You can choose from several network configuration options for VMware Live Cyber Recovery that best match your security budget.
Internet Connectivity
Using an internet connection is the easiest to implement and deploy, but this configuration is only suitable for POCs or small deployments used for testing and planning. As a best practice, this configuration is not a good idea for production environments.
VPN or AWS Direct Connect
Both VPN and AWS Direct Connect are ideal connectivity solutions for extending the on-premises network to the recovery SDDC network. Both are secure, so your decision depends on your budget and performance needs.
If your budget is a major constraint, then VPN is cheaper and easier and faster to set up. You can set up a VPN connection in a matter of minutes compared with days required to set up AWS Direct Connect.
You can estimate VPN cost based on data center internet connectivity charges plus a router/firewall, whereas AWS Direct Connect requires installing a dedicated line that connects your data center to the nearest AWS connection point.
- Latency for AWS Direct Connect is 20-30 milliseconds. VPN latency can be 80-100 milliseconds.
- Bandwidth with AWS Direct Connect is 1 Gbps, 10 Gbps, or 100 Gbps. A VPN measures bandwidth in Mbps, not in Gbps.
| Internet Connectivity | IPsec VPN | AWS Direct Connect | |
|---|---|---|---|
| Security Posture | Low |
High |
High |
| Advantages | Low Cost Fast to setup Easy to configure |
Low cost High Security Fast to setup Not difficult to setup |
Low latency (~20-30ms) High bandwidth (up to 100 Gbps) High Security |
| Disadvantages | Latency Low security |
Latency (~80-100ms) Limited bandwidth (Mbps) |
Higher cost Long Installation and configuration |
| Recommended Use | POC or testing | Production |
Production |
