Why Software-Defined Cloud Routers Are Replacing vRouters As the Future of Public Cloud Networking

By Sunil Kishen
Vice President of Partnerships and Strategy, Aviatrix
July 24, 2018

Enterprise IT architectures are evolving rapidly, with the public cloud shifting to center stage. Networking—i.e., connecting resources, data, and users with one another, securely and seamlessly—is an increasingly vital foundational building block of the modern enterprise cloud architecture. The problem is that enterprises have been forced to use networking technology adapted from the datacenter era.

In the traditional world of datacenter IT, vendors of networking technologies created a business model that effectively became a ‘conspiracy of complexity,’ in which intentionally hard-to-manage equipment and software kept customers dependent on vendor-certified technology experts who often commanded higher salaries. This approach—vendors creating complexityand customer employees managing complexity—worked well for the decades of datacenter growth.

But such complexity by design does not work in the public cloud era. Due to both their hardware roots and their inherent complexity, these legacy networking routers are unsuited to the software-based, API-driven, everything-as-a-service world of the public cloud.

As public cloud adoption grows in both scale and importance—with all the major cloud providers reporting double- and triple-digit revenue growth and enterprises increasingly moving resources to multiple public clouds—it’s no longer good enough to try making traditional, complex networking a little less complex, or a little more bearable. Instead, it’s time for a networking solution that creates simplicityin the cloud.

It’s time for software-defined (SD) cloud routers.

Why Virtual Routers Fall Short for Public Cloud Networking

Public cloud infrastructure vendors—led by Amazon Web Services (AWS), Microsoft Azure, and Google Cloud—all offer basic networking capabilities to their subscribers. These networking services are largely designed to support basic access to virtual private cloud (VPC) segments. But they are unsuitable or limiting when it comes to securely connecting multiple segments that may be globally distributed within a cloud provider, let alone distributed across multiple clouds and on-premises datacenters. As each of these cloud vendors would agree, networking has not been a primary focus for any of them, because it’s not their primary business.

To overcome the limitations of cloud providers’ network services, networking equipment vendors virtualized their routers and renamed them virtual routers (vRouters)—effectively, instance-based software routers that can be deployed on public cloud compute instances. Their role is to connect an enterprise’s VPCs within the public cloud, as well as connect on-premises and off-premises enterprise entities such as datacenters and branches.

These essentially ‘vanilla’ vRouters are mostly virtualized versions of traditional hardware-based datacenter or legacy campus routers that run on cloud compute instances. These vanilla vRouters are not integrated with the public cloud infrastructure and do not understand the public cloud providers’ ‘underlay’ networking constructs and services. Their inherent complexity means that operating them still requires heavily certified and specialized network engineering expertise—as well as long timelines to set up, change, or maintain even the most rudimentary networking functionality.

As such, vanilla vRouters carry the baggage of legacy capabilities and functions, as well as outdated operational interfaces that do not fit well with the ways and cloud-speed practices of modern cloud networking. All this adds up to an approach that hinders cloud transformation rather than enabling it.

Software-Defined Cloud Routers: Networking Simplicity for the Public Cloud Era

Software-defined (SD) cloud routers introduce a new category of cloud router. Although they fall generally under the cloud router umbrella, they are not adapted from hardware-based networking technology, as vRouters are. Instead, SD cloud routers are purpose-built to be public cloud-aware, to support modern cloud networking, and to be operated by modern cloud and DevOps teams.

SD cloud routers enable enterprises to build public cloud-centric IT architectures, rapidly and easily, while overcoming limitations of the cloud providers’ native network services. This new generation of cloud routers supports the new requirements, use cases, and operational practices that are essential for modern cloud networking.

SD cloud routers have the following key attributes:

  • Simplicity with centralized control via APIs and deep integration with public cloud providers’ native network services and control plane.
  • High degree of automation so that cloud and DevOps teams can implement use case-driven network services themselves, without needing advanced network engineering skills or certifications.
  • Built-in security services and encryption to protect enterprise data and enable enterprises to achieve compliance with security and data privacy regulations.
  • High performance, with wire-speed IPSec on virtual machines.
  • Multicloud capability that spans AWS, Azure, and Google Cloud environments as well as on-premises environments.

Making Cloud Networking as Simple as Compute and Storage

Public cloud IaaS providers have made cloud compute and storage simple and fast. But these providers’ limited networking offerings, combined with the inherent complexity of pre-cloud networking technologies, are hindering enterprises’ full-scale embrace of the public cloud.

The emergence of SD cloud routers—which overcome the limitations of both the public cloud providers’ tools and virtualized routers adapted from hardware-based technologies—opens new possibilities for enterprises that rely increasingly on the public cloud for their core business operations.

SD cloud routers are the natural evolution beyond vRouters. To find out more about how SD cloud routers can make cloud networking as simple as cloud compute and storage, visit the Aviatrix website and read how a leading global marketing company benefitted from replacing its vRouters with an SD cloud routing solution.


Comments are closed for this post.

Latest Posts

Aviatrix Now Provides FIPS 140-2 Validated Encryption
By Sam Ghardashem, June 14, 2019

How Aviatrix’s intelligent orchestration and control eliminates unwanted tradeoffs encountered when deploying Palo Alto Networks VM-Series Firewalls with AWS Transit Gateway
By Sam Ghardashem, June 7, 2019

How to Use Aviatrix SD Cloud Routing to Build Azure Networks
By Karthik Balachandran, March 20, 2019

The Cloud in 2019 and Beyond: More of the Same, Only Better
By Steven Mih, December 6, 2018

Understanding AWS VPC Egress Filtering Methods
By Khash Nakhostin, November 14, 2018

Top Tags

Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FireNetAviatrix Firewall Network ServiceAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS Transit Gateway (TGW)AWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud Gatewaycloud governanceCloud MigrationCloud NetworkingCloudOpsCSRDevOpsEgress TrafficElon MuskEnterprise Strategy Group (ESG)FIPS 140-2GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNext Generation Firewalls (NGFW)NiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPCI CompliancePci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSafeLogicSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSquidSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringUse Casesvalidated encryptionVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVMwareVNet ConnectivityVPCVPC PeeringVPN