Aviatrix Blog

Enterprise Multi-Cloud Networking

Archive

Aviatrix Blog

Aviatrix CloudWAN

Frictionless Branch Office-to-Cloud Connectivity

The Aviatrix Multi-Cloud Networking Platform provides a frictionless Branch Office-to-Cloud Networking solution, delivering centralized, simple, cloud-based, automated reconfiguration of existing IOS branch routers to securely connect directly to the closest cloud access point. The automated reconfiguration includes IPSec crypto, BGP, intra- and inter-cloud route propagation, and more. CloudWAN will also take advantage of cloud-native anycast IP optimal-path routing features offered by some cloud providers.

As the center of enterprise IT gravity shifts to the cloud, optimal access to applications equals optimal access to cloud. Legacy application traffic patterns were based on WAN architectures and more recently SD-WAN refreshes, both optimized to connect branch offices to centralized data centers as efficiently as possible. However, in the cloud era, neither of these are the most efficient or cost-effective approach. A simpler and more cost optimized approach is to leverage existing branch office routers, without upgrading either hardware or software, to connect to the closest cloud access point and leverage the cloud provider’s global network to reach cloud-based applications and resources.

How does Aviatrix CloudWAN work?
CloudWAN provides centralized, simple, cloud-based, automated reconfiguration of existing IOS branch routers to securely connect directly to the optimal cloud access point.

Key Highlights
Aviatrix CloudWAN is designed to connect and manage branch office IOS routers to the cloud directly and has the following benefits:

  • Centrally managed – Uses a single pane of glass to provision, onboard, and monitor ALL your Cisco IOS routers health and stats.
  • Automation and orchestration – Automates reconfiguration of Cisco IOS branch routers from the cloud. Orchestrates connectivity directly to Aviatrix AVX Service Gateways, AWS Transit Gateways, or Azure Virtual WANs.
  • Low latency – CloudWAN configures existing IOS routers to connect to the nearest cloud edge and routes traffic through the cloud provider to cloud-based applications and resources. When available, CloudWAN will take advantage of cloud-native anycast IP optimal-path routing across the cloud provider infrastructure.
  • Use existing hardware and software – Leverage the investment you have already made in branch office routers to connect to the cloud.
  • Automated router reconfiguration – Supports a range of configuration features such as version control, configuration rollback, diff, BGP routing and IPSec crypto.

Technical Benefits:

  • Auto Provisioning, onboarding and health monitoring of Cisco IOS
  • Highly available; Fault tolerant
  • NAT support to eliminate overlapping CIDRs
  • Configuration management including version control, rollback, and diff
  • Support configuration changes in a scalable way
  • Supports cloud-native anycast IP, when available, for optimal-path routing across the cloud infrastructure
  • NetFlow logging
  • Show command functionality
  • Save multiple IOS copies and restore config

Global Branch Office Connectivity Example:
Scenario: Branch office in Singapore accessing cloud-base application resources in AWS us-west-2.

Without CloudWAN: IPSec WAN/SD-WAN tunnel initiated from Singapore traverses WAN/SD-WAN network, across several hops and carriers, eventually reaching AWS at an access point in Oregon at AWS us-west-2.

Leveraging Aviatrix CloudWAN:
Traffic from Singapore branch office directly connects to AWS cloud in Singapore, takes optimal, single hop route traversing the high-performance AWS backbone infrastructure directly to us-west-2. CloudWAN minimizes both latency and jitter and, in this example, leverages AWS Global Accelerator feature for anycast optimized path routing.

Deployment Architecture
CloudWAN supports the following three types of deployments in the v5.3 release. Azure Virtual WAN will be supported in 5.4 release.

CloudWAN with Aviatrix transit network
CloudWAN will reconfigure branch office routers to connect to Aviatrix Multi-Cloud Transit Network through an Aviatrix AVX Service Gateway as shown in the diagram to the right. This approach provides advanced visibility and control not available when directly connecting to native transit hubs, such as AWS Transit Gateways.

Combined with cloud-native transit hubs
CloudWAN can also deployed as an attachment to native transit hubs such as AWS Transit Gateway or Azure Virtual WAN, where Aviatrix AVX Service Gateways function as the edge to the native transit hub. In this deployment scenario, the customer has visibility for traffic flowing through the AVX service gateways, but loses visibility and control within the cloud network.

Only native transit hub
In this deployment, IPsec tunnels are built directly to the cloud native transit hub, without leveraging Aviatrix AVX Service Gateways. In this scenario, customer have little or no visibility or control and this is not a recommended deployment architecture for enterprise customers.

SUMMARY

CloudWAN provides centralized, simple, cloud-based, automated reconfiguration of any or all your existing IOS branch routers to securely connect directly to the lowest latency cloud access point. An added benefit, CloudWAN can be used to manage your IOS branch office routers, even if you don’t plan to connect the branch office directly to the cloud at this time.

For more details, check out docs.aviatrix.com or connect with our technical solution engineer through aviatrix.com online chat.

DOWNLOAD PDF