Azure Virtual WAN Acceleration: Analysis & Alternative

Eleanor Parker

Eleanor Parker

Azure Virtual WAN Acceleration: Analysis & Alternative

Whether operating in the Microsoft Azure cloud or in a hybrid cloud environment, enterprise organizations need solutions for securing and optimizing traffic across geographically distributed endpoints. This often requires consolidating and accelerating their wide area network (WAN) infrastructure.

Azure now provides Azure Virtual WAN (AVW) — an infrastructure as a service (IaaS) solution that combines networking, security, and routing functionalities in a single interface.

AVW can be used to create a virtual private network for all Azure storage services, on-prem devices, and even remote access outside your network. While some services are still being rolled out, most are generally available.

If you want a better way to move and synchronize bulk data sets across the WAN, try Resilio Platform — our WAN-optimized, omnidirectional file replication and synchronization software system. To learn more, visit our website or schedule a demo.

In this article, you’ll learn what Azure Virtual WAN is and how you can use it to enhance speed and security for your organization’s Azure cloud or hybrid cloud storage. You’ll also learn more about Resilio Connect, an alternative to VPNs that can be used across any type of network — irrespective of latency — to reliably move and synchronize files at predictable speeds, in real-time, or on-demand.

We’ll also explore the downsides of Azure Virtual WAN, such as:

  1. The fact that it only enhances WAN transfers in the Azure cloud.
  2. The requirement to use 3rd party security solutions for data protection and WAN acceleration tools for remote worker connectivity (i.e., SD-WANs or VPNs).

Lastly, we’ll discuss how our file replication and synchronization software system, Resilio Connect, can be used instead of, or in conjunction with, AVW as an alternative to VPNs.

Resilio Platform provides built-in security, WAN optimization, replication automation, and scalability (sync millions of files and thousands of endpoints) — so you can sync and transfer bulk datasets across high-latency networks (such as WANs or any IP network).

Resilio Platform is a file synchronization software system that uses a P2P replication architecture and a proprietary UDP-based WAN acceleration protocol (known as Zero Gravity Transport™) to provide high-performance replication that is:

  • Blazing fast: Resilio Platform can use the full bandwidth of your entire replication environment to sync hundreds of endpoints 3–10x faster than traditional solutions. Resilio can perform scale-out replication and reach speeds of 100+ Gbps per server.

  • Highly reliable across any network: ZGT enables Resilio to optimize network traffic and fully utilize any network, such as VSATs, cell, Wi-Fi, and any IP connection.

  • Resilient: Resilio eliminates single points of failure (SPOF), and can dynamically route around outages to ensure your data is always delivered to its destination.

  • Flexible: Resilio Platform works with any device, OS, and cloud storage provider (including Azure, AWS, Google Cloud, Backblaze, Wasabi, and many more).

  • Multi-directional: Resilio can replicate data in any direction, including one-way, bidirectional, one-to-many, many-to-one, and N-way sync or full mesh.  Synchronizing hundreds to thousands of endpoints takes about the same time as synchronizing two.  

  • Organically scalable: Because of Resilio’s P2P architecture, every endpoint you add to your environment enhances replication speed and resources.

  • Automated: You can manage and automate data ingest, sync, and replication jobs across all of your on-prem and cloud endpoints from one unified location.

  • Secure: Resilio secures data end-to-end with AES 256 encryption and employs other state-of-the-art protection capabilities to keep your data safe. Resilio also offers a Proxy Server that enables organizations to configure outbound connections and use a single IP address behind the corporate firewall, which supports working with temporary partners, external contractors, and remote employees.

Organizations in entertainment, media, software, gaming, construction, retail, and more use Resilio Platform to replicate and sync data in cloud and hybrid cloud deployments. To learn more about how Resilio Platform can help you quickly and reliably replicate data across Azure (or any cloud), schedule a demo with our team.

Azure Virtual WAN: Overview, Benefits, and Downsides

AVW  creates a private, virtualized network within your Azure cloud deployment via software-defined networking. In other words, it creates a private network that connects all of your Azure cloud storage endpoints (on either a private or public cloud) to provide:

  • Branch connectivity (i.e., your on-premises devices, infrastructure, office branch locations, data centers, and remote workers) through automation from AVW  partner devices, such as SD-WANs or VPNs

  • Site-to-site VPN connectivity

  • Intra-cloud connectivity (i.e., linking all of your Azure services)

  • A private network (via Azure ExpressRoute)

  • Routing optimization

  • The security delivered  by Azure Firewall, encryption, and a private network

How Does Azure Virtual WAN Work?

