEnterprise Strategy Group (ESG)FIPS 140-2GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNext Generation Firewalls (NGFW)NiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPCI CompliancePci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSafeLogicSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSquidSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringUse Casesvalidated encryptionVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVMwareVNet ConnectivityVPCVPC PeeringVPN