Aviatrix Glossary

The Aviatrix Certified Engineer (ACE) program is a multi-cloud networking and security certification available to technical professionals and cloud practitioners. The program offers an overview of the networking industry’s move from on-premise to cloud servers, the main cloud service providers (AWS, Azure, GCP, and OCI) and their platforms, the necessity of multi-cloud networking architecture, and case studies that demonstrate how multi-cloud networking architecture has benefited specific customers.

ActiveMesh is an Aviatrix networking architecture that provides a highly-available and scalable encrypted transit network for cloud environments. It is based on a load balancing model where both primary and backup gateways forward packets, thus improving network performance and resiliency. This architecture ensures that the network remains highly available and resilient. In ActiveMesh mode, multiple remotes sites can be connected to the Aviatrix Transit gateways.

The network managed by the Aviatrix Cloud Networking Platform, the network data plane. Aviatrix AirSpace includes telemetry and distributed controls embedded in the network data plane to deliver advanced networking, distributed firewalling, and enterprise-class visibility and troubleshooting.

The new Aviatrix Encrypted Transit Network architecture where both primary gateways and backup gateways forward data packets in a load-balancing fashion to maximize performance. ActiveMesh is a step beyond a full-mesh structure, in which every node in the network is connected to every other node.

The network managed by the Aviatrix Cloud Networking software including connections between users, devices, cloud native services and applications. Security is built into every level of your Aviatrix network with Aviatrix high-performance encryption (HPE), ThreatIQ monitoring, and distributed firewalling.

A cloud instance of the Aviatrix software that processes network operations. The controller manages connections, gateways, users, security, and other networking operations.

CoPilot is the Aviatrix software GUI used to configure all your network connections, policies, and monitor all gateways and traffic on your network. Customizable monitoring tools give you views of network resource usage, performance, security threats, and financial data.

A turnkey or ready-made network solution to deploy firewall instances in the cloud. FireNet significantly simplifies firewall instance deployment and allows the firewall instances to inspect traffic between VPCs/VNets/VCNs (East West) traffic, between VPCs/VNets/VCNs and the Internet (Egress) traffic, and VPC/VNet/VCN to on-prem (North South) traffic.

FireNet also allows you to scale firewall deployment to multiple Availability Zones and multi-instances so that your network can grow with your company.

The hardware/virtual appliance provided by Aviatrix as an alternative to SDWAN solutions (formerly known as CloudN or ExoGateway). Aviatrix Edge connects different CSP (Cloud Service Provider) networks in its multi-cloud networking architecture framework.

An Aviatrix gateway is a virtual router you deploy in your network to route traffic in accordance with the connection and security policies you define in Aviatrix Secure Cloud Network Platform. Aviatrix gateways support the connectivity requirements of cloud networks that use a transit hub-and-spoke architecture and are available in different types: Transit, Spoke, Egress, VPN, and NAT.

Transit: Connectivity between on-prem and the cloud. Site-to-cloud single region or multiple region and site-to-cloud single cloud or multiple cloud. For advanced transit networking, connectivity between one region to another or one cloud to another.

Spoke: Connectivity between the Spoke VPC/VNet to the Transit. Deployed on the Spoke VPC/VNet. A spoke gateway can also be a site-to-cloud landing option.

Egress: An Aviatrix gateway that performs the function of cloud-to-Internet egress filtering and egress security. Connectivity between a VPC/VNet and the Internet.

VPN: An Aviatrix gateway that performs the function of VPN connectivity. Connectivity between your partners/branches and your cloud services for site-to-cloud VPN access (deployed on the partner/branch side). Also, connectivity between your remote users and the cloud for dynamic enforcement to differentiate the different users connecting into the cloud. Useful for companies that have no on-prem data center (all resources are in the cloud).

NAT: An Aviatrix gateway that performs the network address translation (NAT) function.

Edge: An Aviatrix gateway that enables connectivity to edge locations such as data centers, co-locations, remote sites, provider locations, branch offices, and retail stores.

In Aviatrix’s Hub-and-Spoke topology, a Spoke Gateway connects components within the same CSP (Cloud Service Provider) main account or tenancy.

In Aviatrix’s Hub-and-Spoke Topology, a Transit Gateway connects a company’s subnets across the main Cloud Service Providers: AWS, Azure, GCP & OCI. This Transit Gateway connection provides high-speed and secure data transfers between networks while allowing for traffic engineering and multi-account subscription monitoring.

Aviatrix CoPilot feature that offers visibility into costs of resources across all clouds in your multi-cloud network that are managed by Aviatrix Controller. This feature provides visibility into shared services used by cost centers for bill back purposes. CostIQ is an add-on feature that must be enabled by application administrators.

Secures VPC/VNet/VCN Egress by filtering outbound traffic to the Internet. This feature enables companies to discover what Internet sites their cloud apps are communicating with, push filtering policies instantly to one VPC or hundreds of VPCs, move from NAT Gateway (IP address based) to Fully Qualified Domain Name (FQDN) filtering, and audit all events, including the packets.

You can view Egress FQDN filtering in the Aviatrix Controller, Aviatrix CoPilot, or by exporting logs.

Aviatrix CoPilot’s dynamic topology mapping, which helps companies maintain an accurate view of their global multi-cloud networks. FlowIQ helps you analyze global network traffic flows using global heat maps and time series trend charts to easily pinpoint and troubleshoot traffic anomalies.

Aviatrix CoPilot feature that enables you to monitor for security threats in your Aviatrix cloud network, set alerts when threats are detected in the network traffic flows, and block traffic that is associated with threats. All of these capabilities apply to your entire cloud network (multi-cloud or single cloud) that is managed by Aviatrix Controller.

WebGroups define Domains and URLs into a group which can be used in the Distributed Firewalling Rules as a matching condition for the Rule action to be enforced.