Aviatrix Cloud Network Platform Solution Brief v6

One Architecture. One Network. Any Cloud.


The Aviatrix cloud network platform delivers WITH ENTERPRISE VISIBILITY AND CONTROL
the advanced networking, security and As an enterprise IT leader, your organization is driven by business
operational visibility services required by transformation and tasked to accelerate your migration to public cloud.
enterprises, while maintaining the simplicity However, large scale enterprise application or service transformations are
and automation of cloud. not as simple as cloud providers would make it seem. The promise of cloud
is simplicity and automation, but the reality for enterprise IT is much more
Advanced Multi-Cloud Network Transit challenging – shadow IT, cloud and networking skills gaps, limited visibility
Aviatrix software enables enterprise IT to easily and lack of a well architected network design – all contribute to your team’s
deploy a high-availability, multi-cloud network everyday challenges.
data plane with end-to-end and high-
performance encryption, multi-cloud security Aviatrix cloud network platform is a foundation upon which you can regain
domains and operational data IT teams need. visibility and control and shift your focus from managing disparate cloud
Aviatrix transit provides the intelligence to network to controlling a consistent global cloud network that provides
ensure network correctness and the traffic enterprise class networking, security and operational features that are
engineering control network architects are simply not available from any cloud provider.
missing from the basic transit constructs CSPs
deliver. Aviatrix is helping put you and your operations team back in control. Cloud
1.0, driven by automation and infrastructure as code, often went around
Enterprise Class Operational Visibility traditional IT, viewing IT processes, security, compliance as roadblocks to
The Aviatrix platform brings day-two agility and speed. And, according to Gartner, cloud networking has been
operational visibility not available from any “ad-hoc” at best – driven by on-premises solutions lifted and shifted to
cloud provider to help you pinpoint traffic cloud or limited by native cloud services that simply couldn’t meet
anomalies and suspicious behavior, resolve enterprise networking requirements. For Cloud 2.0 and beyond however,
connectivity problems faster, and share you need the network visibility and control you enjoyed on premise, now for
network health metrics and dynamic network your cloud networks. You want day-two operations, visibility, control,
topology maps with staff and management. regulatory compliance and other enterprise IT architectural structures that
make large scale IT environments operational for the long term. But it’s
Multi-Cloud Network Training different, you don’t want to do it the same way, you want it modernized for
Aviatrix offers hands on Aviatrix Certified the cloud and maintain the simplicity and automation cloud offers.
Engineer (ACE) training and certifications to
quickly bring your whole team up to speed on It’s time to take an architectural approach.
native AWS, Azure and GCP networking, multi- As a forward-thinking enterprise cloud network architect, you realize that
cloud reference architectures and the Aviatrix establishing a cloud architecture correctly is critical and the cloud network is
cloud network platform. the foundation. Business decisions will drive network design, so architect for
flexibility. Each cloud provider has unique networking constructs, limitations
“Aviatrix’s cloud network platform intelligently
and architecture. You must decide if you are going to attempt to bridge the
skills gap, hire, train and grow your staff to manage the complexity of
programs the native cloud network constructs
multiple cloud architectures or establish a single, multi-cloud architecture.
and goes well beyond that by adding network
segmentation policies, rich visibility, and Aviatrix cloud networking experts engage directly with enterprise cloud
automation that we require to support our network architects to guide cloud network designs based on a multi-cloud
network architecture and your unique business requirements – resulting in a
customers. Aviatrix makes cloud networking
repeatable network design with consistent operational visibility and security
much easier for us and our customers.” across any cloud. Aviatrix experts have guided hundreds of customers
through this architectural process and bring proven reference designs for
JOHN GOODSON single-cloud, multi-region and multi-cloud network environments.
Figure 1: The Aviatrix cloud network platform brings multi-cloud networking, security, and
operational visibility capabilities that go beyond what any cloud service provider offers.

One Architecture. One Network. Any Cloud. Beyond Orchestration.

