Weighing up the essentials of low latency, high throughput, traffic intensive gateway solutions with Alibaba Cloud’s world-class, cloud networking products and services.
As cloud technology becomes universally established, Alibaba Cloud focuses on advancing and evolving its core product range. Alibaba Cloud’s commitment to continuous development and improvement enhances the power and potential of all Alibaba Cloud product areas.
Striding relentlessly alongside its stateside cousins, when it comes to market share across cloud services, Alibaba Cloud is already biting the big boys’ heels, reporting the third highest global market share in areas like infrastructure as a service (IaaS) and cloud database management.[i] In February 2020, Alibaba Cloud’s parent company, Alibaba Group, released its quarterly earnings report reporting robust growth overall,[ii] with Alibaba Cloud revenue growing 62% to 1.5 billion.[iii]
The last quarter of the year is always significant as Alibaba Cloud’s infrastructure alone hosts the mega ecommerce sale 11:11 which dwarfs Black Friday.[iv] The extraordinary growth of last year’s 11:11 Global Shopping Festival generated the first billion USD in just 68 seconds.[v] This scale of data transfer is difficult to imagine but was reported as around 554,000 orders per second.
Data volumes like this demand specialist network management services that can guarantee low latency, high throughput, and zero downtimes. To support the sheer volume of 11:11 orders, Alibaba Cloud relies on its backbone of advanced cloud networking infrastructure products and services. In all networks, the weakest links in the chain are the ingress and egress points at the edges of disparate networks, the virtual private network (VPN) configurations that route traffic to and from Alibaba Cloud Virtual Private Clouds, managed and external on-premise data centers, business networks, the public cloud, and the Internet.
In this blog, we’ll look at two of Alibaba Cloud’s VPN gateway solutions: the cloud networking stalwart, Alibaba Cloud’s VPN Gateway, and the end-to-end solution, Alibaba Cloud’s Smart Access Gateway for those needing an out-of-the-box enterprise-level service.
The bread and butter of cloud network infrastructures, a VPN Gateway is an essential for connecting secure private networks to the public Internet where data is exposed and vulnerable to cyberattacks. VPN Gateway technology manages encrypted connection tunnels between VPCs and external private networks to ensure data confidentiality, integrity, and authenticity.
Alibaba Cloud’s VPN Gateway is a trusted component of Alibaba Cloud’s network infrastructure. Encrypting data over IPsec for site-to-site communication, and over SSL for remote access to private networks, Alibaba Cloud’s VPN Gateway is secure and reliable. It can also be used alongside other Alibaba Cloud network products, such as the Cloud Enterprise Network (CEN) and Express Connect, to connect Alibaba Cloud VPCs to external customers.[vi] Alibaba Cloud’s VPN Gateway guarantees high security, high availability, low cost, and ease of use.
So, what can it do? Let’s look at some Alibaba Cloud VPN Gateway product scenarios. First, let’s use a VPN Gateway to securely connect a VPC with an on-premise data center.
We can use VPN Gateways to connect two or more Alibaba Cloud VPCs.
It is also possible to connect multiple sites in different regions. This provides network relief at peak traffic times and cross-region communication that reduces high latency.[vii]
You can use Alibaba Cloud VPN Gateways to manage remote access to your network using the SSL option.
There is no limit to device compatibility or protocol choice either, and you can configure the VPN Gateway to support a mix of SSL and IPsec.
VPN Gateway can connect to external cloud service providers and so avoids vendor lock in.[viii], [ix], [x]
The Alibaba Cloud VPN Gateway manages network routing for enormous levels of Internet traffic. To reassure customers, Alibaba Cloud offers SLA commitments unrivaled in the cloud networking industry.[xi]
Currently there are some small limitations of VPN Gateway. For example, you can have no more than 10 IPsec connections per gateway, and no more than 100 customer gateways in a region, and only 1 SSL server associated to a VPN Gateway.[xii] There are also some latency limits when connecting to an on-premises data center.[xiii]
If you need more stronger guarantees and less manual set up, Alibaba Cloud has many plug-and-play network gateway solutions on offer. Enter the Alibaba Cloud Smart Access Gateway.
Smart Access Gateway
With the goal of simplifying and streamlining its cloud networking services, Alibaba Cloud unveiled the Smart Access Gateway in May 2019.[xiv] Alibaba Cloud’s Smart Access Gateway services can be used for the same scenarios as the Alibaba Cloud VPN Gateway. However, Smart Access Gateway is more powerful, more flexible, and more reliable. It is also cheaper at similar scales and needs little manual set up.
The Smart Access Gateway offers three product choices.[xv] First up is a client software application that is suitable for mobile office and remote connectivity.
Next, the SAG-100WM is a desktop hardware device for on-premise interconnection and cloud access. It is ideal for small to medium sized enterprises.
Lastly, the SAG-1000 is the Smart Access Gateway for large enterprises which need fast and reliable communication between local data centers, main business networks, and on-cloud data centers.[xvi]
Alibaba Cloud Smart Access Gateway guarantees minimal manual set up, seamless cloud-network integration (CNI), VPN tunnel self-negotiation, auto-scaling, real-time monitoring, adaptive routing, and centralized control.
The reliability spec is audacious with device-level disaster tolerance, dual machine master/backup, link-level disaster tolerance, 4G backup, leased-line disaster level tolerance, leased-line backup, and auto-switching. The security spec is similarly awesome with no IP exposure, centralized security, data encryption, anti-replay attacks, anti-tampering, and data source authentication.
All this comes out of the box and needs no configuration or O&M. The Smart Access Gateway compares well against the VPN Gateway in all scenarios. The only better option would be a dedicated leased-line which outperform in all categories except setup, cost, and management which are orders of magnitude higher than the Smart Access Gateway.
How does Smart Access Gateway stack up against VPN Gateway?
There are certainly fewer limitations when using Smart Access Gateway.[xvii]
Two other mainstays of the Alibaba Cloud networking product range are Express Connect and Cloud Enterprise Network (CEN), both of which improve upon the VPN Gateway component and the Smart Access Gateway hardware capabilities.
In Part Two of this blog, we will take a closer look at Alibaba Cloud’s Express Connect and CEN products and look at the benefits and limitations of these network services for your cloud-based business. Stay tuned.