Aviatrix Secure Edge Use Cases

Extend Aviatrix to Edge Locations

This diagram illustrates Aviatrix Edge Gateways deployed at multiple edge locations.

edge_usecase_edge_location

Aviatrix Secure Edge for On-Premises

Cloud Orchestration and Simplified Onboarding

Ease of onboarding

  • Instantly onboard HW orchestrated via Cloud

  • Manage and operate the Edge HW and network software via cloud

  • No IT expertise required to connect and deploy the Edge HW

Drive better cost & FTE efficiencies

  • Simplified deployment with automation

  • Deploy Edge network software to multiple devices at scale via Cloud

  • Single automation stack across cloud and on-prem

  • Faster deployment and onboarding of connectivity from on-prem to cloud and on-prem to multi-cloud

edge onpremise design 1

Increased Performance, Reduced Operational Overhead, and Bottlenecks Removed

  • IPSec Encrypted line rate throughput from cloud to on-prem via public or private connectivity

  • Repeatable architecture

  • Same overlay from Cloud to Edge

  • Consistent security protocols

  • Config driven via cloud and consistent secure IPSec state across Edge

  • E2E visibility – Within Cloud and Cloud to Edge

edge onpremise design 2

Multiple Edge Gateways for Multiple Edge Sites

This use case illustrates Edge Gateways with BGP connection to a VIP. The Edge Gateways can be set up at multiple edge sites as shown in the diagram with Site A and Site B.

550

Multiple Edge Gateways for Single Edge Site

This use case illustrates multiple Edge Gateways on the same edge site for horizontal scaling or multiple Active-Active connections from cloud to edge.

550

Edge Gateway Connectivity to Different LAN Routers (Multiple Sites)

This use case illustrates Edge Gateways on different edge sites with active and standby peering connections to different LAN routers.

550

Edge Gateway Connectivity to Different LAN Routers (Single Site)

This use case illustrates multiple Edge Gateways on the same edge site with peering connections to different LAN routers.

Only Active-Active high availability mode is supported with more than two Edge Gateways on the same site.
edge hs lan connection

Edge Gateway to AWS TGW Domain with FireNet Enabled

When FireNet inspection is enabled for an AWS TGW domain, the Aviatrix Edge domain cannot be associated to that domain. Because of a limitation that is attributed to how AWS configures its TGW domains, the on-premises routes from the Edge domain are not installed in the Spoke TGW route table via the Aviatrix Transit Gateway.

edge aws tgw firenet 1

To overcome the AWS TGW domain limitation, create another pair of Edge Gateways and associate the gateways to the Transit Gateways with the associated TGWs without segmentation on Edge.

edge aws tgw firenet 2