What You Can Learn From AWS re:Invent 2021
AWS re:Invent 2021 last week featured a slew of announcements. Here are some key highlights and what they mean to you.
AWS re:Invent 2021 was a hybrid affair – a part-virtual and part in-person event that saw a return to live attendance in Las Vegas to the tune of 20,000 attendees. It was great to see colleagues and customers in real life for the first time in nearly two years, at an event featuring many exciting sessions and new service announcements by AWS.
Given the number of networking-related announcements during re:Invent, it’s fair to say that there is a significant emphasis on new and innovative ways to simplify and optimize enterprise customer networking and connectivity to AWS.
Let’s look at a few of the highlights from AWS re:Invent 2021 and what they mean for Megaport customers and partners.
Smaller form factors for AWS Outposts
After teasing the concept in 2020, AWS announced the availability of two new AWS Outposts form factors. Previously available as a 42U rack only, the new offerings include much smaller 1RU and 2RU appliances equipped with varying configurations of CPU, memory, and storage onboard.
The lighter Outposts footprint will more readily deploy to smaller enterprise branch locations, which may be constrained by space or facilities limitations while needing proximity and low-latency access to scalable compute and storage resources.
Like the original version of Outposts, each of the new platform options will be equipped to connect to an AWS Region via the public internet, or via an AWS Direct Connect. Since high performance, low latency, data residency, and regulation compliance usually drive the enterprise use case for Outposts, Direct Connect for Region connectivity will often be a consideration. Similarly, as smaller branch Outposts locations need Region connectivity, SD-WAN technologies can solve last-mile connection needs.
Megaport Virtual Edge (MVE) can serve as an aggregation point for multiple Outposts fleet deployments to streamline AWS Region connectivity. This solution also enables private interconnection by allowing an SD-WAN appliance to connect to a local Megaport private edge network, delivering Outposts data across AWS Direct Connect. No matter how you choose to connect, the new Outposts form factors promise to solve for a much broader range of use cases between edge and core AWS services.
With AWS SiteLink, AWS can now offer greater flexibility with new options for private network connectivity. Before, private networking in wide area networking (WAN) was more or less limited to private network access to a region and VPCs; now, AWS SiteLink allows enterprise Direct Connect customers to achieve site-to-site private networking between customer site, branch, and HQ locations – a true private WAN connection for site-to-site connectivity.
In a bid for flexibility, SiteLink service is offered without long-term contract commitments via a pay-as-you-go model. This has the potential to be highly disruptive and innovative in the context of traditional carrier WAN service offerings.
A key aspect of the new SiteLink offering is that site-to-site private traffic will no longer be required to transit AWS Region VPC resources, nor will it be necessary to configure, deploy, and manage a Transit Gateway. With SiteLink, the setup and configuration is dramatically simplified as customer traffic will bypass Region resources and traverse only through the configured and peered Direct Connect service locations. Customers may connect to any of the 108 Direct Connect locations across 32 countries globally. Customers can now use Megaport’s global purpose-built SDN platform to connect into AWS Direct Connect locations with SiteLink and choose which workloads to deploy on-demand, with private connections between any enabled Megaport Data Centers worldwide for primary and secondary use cases.
And AWS has given the enterprise another compelling new Direct Connect feature in addition to low latency and high performance access to VPCs – customers can now add private site-to-site networking to the value proposition for Direct Connect adoption.
AWS Cloud WAN
Currently in preview status, AWS announced a managed WAN service branded as AWS Cloud WAN. Available on a global scale, the new offering aims to simplify AWS connectivity for enterprise head offices, data center, and branch office locations. AWS Cloud WAN supports VPN, SD-WAN, and fixed line access. Note that during the preview period, AWS Direct Connect and AWS Transit Gateway aren’t supported access methods for AWS Cloud WAN, but these options are planned.
Among key benefits outlined by AWS is global configuration, control, and visibility. A single Core Network Policy (CNP) can be established and deployed network-wide from a single configuration interface; and via the AWS Network Manager, a customer can view and monitor network topologies and events in a centralized dashboard view.
Prior to Cloud WAN, customers could still build their own global networks by peering with multiple AWS Transit Gateways across multiple regions and customer premise locations; this requires the customer to manage their own peering & routing configurations. Cloud WAN is positioned specifically in this space as a managed service, and promises to streamline the global interconnect of Region VPCs and on-premise locations with automation, network segmentation, and configuration management features. Implemented from a centralized Core Network Policy (CNP), automation allows for definition of rules for things like access control and routing between subnets, while the automation handles the configuration details.
A stated goal of AWS Cloud WAN is to remove complexity and simplify access to AWS cloud with interworking between VPCs and regions. Similarly, our own Megaport NaaS solution is designed from the ground up to streamline cloud connectivity into AWS and enable the purchase, configuration, and management of AWS Direct Connect solutions from an intuitive customer self-service portal.
While in Preview status, AWS has enabled Cloud WAN support in 10 global Regions – US East (N. Virginia), US West (N. California), Africa (Cape Town), Asia Pacific (Mumbai), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), Europe (Ireland), Europe (Frankfurt), and South America (São Paulo).
Transit Gateway support for Intra-Region Peering
Transit Gateway (TGW) was initially deployed for peering of gateways in different AWS regions. In practice, customers began to deploy multiple TGWs within a single region, often segmented by different administration domains. In order to share routes between the TGWs, a customer has traditionally been required to build a bridge or transit VPC to interconnect the different TGW instances. The new Intra-Region peering offering eliminates this need for the transit VPC and streamlines the solution in a more native peer-to-peer approach.
TGW peering in a single region streamlines connectivity for a number of use cases, where separate administration domains are useful or required. Large enterprise networks often have multiple and various administrator roles and teams to account for. Customers might also want to connect their TGW to a third-party partner with a TGW domain in the same region – perhaps an ISV or MSP also running a TGW in that region.
For users who are already familiar with TGW inter-region peering, intra-region peering works exactly the same way – the only difference is that the peered TGWs may exist within the same AWS Region.
With so many great product and feature announcements during AWS re:Invent 2021, we look forward to supporting our customers and partners with these new connectivity solutions as they enable better ways to use AWS.
Keep up to date on Megaport in the news by following us on social media at: