The network is a crucial part of any cloud application and is particularly important when that application extends across a cloud provider's regional boundaries. Early AWS customers found it difficult to maintain predictable network operations due to issues with routing and traffic spikes over the public internetand poor cloud connectivity affected overall application performance and replication latency.
AWS responded to such challenges with various options for consistent cloud connectivity. Internally, AWS couples regions with redundant 100 Gigabit Ethernet network links -- a private, high-bandwidth network between AWS regions -- to make operations more predictable and controllable. Users that want to build AWS multiregion deployments can run their applications on this network and take advantage of the benefits without any additional expenses.
However, users that have high traffic demands, such as the need to move large amounts of data to or from a cloud provider, may still experience latency and disruptions from ordinary public internet activity. To work around this, consider dedicated cloud connectivity options.
Virtual private networks (VPNs) are still routinely used to establish secure connections between an Amazon Virtual Private Cloud (VPC) and remote networks. AWS supports managed VPNs, as well as AWS VPN CloudHub, to connect multiple remote networks and third-party software VPNs that run in AWS EC2 instances.
AWS users can also employ AWS Direct Connect to create a dedicated private connection between a remote network, such as a corporate data center, and an Amazon VPC. This high-bandwidth connection bypasses the public internet and can alleviate many of the traffic and latency issues that stem from public internet performance.
AWS Direct Connect requires the intervention of a telecom provider to establish a dedicated circuit between the local network and a suitable AWS regional facility. AWS Direct Connect and VPNs can be combined to create a high-speed, encrypted connection between a local data center or other remote network and an Amazon VPC.