Next-Gen Transit Network

Next-Gen Transit Networking for Azure VNets

Transit Networks are the prescribed way to connect VNets to each other, to on-premises networks and to other public clouds. Aviatrix Next-Gen Transit Network is the validated architecture, enabling cloud engineers to easily build and run global transit networks.

Next-Gen Transit Network – Reference Architecture


The Next-Gen Transit Network architecture using Aviatrix enables cloud practitioners to automate the provisioning, security and operations of Azure VNets


Why Aviatrix Next-Gen Transit on Azure?

Cloud-like Simplicity

Centralized Controller with workflows for both native services and Aviatrix routing and security. 


10X throughput for IPSec encrypted traffic — available wherever you need it.  

Firewall in the Cloud

Bring your own Firewall architecture without IPSec performance degradation. 

Cloud Network-as-Code

Automate all functions of the Transit Network by using APIs or Terraform with Aviatrix. 


Support Azure, AWS, Google and on premise connectivity using a single console. 

What you should know about Azure networking.

Hub & Spoke limited to same region

Aviatrix enables global transit networks across regions.

Two hubs cannot be interconnected

Aviatrix can interconnect multiple transit hubs.

Spoke VNets connecting to the same hub cannot communicate with each other through the hub

Aviatrix allows VNets to communicate with each other through the transit gateway.

No encryption between spokes, hubs, and on-prem

Aviatrix enables full encryption end-to-end without compromising performance.

Cloud-like Simplicity

Eliminate complexity when networking across VNets and on-premises environments. The Software-Defined AVX Controller orchestrates all routing and security policies across your VNets and your multi-cloud environments.

  • Deploy your Transit Network and attach VNets in minutes with a workflow-based GUI
  • Visualize your global transit network, segmentation policies, and route tables in the dashboard
  • Troubleshoot connectivity between instances in minutes using expert FlightPath tool and diagnostics
  • Pay-as-you go, metered billing that is included in your Azure monthly bill.

Firewall-Ready Security VNets

Bring your own firewall to the cloud. Pre-integrated with Next-Generation Firewalls to enable inline inspection of VNet traffic to maximize security and performance. With Aviatrix you can:

  • Maximize the firewall performance
  • Manage Palo Alto Networks VM-series route updates, health monitoring and failover using Aviatrix SD-Cloud Routing
  • Leverage decoupled router/firewall architecture to scale out firewalls independently
  • Extend Azure to create Aviatrix Security Domains that segment VNet workloads and define connection policies across VNets (Dev, Prod, Test)

High-Performance Cloud Routing

Stop making trade-offs between security and performance. Aviatrix Next-Generation Transit Network has provides InsaneMode™ Encryption where needed.

  • Achieve 10Gbps+ transit network throughput everywhere
  • Easily deploy high-perf encryption over 10Gps Direct Connect
  • AVX InsaneMode™ Encryption delivers up to 10X higher throughput using a single multicore instance.

Cloud Network- as-Code

Use Terraform to manage your cloud networking and security. With Aviatrix, you can automate a wider set of routing and security capabilities than just Azure native capabilities. Aviatrix APIs automate your Azure, AWS, Google, Palo Alto Firewall resources.

  • Provides VNet level abstraction for architects to implement and manage connectivity and security policies at scale
  • Reduce maintenance complexity of multiple Terraform files for multiple providers. Terraform for the Aviatrix provider is all you need
  • Leverage other cloud automation options such as Python SDK or REST APIs.

Multicloud & Multi-Region Transit Routing

Multicloud is the new normal. Support your business needs for on-prem and multiple cloud providers. Instead of managing different cloud vendor gateways, Aviatrix Next-Generation Transit Network lets you abstract away the networking differences between Azure, AWS, Google and Private Cloud.

  • Add cross region networking with Aviatrix.
  • Support multiple accounts; one console for a single view of your cloud network
  • Handle requirements ranging from simple multicloud peering to complex multicloud transit routing
  • Simplify VNet connectivity to on-premise by automating the connection and monitoring and alerting on an ongoing basis.

Learn more about Net-Gen Transit for Azure