Is Azure Virtual WAN or AWS Transit Gateway the Right Connectivity Service to Upgrade Your Networking Infrastructure?

I've met with numerous organizations recently considering cloud networking solutions to replace their existing traditional WAN and MPLS networks and reduce costs.

In general, organizations that already leverage a cloud service provider (CSP) do save money with a solution like Azure VWAN or Transit Gateway. Cloud networking provides a capable alternative to transit data across the world in a relatively cheap manner, while offering a robust selection of connectivity options.

If you want to centralize connectivity to SD-WAN, VPN, and Private Circuits, then you should absolutely consider a look at Azure VWAN or Transit Gateway.

Azure VWAN and Transit Gateway are both managed routers that simplify connectivity. They're roughly equivalent to one another in function, with some small differences.

Each device allows you to use the backbone network of the CSP. What this means for you is typically lower latency and less hops than traversing the public internet, as well as the obvious privacy advantage. You can still use BGP to create mesh networks over multiple regions all over the world, but without managing the physical infrastructure.

A common use case I see is multi-national organizations that want to connect to a COLO in one region, and then extend access to that data elsewhere while leveraging the cloud for at least some of their workloads. They often have other branch locations, and already have an SD-WAN vendor of choice they use to extend connectivity in-region.

This is an excellent use case for VWAN or Transit Gateway. The flexible connectivity you can achieve with them suits organizations with complex network architectures. On top of that, both pair well with almost any major connectivity vendor you can think of.

Another benefit is that you can easily nest your Network Virtual Appliances (NVAs) near them, enabling centralized inspection architectures for better ingress access control and inspection. Azure VWAN has unique options for different vendors that support both SD-WAN and NVA functionality. Similarly, Transit Gateway is highly modular and you can plug and play with almost any vendor.

Yet another reason to use them is intra-cloud and inter-cloud communication. Extending your footprint within a CSP or to other CSPs can be done fairly easily from these devices.

For inter-cloud communications, I highly recommend leveraging. a COLO service like Megaport or Equinix to route between private circuits within the same region. This is almost always lower latency. Otherwise, an SD-WAN option might be preferred. Last but not least, VPN gateways can be used too.

For intra-cloud, you can use both VWAN and Transit Gateway as hubs to connect your spoke workloads to, and provide a common backbone architecture. They are both high availability by default and provide an immense amount of available bandwidth to support.

You don't need to be a huge multi-national organization to yield the benefits of using either of these services. Even for a simple multi-region setup with some hybrid requirements, it would still make sense to consider them.

If you're evaluating a network modernization and haven't considered these, please check them out. If you're on the fence, make sure to do a TCO of what it would cost using the pricing calculators for either CSP and do a comparison. I think you'll find them capable and at a great price point for your consideration.