Aviatrix ACE Design Expert Blueprint

  • 11 November 2021
  • 0 replies

Userlevel 6
Badge +6

Executive Summary


Aviatrix ACE Design Expert (ACE-DE) validates the candidate’s command on understanding and leveraging Aviatrix Architecture and its design methodology to build public cloud networks. The program checks the candidate’s technical, design, consultancy, presentation, business, and articulation skills on core networking principles in the public cloud based on the Aviatrix Multicloud Network Architecture approach.

ACE Design Expert Program Benefit for Businesses

The ACE-DE is extremely critical for businesses growing their footprint in the Cloud. It prepares the candidate to not only handle technical networking challenges as well as business objectives set forth by enterprises. In order to achieve these objectives, this process, at minimum, validates the following attributes in a candidate

  • Proficiency in using Aviatrix platform
  • Excellence in using technology solutions to achieve business outcomes
  • Deep understanding of multiple cloud providers (CSP) and their networking and security offerings
  • Consultancy skills to gather the business and technical requirements from clients/stakeholders and use them to design a future proof architecture
  • Ability to articulate CSP and Aviatrix platform capabilities and objection handling
  • Elevate the stature of your team and organization for the quality of talent.
  • Increased confidence of organizations in their talent pool and for delivery organizations, the ability to demonstrate high confidence in their design and delivery capabilities.
  • Provide a way for enterprises to find talent that meets the highest standard of qualifications in the public cloud networking and security space.

ACE-DE Program Details

Aviatrix Certified Design Expert (ACE-DE) is an advanced level certification track built to provide cloud network, security, and operations architects to demonstrate and validate their deep understanding of public cloud networking environments.

This document outlines the general topics as guidelines for the content likely to be included in the evaluation but is not an exhaustive list. Candidates are expected to cover core networking and security but also adjacent topics and technologies required for an enterprise cloud architect role.

To better reflect the contents of the program, the guidelines in this document may change at any time without notice. Please make sure you are reviewing the latest version by visiting the Aviatrix website.

The Technical Objectives of ACE-DE Program

  • Build the community of Secure Cloud Networking experts by providing validation process of their expert-level cloud networking and security knowledge
  • Train and educate candidates to enhance their expertise in gathering and clarifying secure cloud network functional requirements. Develop network designs to meet functional specifications. Develop an implementation plan, convey design decisions and their rationale.
  • Provide a platform for the certified individuals to distinguish themselves in front of their employers, customers, and peers as someone who has a deep understanding to design, implement, operate, and troubleshoot a secure cloud network spanning single or multiple CSPs

ACE-DE Advantages for Individuals

An ACE-DE (Aviatrix Certified Engineer - Design Expert) carries the primary responsibility in their organization of designing and deploying an optimal and secure cloud network environment that enables an agile platform for applications and customers to consume.

Understanding the Aviatrix platform and being able to configure an environment is only part of skills being validated as an ACE-DE. The successful candidate will be an individual who shows leadership qualities in enabling their organizations via their technical, consultancy, and business awareness skills to achieve end business objectives.

  • Industry recognition of your expertise in complex public cloud environments with a focus on networking, security, and operations
  • Become part of an elite group of professionals
  • Multifold increase in candidate's personal profile and opportunities in the marketplace that may translate into higher compensation

Applying for ACE-DE

The application for ACE-DE is centered on an Aviatrix platform-based cloud project that the candidate has either led or has been a major contributor to. The submitted project and its associated documentation may be based on a real project or fictitious project, or a combination of both. In any case, the design must be

  • Driven based on real business drivers, outcomes, and objectives that have demonstratable value to an organization
  • Built for a production-grade, mission-critical infrastructure with clearly defined SLA
  • Complex enough on scale and performance, and must make use of multiple critical Aviatrix use cases
  • Innovative to creatively achieve business goals while minimizing cost and maximizing benefits


  • Each candidate must submit their own application
  • The same design may be used by different applicants only if they were major contributors to the design
  • The design submission document and all associated submissions must be unique to each candidate. The details of what needs to be included in the application will be covered in the later section on ACE-DE Certification Processes
  • The application must be submitted in accordance with the dates published on the ACE-DE website
  • Once the application has been submitted, it will be reviewed by ACE-DE panelists
  • You will be informed of the final decision weeks before the in-person defense event to allow for travel and lodging arrangements

Qualification and Certification Process

Candidate must prove the mastery of Multicloud Networking by using the process outlined here:

  1. Submit a complete design as per specifications. This design will be reviewed by the ACE-DE design review committee
  2. If the submitted design is approved, candidates will be notified to attend an in-person meeting in one of the locations around the world. The location and date is determined by the Aviatrix ACE-DE program
  3. On the appointment day, the candidate must defend their submitted design and also build a design, impromptu, based on given requirements
  4. The candidate must also demonstrate hands-on proficiency on the Aviatrix platform

ACE-DE Certification Processes

The following sections briefly outline the areas that must be covered throughout the ACE-DE program including Design Submission Document, Defense, Impromptu design, etc.


