Aviatrix Secure Edge Use Cases

This document illustrates these common use cases for deploying Aviatrix Secure Edge.

Extend Aviatrix to Edge Locations
Aviatrix Secure Edge for On-Premises - Cloud Orchestration, Simplified Onboarding
Aviatrix Secure Edge for On-Premises - Increased Performance, Reduced Operational Overhead, Bottlenecks Removed
Edge Gateways for Multiple Edge Sites
Multiple Edge Gateways for Single Edge Site
Edge Gateway Connectivity to Different LAN Routers (Multiple Sites)
Edge Gateway Connectivity to Different LAN Routers (Single Site)
Edge Gateway to AWS TGW Domain with FireNet Enabled

Extend Aviatrix to Edge Locations

This diagram illustrates Aviatrix Edge Gateways deployed at multiple edge locations.

Aviatrix Secure Edge for On-Premises

Cloud Orchestration and Simplified Onboarding

Ease of onboarding

Instantly onboard HW orchestrated via Cloud
Manage and operate the Edge HW and network software via cloud
No IT expertise required to connect and deploy the Edge HW

Drive better cost & FTE efficiencies

Simplified deployment with automation
Deploy Edge network software to multiple devices at scale via Cloud
Single automation stack across cloud and on-prem
Faster deployment and onboarding of connectivity from on-prem to cloud and on-prem to multi-cloud

Increased Performance, Reduced Operational Overhead, and Bottlenecks Removed

IPSec Encrypted line rate throughput from cloud to on-prem via public or private connectivity
Repeatable architecture
Same overlay from Cloud to Edge
Consistent security protocols
Config driven via cloud and consistent secure IPSec state across Edge
E2E visibility – Within Cloud and Cloud to Edge

Multiple Edge Gateways for Multiple Edge Sites

This use case illustrates Edge Gateways with BGP connection to a VIP. The Edge Gateways can be set up at multiple edge sites as shown in the diagram with Site A and Site B.

Multiple Edge Gateways for Single Edge Site

This use case illustrates multiple Edge Gateways on the same edge site for horizontal scaling or multiple Active-Active connections from cloud to edge.

Edge Gateway Connectivity to Different LAN Routers (Multiple Sites)

This use case illustrates Edge Gateways on different edge sites with active and standby peering connections to different LAN routers.

Edge Gateway Connectivity to Different LAN Routers (Single Site)

This use case illustrates multiple Edge Gateways on the same edge site with peering connections to different LAN routers.

Only Active-Active high availability mode is supported with more than two Edge Gateways on the same site.

Edge Gateway to AWS TGW Domain with FireNet Enabled

When FireNet inspection is enabled for an AWS TGW domain, the Aviatrix Edge domain cannot be associated to that domain. Because of a limitation that is attributed to how AWS configures its TGW domains, the on-premises routes from the Edge domain are not installed in the Spoke TGW route table via the Aviatrix Transit Gateway.

To overcome the AWS TGW domain limitation, create another pair of Edge Gateways and associate the gateways to the Transit Gateways with the associated TGWs without segmentation on Edge.