From Latency to Policy: How the Aviatrix-Wiz Integration Provides Speed and Security

Aviatrix Cloud Networking Heroes labour to keep networks secure, effective, and performant. We’re proud to highlight people who have taught themselves the necessary skills, designed and managed successful networks, and have the expertise to share. In this Cloud Networking Hero guest post, Irwan Prabowo, Director of Information Technology, shares the story of how the Aviatrix and Wiz integration provided his company with a streamlined and scalable cloud network security solution.   

1 | Why multicloud became essential

Not long ago, my company ran every workload in a single public cloud, and life felt simple. Three realities changed the equation: 

1. Regulation tightened. Bank Indonesia released BI SNAP to harden payment APIs, OJK broadened its cyber circulars, and BI SLIK started insisting on on-shore routing, encryption, and a clean audit trail for each credit inquiry. 

2. Zero-patience users appeared. In a usability session, a borrower tapped refresh twice, sighed, and closed the app when a credit check paused, proving latency was now a deal-breaker. 

3. Innovation scattered. Data scientists kept forwarding screenshots of new AI services living in other clouds, and repeated “maybe next quarter” replies were draining morale. 

A teammate joked over coffee, “We need a passport, not a cage.” Multicloud moved from a buzzword to a survival kit. 

2 | Where we stand now

Our core systems run in the Jakarta region and reach the national SLIK gateway through an encrypted private link. When analytics demand spikes, we plan to burst into AWS Asia Pacific, Jakarta Region, as soon as the security fabric is ready. Two tools make that step comfortable:

• Aviatrix Cloud Native Security Fabric provides one encrypted transit layer that behaves the same wherever we land, providing security with consistency 

• Wiz CNAPP offers an agent-free X-ray that shows only risks with real blast radius. 

I call them our lane markings and our high-beams. Together, they let us add clouds without rewiring routes or re-educating auditors.  

3 | A three-layer model that satisfies SLIK

Think of Aviatrix as the expressway, Wiz as the traffic camera with X-ray vision, and native controls as the road signs keeping each lane legal.  

4 | Rollout Snapshot: Wins, warts, and fixes

Users → Edge POP (Jakarta) → Aviatrix Transit →      

└─ Alibaba Cloud Jakarta Region (core)     

└─ Planned AWS ap-southeast-3 (analytics & ML) 

Wins we’ve celebrated: 

• Encryption on day one. Live SLIK calls stayed inside Indonesia and travelled fully encrypted, zero custom patches required. 

• SmartGroups. One policy template protects today’s region and will copy to AWS with one toggle, trimming policy build time about 70 percent. 

• Telemetry clarity. A holiday slowdown traced to upstream IX congestion, not application code, so we tuned peering and skipped a costly refactor. 

Warts and recoveries

Solve a problem once in the fabric instead of many times per cloud.

5 | Cost and talent surprises

• Network spend dropped roughly 15 percent after east-west traffic shifted to Aviatrix peering. 

• Engineer focus improved; the data team handles one Terraform module and ticket volume for template churn fell about 30 percent. 

• SLIK agility rose; when BI released a schema tweak at one a.m., the update reached production before sunrise, nearly twice as fast as previous overnight changes. 

 6 | Audit Day, now a conversation not an ordeal

Auditors open with, “Show the packet path, SLIK included.” Aviatrix streams flow logs tagged by application and cloud, Wiz links each flagged item to its Terraform line. Evidence prep for the last OJK review took under four hours and the meeting ended early. 

7 | Defence in depth, minute-by-minute

1. A borrower taps Apply, starting a credit check. 

2. The packet moves through Aviatrix, encrypted and geo-tagged Indonesia only. 

3. Wiz inspects the flow, finds an outdated library on the API VM tied to a public bucket and raises one critical alert. 

4. The on-call channel receives a concise task list and the fix ships before the shift ends, keeping mean time to recover below the 30-minute target. 

Security noise stays low, and release cadence stays high.  

8 | Four practical next steps

1. Map the flows. Draw a C4 diagram that includes every regulator gateway such as SLIK and SNAP. 

2. Lay the fabric early. Adding clouds is smooth once the overlay exists. Replacing networks later is painful. 

3. Add contextual scanning. A CNAPP like Wiz distils thousands of raw alerts into a shortlist worth fixing. 

4. Automate evidence. Export logs and guardrails from day one so audits become routine copy-and-paste tasks rather than late-night scrambles. 

 9 | Beyond compliance, unlocking product speed

Because packets are already encrypted, logged, and visible, squads experiment faster. Fraud-model workloads burst to AWS without a month-long security queue, marketing pilots spin up edges in hours, and analysts mine anonymised snapshots while staying inside residency lines.

Conversations now start with “How soon can we launch?” instead of “Is this safe?” A backend engineer recently said, “We swapped a cul-de-sac for a toll road,” and nobody disagreed.  

10 | Closing thought: portability equals modern uptime

Regulations shift, latency goals tighten, and pricing curves move. With the Aviatrix Cloud Native Security Fabric as our backbone and Wiz CNAPP as the diagnostic lens, we can add or retire any cloud tomorrow without touching application code. 

Key takeaway: Security is an integral part of architecture, not an add-on. Build the highway once, keep the X-ray active, and each new region feels like a lane change, never a rebuild.   

Read more about how Aviatrix and Wiz unlock cloud network security. 

Check out the Aviatrix State of Cloud Network Security: 2025 report.