Every organization is migrating some or all of its business applications to the cloud - for access flexibility, scale, and cost reasons - as fast as possible. But users are still at headquarters, branch offices or at home. Hair-pinning through the corporate data center for security purposes is costly for the organization and sluggish for the end-user experience.
TNSR software provides cost effective speed, security, and scalability for connecting to the cloud, within the cloud, or across clouds.
TNSR software can be deployed on premises, in co-location cages, at dedicated connection points, or within a virtual private cloud - providing businesses with maximum network design flexibility for high-speed secure cloud connectivity.
The two primary paths for connecting premises to the cloud are VPN and dedicated network connection.
An IPsec VPN enables you to create an encrypted connection over the public Internet between your Cloud Service Provider (CSP), e.g., Amazon AWS VPC or Microsoft Azure Virtual Network, and your private IT infrastructure. The VPN connection allows you to extend existing security and management policies straight to your virtual cloud, as if they were running within your own infrastructure.
An IPSec VPN approach is ideal for businesses getting started with a CSP. It is quick and easy to setup. However, since VPN connections utilize the public Internet, end-to-end connection speed can vary.
Dedicated Network Connection
Dedicated network connections bypass the public Internet and establish a secure, dedicated pathway from your premises to a CSP presence in a nearby co-location facility.
Dedicated network connections go by different names, depending on the CSP. The Amazon Web Service solution is known as AWS Direct Connect. The Microsoft Azure solution is known as Azure ExpressRoute. In either case, application traffic can be securely routed to any number of virtual private clouds across all AWS Availability Zones or Azure Regions.
Dedicated network connectivity is ideal for businesses seeking secure, low-latency connectivity into a CSP, and can be less expensive than traditional ISP connections.
TNSR can be deployed in either manner according to customer preference.
As organizations expand their cloud footprint, which includes replicating applications and/or data sets across geographic regions, VPCs require interconnection within a CSP region or across CSP regions (availability zones). A router/IPSec instance wil be required per VPC. While a variety of compute instances are available from each CSP, a given instance will be able to use more or less of its associated NIC bandwidth.
For example, a given CSP compute instance may have a NIC that support speeds up to 5 Gbps, or 25 Gbps. There is no guarantee, however, that the router or IPSec software on that instance is able to perform to a level that can use the NIC at, or near, line rate.
TNSR software uses VPP for its packet processing, and can therefore well outperform alternative cloud router/IPSec solutions. This means that as inter-VPC bandwidth needs increase, TNSR software can service those needs with fewer compute instances - providing for more scalability headroom and lowering secure networking costs.
Many organizations will choose to run their cloud instances across several cloud providers rather than one. The reasons for doing so include regional availability, cost control, and failure protection. TNSR software can be deployed in VPC1/CSP1 and VPC1/CSP2 with a secure VPN tunnel established between the two - enabling cloud to cloud interconnectivity wherever needed.
There’s always something new with open-source, secure networking and TNSR software. Keep up with us by visiting our blog, social communities