Next-Gen Transit Network

Simple Transit Networking for AWS VPCs

Transit Networks are the prescribed way to connect VPCs to each other, to on-premises networks and to other public clouds. Aviatrix Next-Gen Transit Network is the leading, validated architecture, enabling cloud engineers to easily build and run global transit networks. The Aviatrix architecture integrates and orchestrates the AWS Transit Gateway (TGW) for AWS VPCs.

Next-Gen Transit Network – Reference Architecture


The Next-Generation Transit Network architecture using Aviatrix Orchestrator enables cloud practitioners to automate the provisioning, security and operations of AWS Transit Gateway

Begin quotationWe’re delighted with Aviatrix’s AVX Orchestrator and its integration with AWS Transit Gateway, to offer customers a software-defined cloud routing approach that can help them further automate and simplify their cloud networking use cases.End quotation

David Brown, AWS VP EC2 Compute & Networking

Why Aviatrix Next-Gen Transit with AWS TGW?

Cloud-like Simplicity

Centralized Controller with workflows for both native AWS services and Aviatrix routing and security. 


10X throughput for IPSec encrypted traffic — available wherever you need it.  

Firewall in the Cloud

Bring your own Firewall architecture without IPSec performance degradation. 

Cloud Network-as-Code

Automate all functions of the Transit Network by using APIs or Terraform with Aviatrix. 


Support AWS, Azure, Google and on premise connectivity using a single console. 

What you should know about AWS TGW.

On-Prem Routes don’t propagate to Spoke VPCs

Aviatrix Orchestrator monitors the on-prem route changes and automatically propagates the changes to spoke VPC route tables.

VPC CIDRs don’t propagate to other Spoke VPCs

Aviatrix dynamically updates all the relevant route tables as per the connection and security policies.

TGW VPN has 100 route limit

Aviatrix overcomes 100 route entry limit by replacing TGW VPN.

Cloud-like Simplicity

Eliminate complexity when networking across VPCs and on-premises environments. The Software-Defined AVX Controller orchestrates all routing and security policies across your VPCs and your AWS Transit Gateway (TGW).

  • Deploy your Transit Network and attach VPCs in minutes with a workflow-based GUI
  • Visualize your global transit network, segmentation policies, TGW route tables and attachments in the dashboard
  • Troubleshoot connectivity between instances in minutes using expert FlightPath tool and diagnostics
  • Pay-as-you go, metered billing that is included in your AWS monthly bill.

Firewall-Ready Security VPCs

Bring your own firewall to the cloud. Pre-integrated with Next-Generation Firewalls to enable inline inspection of VPC traffic to maximize security and performance. With Aviatrix you can:

  • Maximize the firewall performance without IPSec and using SD-routing
  • Manage Palo Alto Networks VM-series route updates, health monitoring and failover using Aviatrix SD-Cloud Routing
  • Leverage decoupled router/firewall architecture to scale out firewalls independently
  • Extend AWS TGW Route Domains to create Aviatrix Security Domains that segment VPC workloads and define connection policies across VPCs (Dev, Prod, Test)

High-Performance Cloud Routing

Stop making trade-offs between security and performance. Aviatrix Next-Generation Transit Network has the native performance of AWS Transit Gateway and InsaneMode™ Encryption where needed.

  • Achieve 10Gbps+ transit network throughput everywhere
  • Easily deploy high-perf encryption over 10Gps Direct Connect
  • Route VPC traffic via the native cloud infrastructure instead of using IPSec tunnels which limit performance
  • AVX InsaneMode™ Encryption delivers up to 10X higher throughput using a single multicore instance instead of multiple, parallel encrypted tunnels or ECMP.

Cloud Network- as-Code

Use Terraform to manage your cloud networking and security. With Aviatrix, you can automate a wider set of routing and security capabilities than just AWS native capabilities. Our APIs automate your AWS, Azure, Google, Palo Alto Firewall resources.

  • Provides VPC level abstraction for architects to implement and manage connectivity and security policies at scale
  • Reduce maintenance complexity of multiple Terraform files for multiple providers. Terraform for the Aviatrix provider is all you need
  • Leverage other cloud automation options such as Python SDK or REST APIs.

Multicloud & Multi-Region Transit Routing

Multicloud and Multi-Region is the new normal. Support your business needs for on-prem and multiple cloud providers. Instead of managing different cloud vendor gateways, Aviatrix Next-Generation Transit Network lets you abstract away the networking differences between AWS, Azure, Google and Private Cloud.

  • Add Direct Connect support for AWS TGW using Aviatrix
  • Add cross region networking with Aviatrix. AWS TGW is a regional service.
  • Support multiple accounts; one console for a single view of your cloud network
  • Handle requirements ranging from simple multicloud peering to complex multicloud transit routing
  • Simplify VPC connectivity to on-premise by automating the connection and monitoring and alerting on an ongoing basis.

Using Aviatrix to Orchestrate AWS Transit Gateway and Build VPC Segmentation

AWS Transit Gateway is a new service to connect VPCs and consolidate edge connections to on-premises networks.

Learn more about AWS Transit Gateway