When using Amazon Web Services, you have several options for connecting to your AWS environments. The following table identifies each option, including the advantages and limitations of each.


Additionally, the table describes the Pureport support for each use case.



OptionUse CaseAdvantagesLimitationsPureport Supported
AWS Virtual Private Gateway
Managed VPN Connectivity to your AWS resources from your private network.
Fully managed on the AWS end. Elastic and HA when deployed following AWS best practices.
Subject to internet outages or performance degradation due to internet utilization.
No. Pureport replaces this option with providing last-mile VPN connectivity between your site and Pureport, and Direct Connect into your VPCs.
AWS Direct Connect Public Interface
Accessing AWS public services using public IP addresses over private lines.Traffic to the chosen AWS public services remains within the AWS global network backbone, after it enters the AWS global backbone.Prefixes of services such as Route53 or certain CloudFront locations that are not on the Amazon backbone network will not be advertised through Direct Connect.


Yes. Pureport automatically assigns the public peering IPs and handles the NAT requirements for the supported public services you choose.
AWS Direct Connect Private Interface
Dedicated network connection over private lines between your site and AWS.

More predictable network performance. Reduced bandwidth costs.


Supports BGP peering and routing policies.


Traditionally, this can require additional telecom and hosting provider relationships or new network circuits to be provisioned.

Can't access AWS public services via Direct Connect, you must use the public IP addresses.

Complicated if you have overlapping IP addresses in your VPCs and your physical location networks.
Yes, including Cloud Grade NAT that helps eliminate IP overlap issues and provides BGP peering of the NAT network ranges.
AWS Direct Connect GatewaySharing a Private Interface with up to ten VPCs, across multiple regions.Can use a single Direct Connect Private Virtual Interface to connect up to 10 VPCs across all regions (except China) to your physical site.A Direct Connect Gateway can only associate to VPCs in accounts that belong to the same AWS payer account ID.Yes. AWS limits and requirements apply.
AWS Transit GatewayBuild a hub-and-spoke network topology to connect your VPCs, remote sites, data centers and branch offices via Direct Connect and VPN.Allows routing between VPCs, remote sites, and VPNs. Direct Connect is supported, and you can attach VPCs from different accounts.
Not available in all AWS regions. AWS has a limit of 5 per account. Requires a 1Gbps or higher Direct Connect to use a Direct Connect Gateway.No. Direct Connect support requires a 1Gbps or higher Direct Connect, which Pureport does not support at this time. But, this will be available soon.


For complete information on these services and other AWS connectivity solutions, see: https://docs.aws.amazon.com/aws-technical-content/latest/aws-vpc-connectivity-options/network-to-amazon-vpc-connectivity-options.html