  • At least one year of experience designing and operating the Aviatrix cloud network platform
  • At least one year of experience designing and operating networking and security in public clouds such as AWS, Azure, GCP, OCI, etc. CSP networking and security-focused certifications are a plus
  • Deep understanding of CSP core networking concepts such as
    • L4 Security Groups / NSG / Firewall Rules, L7 NGFW, IGW
    • Direct Connect (DX), Express Route (ER), Google Cloud Interconnect (GCI), OCI Fast Connect, Equinix Cloud Exchange, Private Links, MegaPort
    • WAN, SD-WAN, Azure vWAN, AWS TGW, GCP NCC, etc.
    • GWLB, ELB, ILB, ALB, Private Endpoint, Route Service, etc.
  • Current ACE Professional or ACE Operations certification
  • ACE Automation (Terraform IAC) certification is a plus
  • Attend ACE-DE Design pillars session or watch the recording
  • The candidate doesn't need to be part of specific geo or vertical
  • The candidate does not need a certain higher-education degree
  • The candidate does not need to carry a pre-approved list of titles

Business Objectives and Drivers

Clearly cover what are the business objectives that need to be achieved by this project. Why the project is important for business and what role cloud networking and security by Aviatrix will play in achieving the outlined business objectives.

Technical Requirement Gathering

Identify the technical requirements of the project that pertains to cloud networking and Aviatrix MCNA solution. Explain the salient points outlining the Must Have and Nice to Have aspects of the requirements. Outline if there are any parts of the project that will be handled in a later phase and why a phased approach is needed to meet the business and/or technical requirements.

Solution Design

In this section, share the actual design aided by appropriate topology diagrams, tables, flow charts, packet walks, etc., across network and security design.

Adhering to MCNA Design Pillars

MCNA Design Pillars are collectively referred to as CRAMPS. Demonstrate using design decision tables or diagrams the decision choices that bring the design in-line with the below-mentioned design pillars.

C: Cost Control and Optimization

Discuss how the design is made cost-effective from a scale and sizing perspective. What considerations were made to ensure the environment is right-sized and stays within the budget.

R: Recoverability

Cover the DR planning of the environment. How and what steps will be taken to ensure consistent and smooth operations in case of disruptions. Share the SLAs agreed in case of partial or full DR scenarios.

A: Availability

Cover the high availability aspects of the design and its components.

M: Manageability

How the environment will be managed including automation, integration, etc. Ease of use and reducing management overhead are key objectives.

P: Performance

Cover the performance requirements of different components and how the design is flexible to cover current and future performance and scale requirements

S: Security

Cover how the Aviatrix Infrastructure is secured including access to control and management plane. Discuss how the network security design is done for virtual cloud networks and connected external entities including on-prem, extranet, internet ingress/egress, remote users, etc.

People, Process and Technology Readiness for Day2

Most of the discussion in any design conversation is focused on build exercises, often termed as Day0 and Day1. A successful design is one that also considers how the environment is going to be easily managed Day2 onwards by operational teams, reduces risk during change control, auditable, etc. This needs consideration around

  • People (training, enablement, etc.)
  • Process (SoPs, Change Management, IaC, upgrades, etc.)
  • Technology (Integration with NGFW Policy, SAML, Ticketing, Alerting, Reporting, etc.)

Submitting the ACE-DE application

In addition to the required fields in the application form, the application package will include a Design Submission Document following the sample provided on the ACE-DE website. The document must be submitted in both Word and PDF formats strictly following the formatting, page limits, and table of contents outlined in the sample.

It is the candidate's responsibility to read and understand the sample document provided and present all the required information in a concise and summarized manner. The use of diagrams, tables, graphs is highly recommended to communicate effectively to the panel. Vague and large quantities of the material do not necessarily serve the candidate’s best interest.

The document is expected to provide prescriptive details in three key areas

  1. Business perspective: Business drivers, business goals, requirements, problems being solved, and benefits anticipated
  2. Technical perspective: Technical requirements, challenges, logical designs, networking, and security topologies. Highlight the CRAMPS design pillars (Cost, Recoverability, Availability, Manageability, Performance, Security).
  3. Operational perspective: Day2 operational readiness, training, enablement, SOPs, integrations, etc.

Aviatrix reserves the right to require the candidate to resubmit the document that does not follow the sample and/or does not demonstrate the candidates' authority on the subject in a concise manner.

If the document refers to any external link or resource, it will be treated as a nice to look at for the review panel, but the candidate must summarize all the pertinent information in the document itself.

The Design Submission Document will be scrubbed using 3rd party anti-plagiarism platforms. Any application confirmed as containing non-original material in parts or whole will be automatically disqualified.

