What is Aviatrix?
Founded in 2014 by Sherry Wei and headquartered in Palo Alto, California, Aviatrix is a pioneer in multicloud networking software (MCNS).
Aviatrix provides a single point of management for network connectivity and security especially in (but not limited to) multicloud environments. This is a hot topic right now because a growing number of enterprises are adopting infrastructure as code and deploying workloads using not just one cloud platform but multiple. That’s because enterprises will run their various workloads where they run best. There are a myriad of business reasons—including customer-centric approaches and acquisitions scenarios—as to why enterprises don’t limit themselves to a single cloud platform.
However, when you use a combination of say, Amazon Web Services (AWS), Google Cloud Platform (GCP), Microsoft Azure, the networking component becomes a point of frustration for the cloud customer. In this article we dig into why that is, and how Aviatrix is perfectly positioned to solve these challenges.
What is Aviatrix used for?
Let’s take a look at how Aviatrix solves some challenges :
Solving networking problems across multiple black-box cloud platforms
First, let’s talk networking and network security. As Aviatrix president and CEO, Steve Mullaney, said in an interview on theCUBE, “The network is down in the bowels. It’s like plumbing, electricity. It has to be there, but people want to forget about it.”
Mullaney goes on to explain that the network becomes an afterthought as organisations move to cloud to compete and scale for business reasons, leaving their internal tech teams to deal with the gaps that come with horizontal scaling across multiple cloud providers.
Here’s the problem. You can’t simply take the traditional on-premise approach and apply it to cloud. So, where enterprises used to have control and visibility with on-prem infrastructure, when they take their workloads to cloud, they give up much of that control and visibility. This is why technology officers often call it a black box. And that’s exactly why networking and network security are evolving rapidly in cloud computing.
Aviatrix introduces multicloud “native” networking and network security
Aviatrix has swooped in to integrate with the basic native constructs that come with each cloud provider and add functionality on top of that. As a customer, you get advanced networking security and advanced operational capabilities on top of what these providers are giving you.
In a nutshell, Aviatrix offers advanced, customizable control, visibility, and observability by creating an abstraction layer above all the different clouds. It essentially allows you to go back to that traditional on-prem-like experience by transforming your multicloud experience into a uniform architecture.
In the words of Simon Richard, research director at Gartner, “As enterprises require more advanced public cloud networking, centrally managed, cloud-native solutions like Aviatrix leverage the cloud providers’ native networking and security services such as peering and security groups, while augmenting those core services.”
Don’t cloud platforms provide their own cloud-native networking capabilities?
Yes. But every cloud is its own beast, integration is a headache, and none of the cloud service providers offer the level of visibility and observability that companies are looking for so they can have the control they need.
Leveraging evidentiary data
In a video discussing Splunk’s implementation of Aviatrix, Steve Mullaney shares a common customer pain point that comes up repeatedly:
“When you go to the cloud providers, they’re a black box. And so our customers go to them and say, ‘Hey, I need visibility,’ and the cloud providers say, ‘No, no. You don’t understand. We’re a service; you don’t need to know.’ And our customers say, ‘No no. You don’t understand. We’re the guys who need to know. Because when something goes wrong, guess who gets fired. It’s us. So we need to know.”
Mullaney goes on to explain how the cloud provider and customer will point fingers, where the customer says, “You have a problem,” and the cloud says, “No we don’t. It’s your problem.” It goes back and forth, and the cloud provider will put the burden of proof on the customer. Aviatrix allows the customer to come back with evidentiary data. With data, the customer can cut down on diagnostics and troubleshooting.
The Aviatrix difference
Aviatrix often goes out of their way to highlight an important point of confusion.
Aviatrix actually does networking in the cloud and between the clouds, and this is different than what other vendors are selling.
In a William Blair spotlight newsletter, Mullaney explained the importance of recognizing the difference between networking to multiple clouds and multicloud networking: “Many data-centrer–centric technologies and services are designed to connect branch offices to data centers, or data centers to other data centers.” So examples of this are SD-WAN, private connectivity providers such as Equinix and Megaport, or SASE offerings such as Palo Alto Networks and Zscaler. These might market their solutions as “multicloud” in the sense that they connect to multiple clouds, but they “stop at each cloud’s edge.”
