It caught my eye the other day that Microsoft announced an equivalent to Amazon Web Services’ Direct Connect offering, i.e. the ability to connect from your premises to your cloud deployment without going over the Internet. The press release says this capability is “expected to be available in first half of 2014” – and I assume that this initial launch will be US only with Europe to follow later, although it doesn’t say.

Smart421 was a Direct Connect launch partner in the European region for AWS back in Jan 2012, although the initial US launch was way back in August 2011. So going on that basis, I can now put a crude estimate on how far behind AWS the Azure platform really is – at least two and a half years :)

Anyway, now is as good a time as any to share some brief stats from our real world experience of deploying Direct Connect for the European region. I’m not aware of much data in the public domain about Direct Connect latency measurements in the European region – so if you know of some, please comment on this post to let me know.

On a 1 gigabit connection, for an ICMP (i.e. ping) round trip we typically see a latency of circa 12-13ms for Direct Connect versus 33ms via a VPN over the Internet, i.e. about a 60% reduction in latency.

AWSDirectConnectLatency

This data needs to be considered carefully as there are a multitude of factors at play here depending on the specific customer environment and requirements – such as the Internet connectivity for the VPN, and crucially where the customer “on-premises” equipment is in network terms with respect to the AWS Direct Connect location in London Docklands. Also any comparison will vary depending on time of day etc. I’m deliberately not providing any stats on achieved bandwidth here as there are just too many factors involved – principally that the limiting factor is likely to be any MPLS connectivity involved in the architecture rather than Direct Connect itself.

Still – it’s interesting data nonetheless…thanks to ‘Smartie’ Wayne for compiling the data.

Please share this blog using the social buttons below or short URL http://bit.ly/1e8CCq6

Please take a moment to Rate and Like this Post. Our readers want to see YOUR opinion so please post a Comment.

It’s an exciting day today as it has just been announced that Smart421 is an Amazon Web Services launch partner in the UK for the latest expansion of their Direct Connect offering. Up until today Direct Connect has only been available to certain regions in the US, but now UK customers can get the benefits of this improved connectivity as well. Smart421′s role as an AWS Solution Provider is to help customers reap those benefits by giving them a one-stop shop for full end-to-end connectivity from their premise(s) to the AWS EU region without relying on the Internet at all – except as a backup mechanism.

Our offering is actually a seamlessly managed combination of services from two parts of our parent company, the KCOM group. Smart421 provide an end-to-end experience for the customer and manage the provisioning of the AWS Direct Connect connection at Telecity Sovereign House in London, and we use our sister company Kcom to deploy and manage the “last mile” connection from Telecity to the customer’s premises. The immediate benefit to the customer is that they have one party responsible for a direct private connection from their premises to the cloud – not multiple suppliers to manage and triage etc.

DIRECT CONNECT SCHEMA3 cropped

I thought I’d just cover a few basic questions about Direct Connect that I’d expect to come up with customers…

Why would I want it?

The usual mechanism of accessing AWS is over the Internet, with user and/or administration traffic secured using a virtual private network (VPN). This gives privacy and authentication, but the network traffic is fundamentally still sharing your organisation’s Internet pipe and still going via the Internet along with everyone else’s traffic. Many of our customers have a default security policy that certain classes of network traffic must be deployed on a more private infrastructure, e.g. MPLS links etc – to give a greater degree of privacy, predictability and control, especially in terms of improved bandwidth, latency and availability.

Secondly, there is a perception issue with using the Internet – which often becomes more marked the further you move up the management chain :). In fact, when talking to customers this is a classic objection that I sometimes hear – “we’re not comfortable using the cloud over the Internet”. Well now you’ve got a real choice – we can deploy an end-to-end private connection to AWS when required.