Possible Reasons for Rejection

The application and/or design may be rejected for several reasons including but not limited to

  • Insufficient or incomplete application such as with insufficient supporting documentation
  • Simplistic design that is not complex enough to demonstrate candidate’s command on the Aviatrix platform and CSP networking and security concepts
  • Focusing only on technology and not explaining the business requirements
  • Design that does not fulfill the business requirements
  • Incorrectly submitted application
  • The application does not follow the template provided
  • Documentation is too long, vague, lack conciseness, lack details to understand correctly
  • Application is primarily reusing the samples published and does not reflect original work
  • Plagiarism of any kind
  • Technical inaccuracy or incorrect design
  • Impractical design

Defending the Submitted Design

When coming to the Design Defense Day, the candidate should have prepared a short PowerPoint presentation using the sample provided on the ACE-DE website. The candidate will be able to use the PowerPoint presentation and the PDF version of the Design Submission Document during the defense.

The Design Defense will be somewhere between 45-60 mins long. During the defense, the candidate will present a short overview of the design and will be evaluated against the CRAMPS design pillars. The candidate is expected to demonstrate his/her command on the platform and accurately explain the different components, traffic patterns, design choices made, etc.

The entire process is built to emulate the type of conversations, challenges, documentation, demonstration, ownership, and authority an architect must demonstrate in real-world scenarios.

It is the candidate’s responsibility to complete the design presentation in the allotted time with enough room for questions and discussions.

Impromptu Design

In addition to defending the submitted design, the candidates will be required to take requirements to build a design, and present it back to the panel. This could take somewhere between 45 to 60 min in total. This phase is divided into three phases

  1. The candidate will be presented with a few slides containing enterprise design requirements
  2. The candidate will then build the high-level design on the whiteboard
  3. Candidates will then have approximately 20-30 min to present this design back to the panel and defend their design in accordance with MCNA design pillars (CRAMPS) with the requirements provided

Characteristics of a Successful Design Exercise

Communicate in a concise manner to the panel assuming you are presenting to an enterprise customer’s architecture board. Be educative, polite, and interactive. Make safe assumptions and validate as appropriate. Display your authority on the subject while being humble and understanding of customers’ sentiments and constraints. Maintain a high level of professional attitude and produce a design that meets the given requirements while making sure it is future-proof.


All communication, presentation, and defense will be conducted in English. There is no time extension due to language barriers.


The result will be provided within 7-14 business days after the exam process has been completed. The result will be in the form of Pass/Fail and in case of failure, some high-level recommendations for the candidate to improve upon will be provided. Aviatrix will not share specifics of the result with the candidate and the result cannot be challenged.

Recommended Review Material

Aviatrix recommends the candidates review the material mentioned in the Recommended Review Material section, Aviatrix Websites, YouTube channel,s and other sources while preparing for the ACE-DE exam.

Scheduling an ACE-DE Defense

ACE-DE will be held around the globe in large cities periodically. The dates and locations will be announced on the ACE-DE website. You must submit your application and all the required documents including the Design Submission Document in accordance with the published dates for each ACE-DE defense event.

Anti-Plagiarism Policy

Aviatrix takes plagiarism very seriously and will not certify any person who violates the integrity of the program by plagiarism of any form. Aviatrix also retains the right to bar an individual from ever applying if they are found to be in the conduct of any action considered against the integrity of the certification program. Following are some of the examples that are considered breaches of policy

  • Using someone else’s work without proper reference and citation
  • Presenting, wholly or in part, someone else’s work as your work
  • Using a material that is directly taken from an external source and presenting it as your work without proper reference
  • Using an organization’s non-anonymized design without their approval and consent
  • Sharing your design and submitted application with others to be used by them as their work
  • Sharing the exam specifics from the design session including scenarios, questions, presentations with others
  • Using false identity or intentionally using a different name than yours
  • Misrepresenting experience using Aviatrix platform and/or prior ACE certifications

Retake Policy

A candidate must pass all stages of the ACE-DE certification to be considered a pass. Failure in any one of the stages will constitute a failure of the entire certification attempt and will require the candidate to go thru all the stages again. Candidates can only have one application under submission at any given time.

Candidates may retake the certification after 90 days of the last attempt. Every new retake will be considered a new attempt from a process and exam fees perspective.

Candidates may defend the same design in the retake unless the design itself or its documentation was not adequate. In that case, the candidate will be provided enough feedback to improve the design and resubmit the application.

Candidates will be provided feedback on the area where they need improvement, but exact scoring details will not be disclosed.


This blueprint is intended to provide applicants information about the goals, objectives, process, and expectations of the Aviatrix Certified Engineer – Design Expert (ACE-DE) program. It is not expected to be an exhaustive document rather a guideline to be used by Architects when submitting the ACE-DE application. The topics covered here do not guarantee that candidates will pass the exam. Candidates are expected to bring their own expertise, experience, and original thinking when going thru each step of the process.

0 replies

Be the first to reply!