Mullaney added, “True multicloud networking also delivers networking within and across public clouds with a consistent and repeatable network and security architecture and offers enterprise-class operational visibility in the cloud, while also supporting connections to the solutions described.”
In other words, what you will often find is that Aviatrix gets compared to these competitors, but they’re not truly in the same category. Aviatrix offers end-to-end encryption and visibility.
How does Aviatrix work?
Aviatrix has three primary components:
- Controller. This is the platform’s brain. It understands all of the networking constructs and services deployed in the enterprise’s multicloud network and all cloud accounts. It “maintains correctness” as the customer deploys new services and applications.
- Gateways. This is the software that operates on an enterprise’s clouds. Gateways “deliver the advanced networking, security, and operational services of the platform.”
- CoPilot. This is the component that gives you operational visibility, monitoring, and troubleshooting. It gives you access to the information you need to “accelerate service delivery, reduce mean time to problem resolution, and improve operational efficiency.”
What are the main benefits of Aviatrix?
Aviatrix allows organisations to accomplish a number of things:
- Accelerate their adoption of cloud
- Drive business growth by leveraging all of the advantages of cloud computing
- Scale with greater ease through consistency and repeatability
- Ensure enterprise-grade cloud security
- Improve their cybersecurity posture
- Meet compliance requirements
- Bridge internal skills gaps quickly
- Get the visibility and control they need
- Pinpoint and troubleshoot quickly
- Deploy within minutes
Customers like Splunk have reported that Aviatrix has not only met requirements but also pleasantly exceeded expectations by offering more functionalities and alleviating more burdens than they realised was possible.
Tell me more about Aviatrix’s approach to network security
Aviatrix allows you to identify and remediate threats via what they call ThreatIQ with ThreatGuard.
Since Aviatrix’s multicloud native data plane sees every flow across your multicloud network, ThreatIQ compares the destination IPs to a dynamic database of known malicious IPs. If it sees any, it will fire an alert and rank the threat severity. When enabled, ThreatGuard will immediately apply a stateful firewall rule at the relevant gateway and block the flows in question.
Within weeks of Aviatrix rolling out its ThreatIQ with ThreatGuard feature, customers discovered they had indeed been compromised without knowing it.
“Several customers found that their cloud workloads were being used for Bitcoin mining. Some found connections to TOR servers, and even connections to bad actors who are known to create malicious bot activity,” Rod Stuhlmuller, VP of Solutions Marketing at Aviatrix, said in a Sound Bytes video.
Stuhlmuller added that this was a big surprise to customers because they had invested large sums of money into single-point-of-inspection security products and services to protect against these types of attacks.
And that’s just it. Aviatrix goes beyond single point of inspection. “The Aviatrix infrastructure as a whole is an intelligent network that’s looking at all traffic flows and taking control actions automatically at any time anywhere across the multicloud network.”
Aviatrix’s findings are not surprising when you consider that, according to Gartner, “through 2025, 90% of the organisations that fail to control public cloud use will inappropriately share sensitive data.” Gartner adds, “Cloud strategies usually lag behind in cloud use. This leaves most organisations with a large amount of unsanctioned, and even unrecognised, public cloud use, creating unnecessary risk exposure.”
All the more reason to include Aviatrix as part of a multicloud migration strategy, especially considering the every-heightening importance of compliance.
It should be noted that Aviatrix is a Network Security Competency Partner for AWS, a designation AWS does not give out lightly.
Which companies are using Aviatrix?
Organisations are catching on quickly, and there are some big names in the mix:
- Splunk
- Adobe
- Heineken
- AAA
- NASA
- Raytheon Technologies
- Virgin Australia
- Aflac
- Avis Budget Group
- Hyatt
These and many others have chosen Aviatrix to increase security, reduce operational overhead, accelerate workload deployment, and scale.
In fact, Gartner has predicted that by the end of 2023, the number of organisations using multiclcoud networking software—such as Aviatrix—for multiple functions will increase by 30 percent, along with MCNS vendor revenue.
How can I learn more?
This article is a part of a greater series centred around the technologies and themes found within the first edition of the TechRadar by Devoteam . To read further into these topics, please download the TechRadar by Devoteam