TheLazy.Dev
Portfolio GitHub

Blog

aws |cloud |vpc |networking

Transit Gateway v/s Direct Connect v/s Site-to-Site VPN

rksalo88

Saloni Singh

Posted on October 27, 2024

Transit Gateway v/s Direct Connect v/s Site-to-Site VPN

Letโ€™s discuss about VPC today, we all must have heard of Transit gateway, Direct Connect and Site-to-Site VPN, all of these seem to sound similar, but whatโ€™s the difference between them?

Image description

A ๐—ง๐—ฟ๐—ฎ๐—ป๐˜€๐—ถ๐˜ ๐—š๐—ฎ๐˜๐—ฒ๐˜„๐—ฎ๐˜† is a central hub by which you can connect VPCs and on-premises networks within the AWS environment.
๐——๐—ถ๐—ฟ๐—ฒ๐—ฐ๐˜ ๐—–๐—ผ๐—ป๐—ป๐—ฒ๐—ฐ๐˜ does this by creating a direct, dedicated private connection with your on-premises network and AWS.
Creating a ๐—ฆ๐—ถ๐˜๐—ฒ-๐˜๐—ผ-๐—ฆ๐—ถ๐˜๐—ฒ ๐—ฉ๐—ฃ๐—ก creates an encrypted over-the-public-internet โ€œtunnelโ€ to associate your on-premises network with a single AWS VPC.
So, in fact, a Transit Gateway provides for managing multiple VPCs and on-premises networks connections, with Direct Connect offering a direct, high-bandwidth connection, and a Site-to-Site VPN is a fundamental connection using the public Internet for a single VPC link.

๐—ž๐—ฒ๐˜† ๐—ฑ๐—ถ๐—ณ๐—ณ๐—ฒ๐—ฟ๐—ฒ๐—ป๐—ฐ๐—ฒ๐˜€:

๐—™๐˜‚๐—ป๐—ฐ๐˜๐—ถ๐—ผ๐—ป๐—ฎ๐—น๐—ถ๐˜๐˜†:
๐—ง๐—ฟ๐—ฎ๐—ป๐˜€๐—ถ๐˜ ๐—š๐—ฎ๐˜๐—ฒ๐˜„๐—ฎ๐˜† : It is central to make the different VPCs and on-premises network connect to each other; it simplifies network management.
๐——๐—ถ๐—ฟ๐—ฒ๐—ฐ๐˜ ๐—–๐—ผ๐—ป๐—ป๐—ฒ๐—ฐ๐˜ : Dedicated and private connection that connects your on-premises network to AWS with high bandwidth with minimal latency.
๐—ฆ๐—ถ๐˜๐—ฒ-๐˜๐—ผ-๐—ฆ๐—ถ๐˜๐—ฒ ๐—ฉ๐—ฃ๐—ก : An encrypted tunnel across the public internet which interconnects your on-premises network to an AWS VPC.

๐—ฆ๐—ฐ๐—ฎ๐—น๐—ฎ๐—ฏ๐—ถ๐—น๐—ถ๐˜๐˜†
๐—ง๐—ฟ๐—ฎ๐—ป๐˜€๐—ถ๐˜ ๐—š๐—ฎ๐˜๐—ฒ๐˜„๐—ฎ๐˜†: It is highly scalable, thus allowing easy addition of new VPCs or on-premises network connections.
๐——๐—ถ๐—ฟ๐—ฒ๐—ฐ๐˜ ๐—–๐—ผ๐—ป๐—ป๐—ฒ๐—ฐ๐˜: Highly scalable depending on the chosen bandwidth tier.
๐—ฆ๐—ถ๐˜๐—ฒ-๐˜๐—ผ-๐—ฆ๐—ถ๐˜๐—ฒ ๐—ฉ๐—ฃ๐—ก: Not as scalable as Direct Connect because it is restrained by public internet bandwidth.

๐—ฆ๐—ฒ๐—ฐ๐˜‚๐—ฟ๐—ถ๐˜๐˜†:
๐—ง๐—ฟ๐—ฎ๐—ป๐˜€๐—ถ๐˜ ๐—š๐—ฎ๐˜๐—ฒ๐˜„๐—ฎ๐˜†: It is secure in the AWS infrastructure, but on the on-premises connection, there would rely on extra security measures.
๐——๐—ถ๐—ฟ๐—ฒ๐—ฐ๐˜ ๐—–๐—ผ๐—ป๐—ป๐—ฒ๐—ฐ๐˜: Very secure since it is based on a dedicated private connection.
๐—ฆ๐—ถ๐˜๐—ฒ-๐˜๐—ผ-๐—ฆ๐—ถ๐˜๐—ฒ ๐—ฉ๐—ฃ๐—ก: Relies on encryption to protect traffic across the internet.

๐—ช๐—ต๐—ฒ๐—ป ๐˜๐—ผ ๐˜‚๐˜€๐—ฒ ๐—ฒ๐—ฎ๐—ฐ๐—ต:
๐—ง๐—ฟ๐—ฎ๐—ป๐˜€๐—ถ๐˜ ๐—š๐—ฎ๐˜๐—ฒ๐˜„๐—ฎ๐˜†:
You want to connect multiple VPCs and on-premises networks with complex routing requirements.
๐——๐—ถ๐—ฟ๐—ฒ๐—ฐ๐˜ ๐—–๐—ผ๐—ป๐—ป๐—ฒ๐—ฐ๐˜:
You want a high-bandwidth, dedicated private connection to AWS for large data transfers.
๐—ฆ๐—ถ๐˜๐—ฒ-๐˜๐—ผ-๐—ฆ๐—ถ๐˜๐—ฒ ๐—ฉ๐—ฃ๐—ก:
You want a simple way to connect a single on-premises network to an AWS VPC with smaller data volumes.

๐Ÿ’– ๐Ÿ’ช ๐Ÿ™… ๐Ÿšฉ
rksalo88
Saloni Singh

Posted on October 27, 2024

Join Our Newsletter. No Spam, Only the good stuff.

Sign up to receive the latest update from our blog.

Related

Transit Gateway v/s Direct Connect v/s Site-to-Site VPN
aws Transit Gateway v/s Direct Connect v/s Site-to-Site VPN

October 27, 2024

AWS Project: Architecting a Secure and Scalable Network with AWS VPCs and Subnets
aws AWS Project: Architecting a Secure and Scalable Network with AWS VPCs and Subnets

August 30, 2023

ยฉ TheLazy.dev

About