Buyers Guide / Cloud / Networking
Direct Cloud Connectivity Buyer's Guide
For most businesses nowadays, access to cloud storage, cloud computing and software-as-a-service isn’t a “nice-to-have”, it’s a basic necessity. In fact, the cloud market is booming, and is projected to be worth US$947.3 billion by 2026. A pretty huge jump from its current $445.3 billion valuation.
Not at all surprising given that safe data storage is the cornerstone of enterprise networking in light of the cloud. You have to build redundancies into your data environment, set up disaster recovery plans and aim for the fastest, smoothest internet connection possible – all while keeping security in mind. And while many businesses still get by with public internet connections to their public cloud environments, in some cases, sharing bandwidth (and potentially leaking data) just isn’t an option.
That’s where Direct Cloud Connectivity comes in, because, like the name says, it connects your private network directly to your Cloud Service Provider (CSP), meaning that you have your own, dedicated circuit. This provides you with fast, reliable service that keeps your company running like the well-oiled machine it should be.
The thing is, there are a lot of factors to consider when procuring Direct Cloud Connectivity. But don’t worry – we’ve got you covered! To start, let’s delve a little deeper into exactly what Direct Cloud Connectivity is and what it has to offer.
What is Direct Cloud Connectivity?
The essence of Direct Cloud Connectivity lies in how you access your cloud storage and cloud services.
Direct cloud connectivity is a layer 1, dedicated line that directly links your location to your cloud environment(s) in a point to point network topology. Rather than sending your traffic over the public internet to reach your cloud environment, you can utilize this private line to send your traffic directly to its destination.
An important distinction to make is that you can also procure “hosted” direct cloud connectivity within a data center that connects to your cloud environments, for example the Equinix Cloud Exchange. Like all wide area networking technologies, you make compromises when you choose one solution over the other.
This post focuses on layer 1 direct connections and we’ll be covering hosted direct connections in a separate post.
Benefits of Direct Cloud Connectivity
In broad terms, we divide the benefits of direct cloud connections into two categories: increased security and better connection predictability.
Direct connectivity allows you to link to the cloud using a dedicated, non-public network from your office/warehouse/etc. to the cloud. Utilizing a direct cloud connection offers an extra layer of security because you’re bypassing the public internet and moving information directly to and from your provider’s cloud over a private line. With a DCC, you can move things securely across a variety of cloud structures – from public and private clouds to hybrid solutions.
In some cases, this isn’t just a nice to have, it’s a must have for compliance reasons. We discuss a few examples of this in the next section.
Better connection predictability
Another big benefit is connection predictability that comes with direct cloud connections.
Like all private lines, direct cloud connections also provide low latency, less jitter, and minimal packet loss. This means you can expect much more efficient and consistent performance when you’re trying to access services or move data to and from your public cloud environment.
This is incredibly important if your company is a heavy user of data that resides in cloud environments. A predictable connection is one way to bolster your business productivity and avoid employee frustration.
On the other hand, the fact that a direct cloud connection is a single, wired line with a single telecom provider, you are at risk of outages due to the lack of network redundancy and diversity. We discuss this consideration in the “how to procure direct cloud connectivity” section.
Who uses Direct Cloud Connectivity and Why?
So who actually needs and uses direct cloud connectivity? Here’s a few examples:
Any organization that utilizes data heavy workflows in the cloud or relies heavily on the public cloud. I.e. you utilize GSuite for your entire company and want to have faster, more secure access to your files in the Google Cloud.
If a medical practice moves their EMR (Electronic Medical Records) to the cloud, often they use DCC to securely access this without fear of exposing records to the internet. This helps with HIPAA compliance.
Financial institutions that house user data in a cloud instance often utilize this for their regulations. Payment Card Industry Data Security Standard (PCI-DSS) and Financial Industry Regulatory Authority (FINRA) are a couple of examples.
Call centers with high volume VoIP traffic to a single brick and mortar location take advantage of this for the predictable performance aspect. The latency, throughput availability, and resulting Mean Opinion Score (MOS) are critical to crisp clear VoIP communication.
Graphic design studios that save / edit content in the cloud seem to gravitate to this. It enables them to predict the amount of time it will take to download large graphics files, edit, and then save back to their cloud based storage systems.