Azure Virtual WAN connects your entire Azure and on-prem infrastructure through a hub-and-spoke architecture.

Your Azure regions can act as a network “hub”, enabling transitive, full-mesh connectivity between different types of geographically distributed “spokes” like branch offices, remote users, and on-prem devices. These are linked to Azure via an SD-WAN (such as Riverbed) or VPN connection.

AVW allows you to:

Set Routing Policies

You can create routing policies in order to secure your AVW deployments by routing traffic (including inter-region and branch-to-branch) through Azure Firewall (or a select Next-Generation Firewall Network). 

Doing so makes your hubs a security boundary — i.e., all traffic is inspected by the firewall before being forwarded to its destination. Azure Virtual WAN’s router manages this dynamically so you can avoid error-prone configurations.

Virtual Hub Routing

Virtual hub routing gives you more control over your infrastructure by allowing you to select how your traffic is routed. You can influence routing decisions for traffic flowing towards on-premises devices.

High Availability Through Azure VPN Client

This feature improves connection availability for point-to-site customers by having a pre-configured additional profile. If for some reason the primary gateway encounters an outage, the VPN client will automatically failover to connect with the secondary gateway.

Benefits of Azure Virtual WAN

Deploying an Azure Virtual WAN provides several key benefits for your IT infrastructure, such as:

  • Better Data Protection: It turns your network into a private network, better protecting it from intrusion and enabling greater control over who can access your system.

  • Simple to configure: It’s easy to connect your networks to a virtual private network. AVW also offers pre-built configurations to easily link spokes (external environments, such as on-prem devices, remote access, etc.).

  • More control over your network: All of your network traffic in your entire hybrid cloud environment flows through AVW. As a result, you can maintain visibility and address performance or security issues more easily.

  • Easily integrate Azure services: You can link together all of your Azure services (Blobs, File Shares, Data Lake, etc.) for better connectivity and workflows.

  • Enhance WAN performance: Through optimized routing policies, you can better manage traffic and enhance transfers over the WAN. AVW WAN transfer is scalable up to 20 Gbps.

Downsides of Azure Virtual WAN

AVW is a great solution for connecting, securing, and enhancing transfer across your Azure cloud storage services and on-premises infrastructure. However, it also has a few downsides, such as:

It Only Works with Azure Storage 

AVW can’t connect to other cloud storage providers (such as AWS, Google Cloud, etc.). So if you’re storing data in a multi-cloud environment, you’ll need another solution to enhance data transfer performance to and across your other clouds. This can overcomplicate your workflows and technology stack.

Extra Costs

Depending upon your replication environment and needs, using AVW may lead to downstream costs for your organization. 

For remote workers to connect to your AVW deployment, you’ll need to invest in and use either an SD-WAN or a VPN. And (as we’ll discuss later) you will also need to invest in 3rd party security software to protect your data.

Slow, Unreliable Point-to-Point Replication

When replicating data across cloud and on-premises endpoints, AVW uses a point-to-point, hub-and-spoke replication architecture.

Hub-and-spoke replication consists of a central hub (in this case, your Azure regions) and multiple “spoke” endpoints (your on-premises devices and cloud endpoints). The spokes can’t communicate with each other directly. All data must first be transferred to the hub, which then transfers the data to each destination endpoint one by one.

This replication topology is slow, as it’s delayed by two processes:

  • The extra step of transferring data to the hub first, rather than directly to the target spokes — a process known as cloud-hopping.

  • The fact that data transfer from the hub to the spokes occurs one by one.

It also creates single points of failure. If the network or device fails on any of your endpoints, it can stop or delay the synchronization of data across your entire environment.

Contrast this with Resilio Connect’s P2P replication architecture, which provides fast and reliable replication by:

  • Enabling any endpoint to transfer data directly to any other endpoint, without any unnecessary cloud-hopping steps.

  • Allowing each endpoint to take part in data ingestion, replication, or sync simultaneously, so you can utilize the full bandwidth and resources of your entire environment.

  • Eliminating single points of failure — if any network or device fails, the necessary files or services can be retrieved from any other endpoint.

Benefits of Resilio Platform as an Alternative to Azure Virtual Network

Resilio Platform is a VPN alternative. Security and reliability are provided end-to-end.  Latency and packet loss are mitigated to gain complete predictability of transfers and synchronization jobs across up to hundreds and thousands of endpoints.  You can use Resilio in conjunction with AVN — using AVN for some traffic and using Resilio to move and sync files. 

