Building your Cybersecurity or SD WAN vendor shortlist? Try our online quick assessments for recommendations.

How does SD WAN access AWS, Azure and Google?

How does SD WAN access AWS, Azure and Google?

Compare the SD WAN & SASE / SSE Cybersecurity market across 150 providers and vendors now

  • Compare DIY or fully managed solutions for your business
  • Learn why each solution is a match for your business
  • Used by companies including CDC, Permira, Square Enix, British Legion and more

Get Started

The deployment of public cloud is one of the key drivers behind SD WAN adoption, the ability to access resources with agility and next-generation Firewall security is one of the top consideration areas when entering into Software WAN comparison.

With this said, the SD WAN vendor market place offers varying approaches to their support of cloud environments which typically encompasses access to AWS (Amazon Web Services), Microsoft Azure and Google. While SD WAN solutions are adopting cloud path selection as one of their top features, the capability across all products is variable and should be carefully considered.

We are approaching an interesting time in the evolution of networking as we become ever more reliant on the cloud. In many ways, this last statement may sound like old news. But, as the capability of cloud becomes ever more virtualised, you may be forgiven for asking why the major cloud solution providers do not offer their own variant of SD WAN?

AWS Transit gateway is a relatively new product which is focused on  optimization between users and their cloud applications. In fact, AWS is capable of not only connecting users to their resources but also to your branch-sites. The theory is that any branch-office connects to AWS at the nearest node and then transits the AWS infrastructure toward the destination, whether this is another branch-office or application data resource. If the Enterprise exists in a cloud-first world, why not make offerings from AWS the very basis of your WAN? Do we even need a WAN edge vendor?

The objective of any businesses, which has adopted a cloud service architecture, is to get their users connecting as efficiently as possible. Once connected to the nearest cloud node, some form of high speed backbone best serves the traffic on a global basis. And this is how companies such as Amazon are evolving; they are expanding delivery of their own backbone network between their global data centers. Which is why we all start wondering what will happen if Amazon gains traction with their transit gateway capability? Will your business buy your WAN link from the local ISP or single backbone provider and let the cloud service provider connect your office to their resources.

The reality is that the overall Amazon as a WAN service proposition is still not as robust or comprehensive as leading SD WAN vendors. With this said, the next few years will see their product mature.

How does MPLS WAN transport fit in with Enterprise network cloud access?

We witnessed (or rather, are witnessing) the demise of MPLS because of the restrictive nature of the topology. In the pre-SD WAN age, when the Enterprise connected their HQ and branch office to regional data center locations, MPLS represented a good traditional WAN option to deliver predictable connectivity.

Alongside MPLS, many believed that cloud architecture was nothing more than removing on-site resources to the nearest data center location. Once out of the branch-office or HQ environment, the applications and data were essentially migrated to an early version of cloud-based WAN architecture.

As customer networks expanded, the issues relating to early cloud access were further compounded by in-efficient access to the data center resources which impacted network performance. There’s a lack of agility as users began to work away from the office or within locations which were not ideally located for the regional data center. In short, network intelligence did not exist to optimize cloud access.

And while SD WAN services build on the cloud model by leveraging the public Internet - where most of our applications reside - the architecture can sometimes look similar to hub and spoke MPLS service provider deployments depending on capability. 

I don't believe MPLS is well placed to offer branch-office connectivity even with end to end QoS and robust Service Level Agreements. The technology is simply too restrictive.

What are the latest cloud-based SD WAN solutions?

If we are removing MPLS and accept all of our data and applications reside in the cloud, we begin to remove the concept of any physical location. After all, you don't really consider where your data is stored across iCloud, OneDrive or Dropbox. As with all business requirements, this does not preclude an organization from building their own private cloud solution where required or even connecting sites into an MPLS provider.

To ensure our users are efficiently accessing their resources via distributed network access, there are several SD WAN features to compare. The first and perhaps foremost feature is cloud path selection which works by ensuring the users access to cloud resources is sent across an optimized network route.