Also, you might be shifting significant volumes of data into and out of your cloud deployment, e.g. if you are performing big data processing using Hadoop/Elastic Map Reduce etc, or frequent data replication for disaster recovery purposes when you are using AWS as a logical extension to your on-premise data centres. In these circumstances, having greater control and certainty over the end-to-end connection between your premises and the AWS deployment is attractive.

What are the benefits?

In a nutshell, the key benefit is that your traffic is no longer subject to the unpredictability of the general Internet, and so basic metrics such as band with and latency will be far more predictable. For the connection from the customer’s premises to Telecity in London these metrics will be subject to strict quality of service guarantees, i.e. a bandwidth of X (you choose) with a defined maximum latency and an SLA (service level agreement) for the connection. For the second half of the connection from Telecity to the EU region in Dublin, you can expect superior network characteristics but there is not an SLA that defines guaranteed bandwidth etc. The initial adopters of Direct Connect in the EU region can expect an amazingly good network service given the price point – and our expectation is that over time AWS will have to introduce a degree of throttling/bandwidth management in order to maintain service levels…

What will it cost me?

…which brings me on to the costs. The bottom line is that Direct Connect is amazingly good value in our opinion. For a 1Gb/s port at Telecity it’s of the order of $216/month – i.e. virtually nothing. Unless you have your “on-premise” servers co-located at Telecity, then the costs for the “last mile” connection backed up by a strong SLA back to the customer premises will be much more significant. So guess what – you get what you pay for – no surprise there! For organisations relatively close to Telecity Sovereign House in network terms (e.g. in London) this makes Direct Connect a no-brainer really once your AWS usage becomes significant in terms of business criticality or data volumes, and it’s still highly attractive for an UK-based organisation.

Where might all this be going?

Finally – I just wanted to finish on why we think this is a really exciting development. For the EU region, this is the first step on the road for Smart421 to be able to offer a truly end-to-end service management offering – backed by strong SLAs for the end-to-end network connection and the AWS deployment itself. Over time we expect AWS to enhance Direct Connect with QoS (quality of service) guarantees, and we’re delighted to be in there at the start.

logo awsThose boys in Seattle have been busy – we’ve known about these new releases for some time now via our AWS partnership but have had to keep schtum, so it’s nice now that they are out in the public domain to talk about a bit more. Each of these items in the AWS news release would be good enough for a news release on their own for most organisations…

For us, the most immediately exciting part is that their virtual private cloud (VPC) offering is now available in multiple AZs in a region, a single VPC can span multiple AZs, and a single AWS account can have more than one VPC. In our view, these remove the last major barriers to serious production use by enterprises – as we typically want to engineer a virtual private cloud that spans AZs in the same region for resilience reasons.

The other really exciting thing about the VPC news is that Smart421 are mentioned in the press release :). We use VPC for pretty much everything we do for customers now – there’s no good reason why not, the financial model is not really affected and you get much more control. One of those customers is Haven Power, where VPC is one of the building blocks of the solution to deliver a really innovative business continuity planning (BCP) solution.

The Identity and Access Management functional enhancements are very welcome also – this is an area that has matured quite fast but from a relatively low base. Managing multiple customer and internal deployments and the accounts and permissions that go with them is challenging, and integration with Active Directory etc looks like it will be very useful.

Finally, Direct Connect is something we’ve been discussing with AWS in the UK for a while – again, coming back to my theme about making IaaS a credible solution for enterprise customers (the market Smart421 principally serve) – enterprise customers expect to have more private, more controlled networks between their data centres and the use of VPNs usually concerns the internal security guys, so this is a necessary piece of the enterprise deployment architecture jigsaw. It’s only available in US East as the moment but there’s a commitment to a London deployment, so this is something I’d expect our customers to want to exploit – especially at the price point which seems a bargain to me, e.g. a 1Gbps port used full time for a month is about $216. Peanuts – so it’d be rude not to use it.

Read the AWS blog entry for more details, and the related Smart421 news item is here.

Follow

Get every new post delivered to your Inbox.

Join 1,084 other followers