The Aviatrix cloud network platform brings multi-cloud Cloud providers will position automation scripts as
networking, security, and operational visibility capabilities orchestration, but orchestration only provides the initial
that go beyond what any cloud service provider offers. deployment of network resources – it doesn’t help you with
Aviatrix software leverages public cloud provider APIs to day-two operations, visibility, network correctness
interact with and directly program native cloud networking verification or troubleshooting that your operations team
constructs, abstracting the unique complexities of each needs to do their jobs effectively.
cloud to form one network data plane, and adds advanced
networking and security features including: Aviatrix multi-cloud operational visibility includes features
such as cloud network flow analysis, geographical source-
• Intelligent Cloud Network Correctness destination heat maps, time series traffic analysis to visually
• Active-Active High-Availability Transit identify flow anomalies, communication path evaluation to
• End-to-End and High-Performance IPSec verify both routing correctness and security configurations
Encryption (wire speed up to 75 Gbps) for application communications and more.
• Single Terraform Provider for Day-One Multi-
Cloud Infrastructure as Code Automation
• Enterprise Class Day-Two Operational Visibility
and Troubleshooting
“I really like the added visibility Aviatrix
Aviatrix customers leverage the capabilities of the Aviatrix brings to my cloud network operations
cloud network platform in many ways. While each team. It’s a great reminder of the visibility
deployment is similar, each is also unique to each
customer’s requirements and network design. Similarities and troubleshooting ability we took for
start with the Aviatrix Controller’s ability to deploy Aviatrix granted when infrastructure was ‘on
networking and security services in a common, repeatable prem,’ now we have even more for our
manner across clouds. Aviatrix Transit offers the same
networking and operational capabilities across all cloud multi-cloud network.”
providers. Security policies for SAML User VPN, site-to-cloud TOBY FOSS
connections and Internet egress, for example, are DIRECTOR OF CLOUD NETWORK OPERATIONS
consistent and centrally managed across your multi-cloud INFORMATICA
network environment.

Multi-Cloud Network Architecture Secure Cloud Ingress and Egress Controls

Aviatrix helps enterprise cloud network architects create a Aviatrix gateways offer both ingress and egress L4 and Fully
multi-cloud network architecture and offers a cloud Qualified Domain Name (FQDN) filtering. Centrally managed
network platform that provides the software and services filter groups ensure consistent multi-cloud security for any
required to plan, deploy and operate a secure enterprise cloud application communicating with Internet-based
multi-cloud network. resources and service.

Centralized Controller Multi-Cloud Network Service Insertion

The Aviatrix controller is the brain of the cloud network Aviatrix Transit provides a secure point of access for
platform. The platform leverages the centralized network and security services such as next-generation
intelligence and knowledge of the controller to dynamically firewalls, IDS/IPS and SD-WAN cloud edge connections.
program both native cloud network constructs and Aviatrix’s Aviatrix gateways provides load balancing to scale out
own advanced services. Our single Terraform provider connected services and ensure redundant and failover high
enables network and security Infrastructure-as-Code availability.
automation across your multi-cloud environment.
Operational Visibility
Network Service Gateways Enterprise network operations teams must have deep
Aviatrix gateways deliver advanced cloud networking and visibility into network activity. Native public cloud networks
security services. Gateways are primarily deployed to deliver are opaque, even basic analytics must be obtained from
transit network and security services such as intelligent multiple sources and require skilled human correlation to
dynamic routing, active-active network high-availability, become actionable. Multi-cloud visibility is simply not
end-to-end and high-performance encryption and collect available from any cloud provider.
operational visibility data, but also for secure network
ingress and egress filtering and external service insertion. Dynamic Network Mapping
Aviatrix leverages the central intelligence and knowledge of
High-Availability Networking the controller to dynamically generate and maintain an
Aviatrix secure network transit is designed with active-active accurate multi-cloud network topology map that includes all
high-availability and redundant pathing. Pairs of Aviatrix network resources and network configurations the
Gateways, deployed in separate availability zones, establish controller is managing. The map includes both native
a full mesh, multi-path connection that maximizes both network resources and Aviatrix secure transit and cloud
throughput performance and network availability. ingress and egress control gateways.

High-Performance Encryption FlowIQ – Intelligence Network Traffic Flow Analytics

Standard IPSec encryption is limited to 1.25 Gbps. Aviatrix’s Aviatrix extracts detailed network traffic flow data from
high-performance encryption distributes processing across Aviatrix Transit infrastructure including source, destination,
multiple cores and aggregates IPSec tunnels to achieve wire port and protocol filtering and combined with additional
speed encryption, up to 75 Gbps. meta data such as latency and tagging to deliver never
before possible multi-cloud flow inspection and global
Multi-Cloud Network Segmentation traffic heat maps.
Some clouds enable the creation of security domains.
Aviatrix extends secure network segmentation beyond More
cloud boundaries, enabling multi-cloud security domains, Additional advanced networking features which are not
with consistent, centrally managed, global network included in this overview include BGP propagation, traffic
segmentation and connection policies. engineering, optimal path routing and more.

Try Aviatrix Today or Schedule an Architectural Review Session

Aviatrix is simple to deploy; our intelligent central controller is launched from cloud provider marketplaces and automates the
deployment of additional network and security services, as required. Most customers launch and begin using Aviatrix services in
an afternoon, easy to try and evaluate. We have experts available to help you.

Contact your Aviatrix account executive or email [email protected] to schedule an architectural overview or design session with
one of our solution architects. Learn about Aviatrix Certified Engineer (ACE) training or for more information go to aviatrix.com.