Miscellaneous companies that are pursuing Service Organization Control 2 (SOC-2) leverage DCC for the security and privacy sections.
Municipalities + Fed / Gov often use DCC when connecting to cloud service providers for the additional security that comes with keeping this data in flight off of the internet.
How to Procure Direct Cloud Connectivity
Alright, now to the “buyers guide” information. How do you go about procuring your direct cloud connectivity?
Here are a few questions you should answer before kicking off the process.
What do you need to scope out?
What are your bandwidth requirements?
Here, you’ll need to consider all of the applications and services your direct cloud connection will be supporting and work out the bandwidth requirements of each. This includes figuring out their data usage across different use cases as well as how their data is being backed up.
The calculus may be different though if you’re only using the public cloud for Disaster Recovery as a Service (DRaaS) because some providers offer the option to pay for a service that only kicks in if the disaster happens and you need it.
Where will you make the connection?
You’ll need to know the address of the point A and point Z locations in order to procure your direct cloud connection. It’s ideal to have your point A and point Z within the same general region for latency purposes - the farther your data has to travel, the longer it will take. This is why most public cloud providers determine their “regions” by latency defined perimeters.
Let’s say point A is your headquarters in Charlotte, North Carolina and your company lives in the AWS cloud. You can access AWS in the United States via their East and West regions. Given the geographic location of Charlotte (southeastern U.S.), it would make the most sense for your “point Z” to be within the AWS East-1 region (in Northern Virginia).
You should have these locations handy before you kick off a direct cloud connection procurement project.
Network Carrier Diversity
You also need to determine what amount of network diversity you need when procuring direct cloud connections.
Whether your building has one or multiple providers that are on-net, it is always worth procuring your direct cloud connection from a new provider that is not already running your network. Building this carrier diversity into your network will help you avoid outages in the event that part of your network is bumped offline.
Say that your direct cloud connection provider has a massive outage, this means that you’ll lose your secure, direct line to your cloud for a period of time, but if your internet connection and WAN at point A is run by a different provider, you’ll still be able to access your public cloud via the public internet.
Say that your point A only has one provider who is on-net, for the sake of carrier diversity it is worth running an RFP to all providers in the area to find out who would be willing to build to your location in order to service your direct cloud connection. This will, of course, take longer than simply procuring your direct cloud connection from your existing provider, but it will result in the benefit of a diverse network.
FWIW - we’ve seen many providers waiving construction fees for new builds if they are servicing a well populated, attractive area. Utilizing a telecom procurement software can help you save loads of time when running the RFP to determine who will build to you in the cheapest, fastest, manner.
Network Geographic Diversity / Redundancy
There are also options for geographic diversity (i.e., more than one route of connection) and redundancy (i.e., more than one fiber line) that can help ensure that your network will keep running even if one circuit fails. Depending on the size of your organization, this could mean setting up multiple direct cloud connections via different data centers, either within a single geographic region or across regions.
If you require redundancy in your direct cloud connectivity, working with a fulsome solution partner who can help you run an RFP for multiple direct cloud connections will be a huge time and likely saver as well.
What are your cost constraints?
The most basic cost consideration here is your bandwidth requirements in terms of how much throughput capacity you want on the direct cloud line as well as how much data you actually move in and out of your public cloud environment.
All else equal, the larger amount of throughput capacity you want on your direct cloud connectivity line, the more expensive that line will cost.
The cost to move data in and out of your public cloud environments - aka the data ingress and egress rates - are different for each cloud provider. Most cloud providers do not charge for ingress (data in) but do charge for egress (outbound data) on a metered basis. The pricing structures vary by provider; we linked to their ingress/egress rates in the “types of direct cloud connections” section below.
Are you connecting to multiple CSPs that need to talk to each other?
If your company is using multi or hybrid cloud environments, things might get a little more complex. Perhaps your company uses both public and private cloud options, or sources Platform as a Service (PaaS) and Software as a Service (SaaS) from different providers but all of these solutions still need to talk to each other. You may even be trying to set up a situation where workloads in different clouds can interact, without the need for traversing the public internet or passing back through a data center or your own infrastructure.
The capabilities needed to support these kinds of workflows do exist, but it’s all pretty new, and it can be tricky to pin down the best options in these cases (seriously, ask us how we know). That said, we do have some experience in this arena here at Lightyear and we’d be happy to talk your ear off about it if you want some advice on how to make this happen.
