AWS Cloud WAN – Utilizing the Capabilities of the AWS Global Network at the Near Edge

 2022-07-01
      No Comments
      Brette Connolly

For relatively simple, static situations like what we’ve described so far, AWS Direct Connect SiteLink is sufficient. But let’s say we want to build a SaaS offering on top of AWS that connects to physical elements at the edge. Some of these are in true data centers, with AWS Direct Connect links set up to their closest region. Others are remote edge locations that are more rugged, or even mobile. We could VPN from those locations to a region, but what if there are hundreds of such things? What if each one is owned by a different customer, and the traffic it sends across our private WAN needs to be compartmentalized from all other subscribers? Automating the provisioning of such a thing by spinning up EC2 instances and overlays could get out of hand pretty quickly.

This is where AWS Cloud WAN can help. Announced in July 2022, it is a service that lets you build, manage, and monitor a unified global network. Policies determine the network configuration and security rules. They can contain a construct called a segment that is isolated from other segments. These could map to each subscriber in the SaaS offering described previously. These policies also determine how these segments interact with VPCs, VPN clients, transit gateways, SD-WAN clients, and so on. Finally, they designate whether peering with other network constructs is allowed and in what manner.

Summary

Throughout this chapter, we dove deep into the unique architecture of the AWS Global Network. We started with foundational pillars such as the Nitro platform, which underpins the network’s stability and performance, to advanced offerings such as Amazon CloudFront and AWS Global Accelerator that improve user experience no matter how far away from a region they are.

We also explored the transformative potential of processing at the near edge, a concept that has become central to modern content delivery and application deployment strategies. With tools such as AWS Lambda@Edge and Amazon CloudFront functions, AWS not only ensures optimal delivery speeds but also offers opportunities for real-time data processing and manipulation, empowering businesses to provide richer, more responsive user experiences. Moreover, by leveraging IP Anycast with AWS Global Accelerator and transforming the AWS infrastructure into a private WAN using offerings such as AWS Direct Connect SiteLink and AWS Cloud WAN, organizations are poised to craft global strategies that meet evolving business demands with agility and scalability.

In essence, the AWS Global Network is more than just a technical infrastructure; it’s a dynamic ecosystem that’s designed to adapt, evolve, and elevate. By fully understanding capabilities, businesses can achieve unparalleled global reach, performance, and resilience, ensuring that they stay ahead in an increasingly interconnected and digital world.

In the next chapter, we will explore patterns and anti-patterns when architecting for disconnected edge scenarios.