Resilio provides fast, reliable, omnidirectional replication across just about any type of device and any S3-compatible cloud object storage, such as Azure Blobs. This means that: you can continue using AVW if you’re using other Azure storage services. But you can also rely on Resilio to manage data replication or sync across your Azure Blobs, other cloud object storage (like S3 or Google Cloud Storage), and on-prem endpoints from a single place.

The benefits of using Resilio Platform include:

1. Superior Replication & WAN Acceleration

Person edits an animation while Resilio syncs files

Resilio Platform can quickly replicate data across any network because it uses:

UDP-Based WAN Acceleration

Resilio Platform utilizes a proprietary WAN optimization protocol known as Zero Gravity Transport™ (ZGT).

ZGT reduces network traffic through advanced deduplication and transport efficiency in order to overcome latency and loss. It optimizes traffic to fully utilize bandwidth and enhance transfers over networks via:

  • A congestion control algorithm: ZGT uses a congestion control algorithm that constantly probes the Round Trip Time in order to calculate and maintain the ideal data packet send rate.

  • Interval acknowledgements: Rather than acknowledging the receipt of every individual packet, ZGT acknowledges packet receipt in groups to reduce network traffic.

  • Delayed retransmission: Rather than retransmitting lost packets individually, ZGT retransmits lost packets in groups once per RTT to reduce unnecessary retransmissions.
File Transfer Time Calculator: Cross-office Server Sync example

With ZGT, Resilio can use any type of network connection, such as VSATs, cell (3G, 4G, 5G), Wi-Fi, broadband, and any IP connection.

Because of ZGT, Resilio Platform is an ideal solution for edge deployments. It provides fast, reliable transfer in areas with little connectivity or unreliable networks — such as at sea or in places with underdeveloped network infrastructure.

Real-Time, P2P Replication

Resilio can replicate and synchronize data in real-time, as well as perform scheduled and manual replication. 

Resilio uses:

  • Optimized checksum calculations: Identification markers assigned to each file that change whenever a change is made to the file.

  • Real-time notifications from the host operating system to immediately detect and replicate file changes (just the changed portions of the file).

You can easily install Resilio agents directly on each of your endpoints. Every endpoint with a Resilio agent can replicate data directly to any other agent and take part in replication simultaneously. 

This replication topology enables Resilio to:

  • Sync your entire environment 3–10x faster than point-to-point solutions. When replicating a file, Resilio uses a process known as file chunking to break the file down into multiple chunks that can transfer independently of each other. This enables every endpoint to work together to synchronize your entire environment.

    For example, imagine you want to sync a file across your environment. Resilio will break that file down into five separate chunks. Endpoint 1 can send one chunk to Endpoint 2. As soon as it receives the first chunk, Endpoint 2 can immediately share it with any other endpoint even before it receives the remaining chunks. With every endpoint sharing file chunks simultaneously, Resilio is able to sync your entire environment 3-10 times faster than point-to-point replication solutions.
P2P vs Client-Server architecture GIF

  • Scale organically. A P2P environment is organically scalable. Since every endpoint can take part in replication concurrently, every endpoint you add to your system only increases the available replication speed and resources. In other words, more demand creates more supply.

    Resilio can sync hundreds of endpoints in roughly the same time it takes most point-to-point solutions to sync two. And Resilio can sync files of any size or number (we successfully synchronized more than 450 million files in a single job).

  • Sync reliably. P2P replication eliminates single points of failure. If any endpoint goes down, the necessary files or services can be retrieved by any other endpoint in your environment.

    Resilio can also dynamically route around outages, such as downed networks and devices. And in the event that a transfer fails midway through, Resilio can perform a checksum restart to resume the transfer where it left off, and will retry transfers until they’re complete.

  • Perform omnidirectional replication. Traditional point-to-point solutions can only sync data in one direction. This means you can sync files from Endpoint A to Endpoint B, but can’t keep both endpoints synchronized with each other. Nor can you sync Endpoint A to multiple endpoints (one-to-many sync), consolidate multiple endpoints to one location (many-to-one sync), or keep multiple endpoints synchronized with each other simultaneously (N-way sync).

    Resilio can sync files in any direction, such as one-way, bidirectional, one-to-many, many-to-one, and N-way sync.

    N-way sync is particularly useful in remote work, disaster recovery, and software update distribution use cases (more on this later).

2. Centralized, Granular Management of Multi-Cloud & On-Premises Environments

AVW  only works in the Azure cloud and with on-premises devices. So if you’re storing data in multiple clouds, you’ll need another WAN acceleration solution for your non-Azure platforms.

But Resilio Platform is a hardware and cloud-agnostic solution that supports just about:

  • Any device: You can install Resilio on desktops, laptops, servers, mobile devices, and virtual machines (such as VMware, Citrix, and hypervisors).

