AWS is offering a variety of new connectivity options for enterprise customers to access distributed cloud resources.\nThe new options \u2013 unveiled at the company\u2019s re:Invent conference\u2014are designed to give businesses new network options and build more secure access to on-premises and other cloud applications.\n\nA new network offering called AWS Cloud WAN is a managed service that promises to make it easier to build, manage, and monitor global traffic across a wide area network that spans multiple locations and networks\u2014eliminating the need to configure and manage the different networks individually using different technologies.\nNetwork teams have the option to use simple network policies to specify the Amazon virtual private clouds and on-premises locations they want to connect through AWS VPN, AWS Transit Gateway, or third-party SD-WAN products. The \u00a0AWS Cloud WAN service generates a view of the network to monitor health, security, and performance, AWS stated.\n\u201cTeams can also use network policies to automate routine network-management tasks like adding new sites or branch locations, isolating traffic between sensitive applications or locations, segmenting groups of networks to make it easier to manage network isolation between AWS and on-premises environments, or enabling specialized network or security services,\u201d AWS stated. \u00a0\nFor example, customers could increase their security posture by creating a policy that ensures that any network traffic from their branch locations must be routed through a network firewall before reaching their cloud resources, AWS stated. \u00a0\nThe new service also integrates with AWS networking partners including Hewlett Packard\u2019s Aruba, Cisco, Palo Alto Networks, and VMware\u2014letting customers use and manage products and services from these providers.\nIn Aruba\u2019s case, the company said customers can extend policy-based network segmentation from the branch edge--which spans campus, branch, microbranch, and remote worker--into the AWS global network.\n\u201cAruba SD-WAN integration with AWS Cloud WAN is enabled through Aruba Orchestrator and Aruba Central, making it easy to deploy, manage, and operate sophisticated WAN networks over AWS. Aruba Orchestrator now also supports automated \u201cone-click\u201d deployment of EdgeConnect SD-WAN instances directly into AWS VPC\u2019s,\u201d Aruba stated.\u00a0\nIn Cisco\u2019s case the service will work with SD-WANs using its vManage and Meraki software.\u00a0\nCustomers can get secure site-to-site connectivity through Cisco SD-WAN with AWS global backbone as underlay that is highly reliable and cost effective, wrote Chris Stori, \u00a0senior vice president and general manager for Cisco\u2019s Networking Experiences team in a blog.\u00a0 \u00a0Customers can automate and simplify the provisioning process through your choice of platform, whether Cisco vManage or Cisco Meraki, for a simplified network design and define a multi-region, segmented, dynamically routed network with an intent-driven policy in just a few clicks, Stori wrote.\nOn the VMware side, with VMware SD-WAN, enterprises can extend the segmentation they use in their data center to remote branch sites by using the segmentation capabilities built into VMware SD-WAN Edges, the company stated in a blog.\u00a0 \u00a0\n\u201cWhen enterprises transition to the cloud, they can extend that same network segmentation to their cloud workloads,\u201d VMware stated.\u00a0 \u201cWith AWS Cloud WAN, customers can further extend the segmentation from their VMware SD-WAN fabric to their network on the AWS Cloud. This allows enterprises to ensure traffic isolation and data security end-to-end.\u201d\nAnother connectivity option for AWS Cloud WAN service is a new networking offering that lets AWS users connect data centers or branch offices over AWS\u2019 backbone network.\u00a0\nAlso rolled out, AWS Direct Connect SiteLink connects sites through Direct Connect locations, without sending traffic through an AWS Region. AWS has 108 Direct Connect locations available in 32 countries. The service supports traffic flows of 50 Mbps to 100 Gbps from one Direct Connect location to another following the shortest available path. Customers no \u00a0longer need to connect through the closest AWS Region and manage and configure an AWS Transit Gateway for site-to-site network connectivity, AWS stated.\n\u201cUntil today, when you needed direct connectivity between your data centers or branch offices, you had to rely on public internet or expensive and hard-to-deploy fixed networks. These are geographically constrained and can be tied to long-term contracts,\u201d AWS stated. \u201cThis rigidity becomes a pain point as you expand your businesses globally. In turn, you\u2019re required to create custom workarounds to interconnect networks from different providers, which increases your operating costs.\u201d\nSiteLink supports other AWS services, letting customers reach VPCs, other AWS services, and on-premises networks from the Direct Connect connections.\nAWS also introduced the ability for its Transit Gateway customers to directly route traffic between different Transit Gateways in the same AWS Region.\u00a0\nAWS Transit Gateway lets customers tie cloud-based resources back to data centers, remote office workers or other distributed access points as needed. Thirteen networking vendors including Cisco, Aruba, Arista, Fortinet, Palo Alto, and Versa announced support for the technology when it was introduced in 2018.\nIntra-region peering simplifies routing and inter-connectivity between VPCs and on-premises networks that are serviced and managed via separate Transit Gateways, AWS stated. This feature provides the flexibility to deploy multiple Transit Gateways with separate administrative domains, while providing an easy way to interconnect them more natively.\n\u201cUsing intra-region peering, you can build flexible network topologies and easily integrate your network with a third-party or partner managed network in the same AWS Region. If you are already familiar with Transit Gateway inter-region peering, it works exactly the same way except that the peered Transit Gateways are in the same AWS Region,\u201d AWS stated.\u00a0\nAWS partner VMware said the Transit Gateway provides high bandwidth, resilient connectivity to VMware [software defined data centers] in an SDDC Group.\n\u201cWith this enhancement, VMware Cloud on AWS customers will be able to peer their VMware Transit Connect with AWS Transit Gateway (TGW) in the same AWS region,\u201c Sonali Desai, product line marketing manager wrote in a blog about the announcement.\n"This will help customers establish high bandwidth connectivity between their VMware Cloud on AWS SDDC Group and AWS Transit Gateway (TGW), enabling access to VPC resources at scale without the need for a Transit VPC. This further simplifies access between VMware Cloud on AWS VPC resources and AWS VPC resources, while retaining control over connectivity in the respective environments,\u201d Desai stated.