While there are many SD WAN vendors offering path selection, there is a need to understand how their solution is building on the Software capability to sense network conditions on an end to end basis. The importance of ensuring your WAN connections are designed to optimize traffic is critical to making the most of your next-generation WAN, i.e. reacting to network traffic packet loss, low bandwidth or high latency and jitter.

With the ability to sense optimal routes, traffic issues and so on, connecting to the cloud resource becomes a decision which occurs at a user level before making the connection. In the days of MPLS, the connection to your data center provider was enough to meet the demands of user application traffic. Whereas SD WAN, and the evolution of working practices, means the cloud resource must be available and close to the user wherever they are connecting across the world.

Alongside path optimization, multiple connections can be leveraged using WAN links for added diversity. In some instances, the failover path quality could be based on lower-quality circuits to meet budget demands.

How is global cloud based resource access visualised?

Software WAN network consoles display data on the transit gateways across their supported cloud providers. With this data, clients and devices are positioned to connect users to the nearest node automatically. Once connected, the SD WAN backbone begins to optimize the route to wherever the resource or data is located. As with branch-offices, HQ and data centre locations, the cloud also needs to be viewed from a single pane of glass perspective. When cloud application performance is degraded, monitoring should flag the issue with SD WAN selecting an alternative path. With the right data, cloud access can be controlled easily via management.

Further reading

What is SaaS?

What is PaaS?

What is IaaS?

Visit the Netify SASE Cybersecurity and SD WAN marketplace.

Get the data points you need to help with your SASE Cybersecurity and SD WAN decision making process.

Learn More

Suggested Posts

SD WAN Buyers Mindmap

Download the SD WAN Buyers Mind Map Feature Comparison Guide

Download the at-a-glance A3 PDF SD WAN Buyers Mindmap. Everything an IT decision making team need to consider when comparing vendors and managed service providers.

SD WAN Buyers Mind Map 2023

Your Mindmap is sent immediately. Complete the following information - check your junk folder if you do not receive the content within 2 minutes.

Download now

Compare solutions over MS Teams

Schedule your FREE SD WAN & SASE Cybersecurity IT buyers strategy session

If your business is looking to compare and evaluate SD WAN & SASE/SSE Cybersecurity, one of our experts will discuss your goals and review Gartner leaders, niche players and startups. (Includes DIY & Fully Managed services)

Please provide the following information and one of our North American or UK consultants will reach out to you soon.

Request session

Compare the SD WAN & SASE/SSE Market

The most successful Enterprises use free Netify comparison tools

Our free comparison tools have helped CDC, Permira, Square Enix, and British Legion —plus many smaller companies across North America and the UK (including Global locations).

Learn More

SD WAN & SASE/SSE Marketplace

Discover the provider and vendor research you need

Discover over 150  SD WAN & SASE/SSE service providers and vendors using the Netify Marketplace. Request sales PDF documents, get your local contact or book a demo.

Visit Marketplace

Medivet, CDC Global, British Legion, Permira & Tilney used the Playbook.

Download the SD WAN & SASE Cybersecurity Playbook

A comparison of SD WAN vendors & providers distilled into one page. WIth the key features you should consider.

Download our latest guides to SD WAN and SASE (Secure Access Service Edge) Cybersecurity with our IT Managers Mind Map checklist.

Download now

Subscribe to Notifications

Explore Topics

Popular Article Topics

Find articles and helpful resources about any of the following:

The Netify Learning Center

Learn more about comparison of SD WAN and SASE Cybersecurity with the Netify Learning Center.

See All Articles

Close popup
Close popup

Download our at-a-glance Mind Map which details the features, vendors and managed providers YOU MUST consider when comparing SD WAN & SASE Cyberscurity solutions.


Download the SD WAN Buyers Mind Map. If you are comparing SD WAN vendors or managed providers, use this stunning at-a-glance guide with solution comparison and feature cheat sheet checklist.

Download the SD WAN Buyers Mind Map. If you are comparing SD WAN vendors or managed providers, use this stunning at-a-glance guide with solution comparison and feature cheat sheet checklist.
If you enjoyed this preview, please enter your business email address and we'll email you a link.