As organizations shift to the cloud, they’ll eventually be weighing the pros and cons of whether a direct connection to cloud services is the way to go or an Internet connection will suffice. We’d argue that not only is a direct-connect solution like Microsoft Azure ExpressRoute worthwhile, but it’s also essential for greater performance, security, predictability and cost savings.
Azure ExpressRoute allows enterprises to access Microsoft cloud services (i.e., Azure or Office 365) over a dedicated, private connection rather than over the public Internet. The benefits of ExpressRoute connections to the enterprise include greater reliability, faster speeds, lower latencies and higher security than typical connections over the Internet.
Equinix has been an Azure ExpressRoute partner since 2014 and offers direct connection to Microsoft Azure ExpressRoute and Office 365 in 15 markets globally via the Equinix Cloud Exchange. In addition, Nimbo, Equinix’s professional services company specializing in end-to-end hybrid cloud solutions for enterprises, is Microsoft’s recommended U.S. systems integrator for ExpressRoute.
Based on our firsthand experience working with Microsoft and its customers, we’ve seen the following benefits to the enterprise when using ExpressRoute to interconnect with Microsoft cloud services.
By replacing a “best effort” network such as the public Internet with a direct peering connection, you gain consistency in throughput and performance. Low latency can be achieved by replacing long-haul MPLS connections with shorter-distance direct connects that are geographically dispersed and in proximity to larger numbers of users worldwide, typically via colocation and interconnection providers such as Equinix.
In addition, the typical throughput decrease (packets per second) for encrypted VPN traffic can be up to 15% due to its inherent inefficiencies while transporting the data via IPsec tunneling. A test performed by Equinix transferring a 1GB file using Azure ExpressRoute (41 seconds), versus the Internet using the IPsec protocol (93 seconds), showed a file transfer was more than twice as fast using a secure, direct Azure ExpressRoute connection.
Security and Risk Mitigation
Even if data is encrypted, the public Internet’s attack surface is just too infinite. A recent Symantec Internet Threat Security report showed that in 2014, data breaches were up 23%. Using private connectivity totally avoids this risk and allows organizations to better control security policies for sensitive data and mission-critical workloads. A direct connect solution may not be applicable where high levels of security are not required (Web browsing, social media, etc.), so in those cases, the public Internet would suffice.
Predictable Service While Controlling Costs
One concern for enterprises using the public Internet as a network backbone is its unreliability due to heavy congestion and outages. IT managers have no control over the routes when data traverses the Internet. If there is heavy congestion that is not properly managed, the resulting service degradation and outages quickly translate into lost revenue.
Direct connections give enterprises greater network flexibility and control and a choice of network providers and routing policies. Connectivity to cloud services becomes a seamless extension of the enterprise network, and you can automatically apply traffic management and security policies that you can control based on your workloads.
By segmenting sensitive or mission-critical workloads to private connections that are proximate to network providers and cloud services, enterprises can often realize savings in network bandwidth and use more cost-effective, local network providers or network peering. This brings their network costs down over long distances and dramatically improves the quality of experience for their users at the same time. Using Azure ExpressRoute with Equinix’s Performance Hub and Cloud Exchange, enterprises can also easily and cost-effectively replicate access to Azure and Office 365 services worldwide in any of our more than 100 global data centers.
As today’s enterprises compare the benefits of Internet-reliant connectivity to private connection solutions such as Azure ExpressRoute, they are seeing more and more business scenarios requiring the fast, secure and predictable performance that only direct connection can provide.