  • Any cloud: Resilio works with almost any cloud storage platform, such as AWS, Azure, Google Cloud Platform, Wasabi, MinIO, Backblaze, and more.

  • Any operating system: Resilio is compatible with any operating system, such as Windows, Linux, macOS, Unix, Ubuntu, FreeBSD, OpenBSD, and more.
Resilio Platform works with any S3-compatible cloud storage provider, such as AWS, Google Cloud Platform, Microsoft Azure, Wasabi, MinIO, Oracle, and more.

Since there’s no need to buy new hardware or go through lengthy data migrations, you can install Resilio on your existing infrastructure and begin replicating in as little as two hours. 

And you can manage data replication across all of your on-premises and cloud endpoints from a single, centralized location.

Resilio Platform Overview, General Info, Statistics

Resilio’s Management Console gives you granular control over how replication occurs, and enables you to:

  • Automate how syncs occur at each endpoint in your environment.

  • Create bandwidth utilization policies that govern how much bandwidth each endpoint can use during certain times of the day and on certain days of the week.

  • Optimize performance and resource utilization by adjusting replication parameters (e.g., packet size, data hashing, buffer size, disk I/O threads, etc.).

  • Script any type of functionality a job requires using Resilio’s powerful REST API.

Case Study: Deutsche Aircraft

Deutsche Aircraft

Deutsche Aircraft is a manufacturer of commercial aircraft. They switched from DFSR to Resilio Platform to sync their Microsoft DFS namespace, secure their critical data, reduce the complexity of data management, and increase efficiency.

“We have a 10Gbps network but prefer to use under 1Gbps for data transfer and replication. With Resilio, we’re able to keep that down to 250Mbps during the day and at night move back up to 1GBps… Resilio Platform is much easier to manage than DFSR. Using the Resilio Platform management console, you can see everything you need to know. Everything is visible.”

Learn how Deutsche Aircraft uses Resilio Platform to manage data synchronization in 1/8th as their previous solution.

3. Enhance Performance for Multiple Use Cases

Resilio’s features and capabilities make it well-suited to many cloud and hybrid cloud use cases, such as:

Enhanced Productivity and Efficiency for Remote/Hybrid Workforces

Remote workers can install Resilio agents on their workstations, and use Resilio with whatever connection is available to them (Wi-Fi, VSAT, IP, cell, broadband, etc.).

You can program data syncs to occur automatically in real-time. Employees can collaborate on the same files from anywhere in the world. With N-way sync, anytime a change is made to a file, that change is  automatically synchronized to everyone else in your organization.

Resilio Platform can integrate with many digital media tools and creative software, such as Adobe Premiere Pro, Avid Pro Tools, and Media Composer.

You can also use Resilio as an object storage gateway for low-latency access to files stored in any S3-compatible cloud object storage. You can use Resilio’s storage gateway to increase efficiency and productivity in your workflows by using features such as:

  • Selective sync: You can choose which files sync to which endpoints, so you can reduce data transfer and egress charges by only sending files to employees/endpoints that need them. And syncs occur automatically, so employees don’t have to manually sync and can focus on their tasks.

  • Selective cache: You can choose which specific files get stored on local devices. This allows you to provide employees with quicker access to the files they need, reduce data transfer and egress costs, and free up space on your on-prem devices.

  • Partial downloads: Employees can perform full or partial downloads of files, so they get faster access to the files they need while reducing egress costs.

Your applications and workflows work just as they would in the office — but now users can have fast access to files from remote locations through a single, unified interface that operates much like Microsoft OneDrive.

How to select the "Always keep on this device" option.

Resilio also offers a Proxy Server. The Proxy Server provides the ability to configure outbound connections and use a single IP address behind the corporate firewall, which:

  • Improves security by isolating inbound traffic from data transfers (no data is stored on the proxy).

  • Improves flexibility through centralized port assignment and management.

  • Supports firewalls and load balancing tech.

Case Study: Delirio Films

Delirio Films produces documentaries such as “Reggie” and “They Call Me Magic.” Their projects require fast collaboration among multiple distributed team members, and integration with media tools such as DaVinci Resolve and Avid Media Composer. They use Resilio Platform to reliably sync files across production sites and enhance production workloads.

“Remote work would be cumbersome and cost prohibitive without Resilio. By integrating Resilio Platform into our workflow, we’re able to meet demanding production schedules using top talent. Resilio gives us the flexibility to use our choice of tools, storage, and other investments we either already own or will need in the future.”

