You can choose from several network configuration options for VMware Live Cyber Recovery that best match your security budget.

Internet Connectivity

Using an internet connection is the easiest to implement and deploy, but this configuration is only suitable for POCs or small deployments used for testing and planning. As a best practice, this configuration is not a good idea for production environments.

VPN or AWS Direct Connect

Both VPN and AWS Direct Connect are ideal connectivity solutions for extending the on-premises network to the recovery SDDC network. Both are secure, so your decision depends on your budget and performance needs.

If your budget is a major constraint, then VPN is cheaper and easier and faster to set up. You can set up a VPN connection in a matter of minutes compared with days required to set up AWS Direct Connect.

You can estimate VPN cost based on data center internet connectivity charges plus a router/firewall, whereas AWS Direct Connect requires installing a dedicated line that connects your data center to the nearest AWS connection point.

The significant advantage of AWS Direct Connect is the latency and the bandwidth:
  • Latency for AWS Direct Connect is 20-30 milliseconds. VPN latency can be 80-100 milliseconds.
  • Bandwidth with AWS Direct Connect is 1 Gbps, 10 Gbps, or 100 Gbps. A VPN measures bandwidth in Mbps, not in Gbps.
The following table summarizes the advantages and disadvantages of each network connectivity type. Regardless of the type you choose, we recommend choosing the most secure that you can afford.
Internet Connectivity IPsec VPN AWS Direct Connect
Security Posture





Low Cost

Fast to setup

Easy to configure

Low cost

High Security

Fast to setup

Not difficult to setup

Low latency (~20-30ms)

High bandwidth (up to 100 Gbps)

High Security



Low security

Latency (~80-100ms)

Limited bandwidth (Mbps)

Higher cost

Long Installation and configuration

Recommended Use POC or testing