How quickly do you need the connection?
If you need the direct cloud connection installed in a short time frame, there’s a chance your provider will charge an expedite fee for that service.
Contract length may also affect the price you pay for your direct cloud connection, with many providers willing to offer lower rates for longer-term commitments.
Direct Cloud Connectivity Providers
For some public cloud environments, they publish a “preferred” list of connectivity partners. Here is Amazon Web Services’ (AWS) list of direct connectivity partners - which pretty much includes every telco out there.
When vetting and selecting providers, you should heavily consider the carrier and network diversity points we discussed in the previous section. This is a timely but worthwhile process when procuring connectivity.
Types of Direct Cloud Connections
Each public cloud provider uses a slightly different term for direct connections.
The information below is not meant to sell one public cloud over the other - the public cloud you use will be based on where your data lives and the applications you use. This section is just meant to break down a few nuances of each when connecting directly to their cloud environments (port speeds, ingress and egress fees, etc.)
AWS Direct Connect
Amazon Web Services (AWS) has dubbed their direct connects as simply the “AWS Direct Connect”. Port speed options for the AWS Direct Connects are limited to 1Gbps, 10Gbps and 100Gbps.
AWS Direct connect allows you to transfer data into AWS for free (no ingress fees), but you’re charged per gigabyte for any data you send out of AWS (egress fees), and the costs involved aren’t always as transparent as you might like – meaning that there can be surprise charges attached that you weren’t expecting. You can find more details on AWS’ data transfer fees here.
As previously mentioned, AWS operates in four regions in the U.S.. Your fees will vary based on your region.
Port speed options for the Azure Express Route are limited to 10Gbps and 100Gbps, but with certain setups you are able to select smaller circuit SKUs within your infrastructure. Note that the minimum port speed of 10Gbps is above that of AWS (at 1Gbps), which might make Azure less attractive to those with lower bandwidth requirements.
As with AWS, inbound data is free of charge, whereas outbound is charged according to specific rates based on your Azure Region/Availability Zone.
Google Dedicated Interconnect
Google’s direct cloud connect has been dubbed the Google Dedicated Interconnect.
As with Azure, the Google Dedicated Interconnect port speeds come at 10 Gbps and 100 Gbps.
In line with AWS and Azure, Google does not charge for data ingress but does charge varying rates for data egress.
Google Cloud operates in three regions in the U.S., but unlike AWS and Azure, Google Dedicated Interconnects allow you to access Google’s entire global cloud network by default – rather than having to pay extra for international access.
The Oracle cloud direct connection is called the FastConnect.
FastConnect port sizes come in 1Gbps, 10Gbps, and 100Gbps. FastConnect also offers built-in flexibility to change your port speed as needed. Something that’s a much bigger headache with the other three providers.
Oracle also doesn’t charge ingress fees and appears to offer the most attractive egress rates. With FastConnect, egress charges don’t start until after the monthly limit of 10TB of data egress has been reached.
Alibaba Cloud Express Connect
If you live in Alibaba’s cloud, your direct connection is referred to as the Alibaba Cloud Express Connect.
Alibaba’s Express Connects match the port speed of other offerings up to 100Gbps. The majority of Alibaba’s connection points are available in China; they do have lines to Hong Kong, Singapore and the US as well, but it should be noted that their reach is somewhat limited compared to the other providers discussed so far.
An additional point to consider is that Alibaba offers a lower price point for Express Connect circuits within China, compared to the rates charged outside of the Chinese mainland (for more detail on this see the “billing” section of their documentation here). These factors make Alibaba a great option for companies headquartered in China, but it won’t necessarily be the first choice for those based elsewhere in the world.
Direct Cloud Conclusion
Hopefully after reading through this guide you feel like you have a better understanding of the benefits of direct cloud connectivity, how you go about procuring these services, and the common terms you’ll hear with this solution type.
The cloud landscape is a crowded and ever evolving space, so if you want some advice tailored to your company and situation, feel free to reach out to us and one of our expert team members will be happy to walk you through configuring, procuring and implementing your direct cloud solution.
Want to learn more about how Lightyear can help you?
Let us show you the product and discuss specifics on how it might be helpful.