What is a Multi-Cloud Network Architecture (MCNA) and how can it help enterprises?
Aviatrix Systems is a software company headquartered in Santa Clara, California, the heart of Silicon Valley. Aviatrix software provides a platform for companies to build networking and security infrastructure in the public cloud. The platform provides architecture applicable to both single and multiple public cloud deployments. Currently, the software supports public clouds such as AWS, Azure, GCP, and OCI.
MCNA is unlike any other architecture because it embraces, controls, and manages not only the native cloud constructs but also provides advanced services beyond what the Cloud Services Providers (AWS, Azure, GCP, and OCI) can provide. It provides a consistent and repeatable architecture across multiple clouds, being the first in the industry to do so, making it an essential part of the present and future of the public cloud.
Multi-Cloud Network Architecture (MCNA)
Aviatrix creates a purpose-built Multi-Cloud Network Architecture (MCNA) by implementing a data plane through dynamic and software-defined routing with a centralized control plane. Security is built into the network architecture through segmentation, encryption, ingress and egress filtering, and security services insertion. Aviatrix also leverages orchestrating cloud-native constructs, where necessary, in building and controlling the enterprise network and life-cycle management of the overall architecture.
The architecture is valid for single-cloud-single-region, single-cloud-multiple-regions, or multiple-clouds-multiple-regions and can be easily referenced by both green and brownfield businesses with no issues. This is a common and repeatable architecture across multiple clouds, which creates simplicity and abstraction for the users by hiding all the underlying complexities and limitations of Cloud Service Providers. Because this architecture functions as a reference, it is vendor-agnostic. MCNA architecture defines four distinct layers at a high level. These are Cloud Core, Cloud Security, Cloud Access, and Cloud Operations.
The cloud core of the multi-cloud network architecture goes beyond simple connectivity. It scales and supports the rapid evolution of applications and businesses. It also delivers a common data plane by supporting native cloud constructs, APIs, and adds advanced capabilities to form a common data plane with the visibility and control required to optimize the multi-cloud network.
Within the cloud core, there are two subdivisions: The applications layer and the global transit layer.
The Applications Layer
This is where the applications are. These applications could be sitting in VPC/VNET and running as instances or VMs. The Aviatrix controller embraces the native constructs of the cloud from this layer. This is the area where applications are deployed using their respective operating systems.
The Global Transit Layer
Aviatrix software enables enterprise IT to easily deploy a high-availability, multi-cloud network data plane with end-to-end encryption, high-performance encryption, multi-cloud security domains, and operational telemetry operations teams need. This is the main point of connection for every aspect of the cloud. This global transit layer also has the notion of inserting services in its platform, which is done through the service insertion framework.
Cloud security is a crucial part of the MCN architecture. This layer encompasses all the other layers of the cloud. It ensures that all the areas in the cloud, such as the applications, transit, and access layer are secure. The MCNA model enforces cloud security in many aspects, such as when connecting cloud to on-premise, ingress, egress, and security within the cloud security with encryption and security segmentation.
The multi-cloud access layer is a crucial layer of the multi-cloud network when interconnecting to on-premise resources. This layer ensures that the cloud is securely accessible by all the components of a business. This architecture sets the multi-cloud foundation by securely bringing employees, partners, customers, branch offices, and legacy data centers into the cloud as one cohesive unit.
This layer provides full visibility for all aspects of the cloud, meaning that it encompasses each layer. It is a centralized operations plane. This is also the layer of the cloud that encompasses the most crucial tools, such as troubleshooting, visibility, and automation.
MCNA showcases a centralized controller to manage single or multiple clouds with a global, distributed, unified and normalized data plane.
Despite being founded in 2014,  it has an established presence in the tech industry, assisting customers such as Epsilon,  Hyatt, Netflix,  United Airlines, Vacasa, SoFi, The Wharton School at the University of Pennsylvania, Informatica, Genpact, Ellucian, the Avis Budget Group, Verint, Teradata, the InterContinental Hotels Group, the Age of Learning, Nu Skin, and DXC Technology.
A Centralized Controller
Aviatrix offers a centralized controller to make complex networking easy and does not require any background knowledge of networking command-line interfaces.
It is a browser-based, point-and-click management console that orchestrates both native (AWS, Azure, GCP, and OCI) constructs and advanced services from Aviatrix. This centralized controller also deploys Aviatrix Gateway instances for multi-cloud, on-premise, and edge connectivity.
A Distributed and Common Data-Plane
The Aviatrix platform embraces native cloud constructs and extends the functionality using advanced networking and security, which are both provided by Aviatrix Controller and Gateways.
The Aviatrix gateways can be considered as service nodes, providing a robust and common data-plane within a Cloud or across multiple Clouds.
As part of the data-plane, these gateways work to provide services such as transit routing, high-performance encryption, egress and ingress control, edge connectivity, on-premise connectivity, and user-VPN services.
CoPilot, one of Aviatrix's many services, allows users to have full operational visibility in their network, all while informing them of any issues in their cloud network.
Multiple Accounts and Clouds
Aviatrix is also able to integrate multiple accounts and clouds seamlessly and on one single interface. This allows customers to interconnect AWS, Azure, and Google Cloud with the same point and click flow.
Security & Compliance
To help its service run smoothly, Aviatrix provides many security and compliance measures. It allows users to manage security domains, such as the Development domain and the Production domain, and also allows for Virtual Private Cloud connectivity through Connection Policies. Users are able to easily apply firewall filters based on tags or specific address ranges, CIDR, protocols, and ports.
Aviatrix services are also integrated with AWS GuardDuty to block malicious activity automatically at the Virtual Private Cloud network level.
Partners and Integrations
Technology Integration Partners
Integrated Service Partners
· DXC Technology
3. ^ "Aviatrix Presents Software-Defined Cloud Routing at Cloud Field Day 4 and AWS Events". www.businesswire.com. 2018-08-06. Retrieved 2020-06-02.
4. ^ "CRV leads $40M round into cloud networking and security startup Aviatrix". SiliconANGLE. 2019-10-28. Retrieved 2020-06-02.
6. ^ Aviatrix (2020-01-28). "Aviatrix Simplifies and Accelerates Customer Onboarding to Cloud for Enterprise Cloud Data Management Leader, Informatica". GlobeNewswire News Room. Retrieved 2020-06-05.
8. ^ Author, Guest. "Advantages of Using Aviatrix to Extend Native Cloud Networking Constructs". blogs.oracle.com. Retrieved 2020-06-05.
10. ^ "Palo Alto Networks & Aviatrix Solution Brief - Palo Alto Networks". www.paloaltonetworks.com. Retrieved 2020-06-05.
12. ^ "CloudGuard IaaS and Aviatrix - Egress how-to video". Check Point CheckMates. 2020-05-01. Retrieved 2020-06-05.