Learn more about how Delirio Films uses Resilio Platform for easy, reliable sync.

Enhance Disaster Recovery Speed and Reliability

Resilio’s real-time replication and N-way sync capabilities enhance hot-site disaster recovery scenarios. 

Resilio effectively turns every endpoint into a backup site and enables you to achieve Active-Active High Availability. When a disaster occurs, every endpoint can work together to quickly bring your application back online. Resilio can achieve sub-five-second RPOs and RTOs within minutes of an outage.

Hot/Live DR: Multi-site Active/Active; Warm DR: Active/Active; Cold DR: Active/Passive; Offsite Copy: Backup Copy

Reduce Software Distribution Time

Resilio can perform one-to-many replication to distribute software updates to hundreds of endpoints simultaneously. And its P2P architecture and WAN acceleration technology provide fast transfer speeds over any network — reducing software update distribution time. 

Case Study: VoiceBase

VoiceBase is a software that provides speech-to-text transcriptions for video and audio. VoiceBase uses Resilio Platform to distribute software updates (speech model files of 50+ GB) across more than 400 production servers every month.

Resilio Platform enables us to reliably distribute our code, specifically new language models in a fraction of the time. These copy jobs now take an hour, down from eight. Best of all, once Resilio Platform was installed, it just works: We never need to manually intervene in any way.

Learn more about how VoiceBase uses Resilio Platform to reduce software distribution time by 88%.

Sync Web and App Servers and Meet SLAs

Web and app companies can use Resilio’s N-way sync capability to quickly sync updates across hundreds of globally distributed servers. And with Resilio’s ability to provide Active-Active High Availability, fully utilize any network, and dynamically route around outages, web and app companies can meet SLAs and maintain a positive end-user experience.

Case Study: MixHits Radio

MixHits Radio

MixHits Radio is a music streaming service that provides music and playlists for businesses like McDonald’s. They use Resilio Platform to keep their music metadata synchronized, in real-time, for all of their US-based servers.

“We have gone from spending 15 hours on average per week troubleshooting conflicts in the prior solution to spending no time at all with Resilio. We configure jobs once in the Resilio Platform Management Console and never have to look at it again.” 

Learn more about how MixHits Radio uses Resilio Platform to synchronize servers over the WAN.

4. Increase Data Protection with Built-In Security Features

For those enabling remote access to their AVW via VPNs and SD-WANs, there is an additional security risk. VPNs and SD-WANs don’t inspect the traffic that they carry for potentially malicious content. Attackers can potentially compromise any of these to move laterally through your network and attack other components.

When using AVW, you must invest in a 3rd party enterprise security solution to keep your data and environment secure — increasing the costs and complexity of data replication.

Resilio, however, includes built-in security features that protect your data in all scenarios. These features include: 

  • AES encryption: Resilio encrypts data at rest and in transit using AES 256-bit encryption.

  • Mutual authentication: Before receiving any data, each endpoint must provide an authentication key — ensuring data only goes to secure, approved endpoints.

  • Permission controls: You can manage who can access specific files and folders through Resilio’s Management Console.

  • Immutable copies: Resilio stores immutable copies of files in the cloud, protecting you from ransomware attacks.

  • Forward secrecy: Resilio uses one-time session encryption keys to protect each session.
Mutual Authentication: Data is only delivered to designated endpoints; In-Transit Encryption: Data can't be intercepted or hacked; Integrity Validation Process: Ensures data remains intact

Use Resilio Platform for Azure WAN Acceleration

Resilio Platform is a powerful file synchronization software system that you can use with or instead of Azure Virtual WAN to achieve fast, reliable transfer over any network. With Resilio, you can:

  • Enhance replication over any type of connection (VSAT, cell, Wi-Fi, broadband, IP, edge), on any device, and in any cloud.

  • Achieve blazing-fast, resilient, and reliable replication through Resilio’s P2P replication architecture.
  • Optimize WAN transfer across any cloud provider’s network (including Azure, AWS, Google Cloud, and more) with Resilio’s proprietary WAN acceleration protocol.

  • Manage your entire hybrid and multi-cloud replication environment from a single, centralized location.

  • Keep your data secure end-to-end with Resilio’s built-in security features.

Organizations in entertainment, media, software, gaming, construction, retail, and more use Resilio Platform to replicate and sync data in cloud and hybrid cloud deployments. To learn more about how Resilio Platform can help you quickly and reliably replicate data across Azure (or any cloud), schedule a demo with our team.

Overview

Learn how Azure’s Virtual WAN solution works and how Resilio can help you overcome its downsides.
Related Posts