How to Limit the Impact of Public Cloud Egress Charges With DaaS or VDI Solution

Are your clients shifting to Desktop as a Service (DaaS), or sometimes called a Virtual Desktop Infrastructure (VDI) solution as a result of the recent current events taking place? How does this affect your clients’ network, and are you up-to-speed on what this means for the egress fees they could face?

How to Limit the Impact of Public Cloud Egress Charges With DaaS or VDI Solution
How to Limit the Impact of Public Cloud Egress Charges With DaaS or VDI Solution

It’s important to understand the implications and cost this change in business could have for your clients.

Read on this article and learn:

  • A detailed comparison of two methods: a multicloud networking platform + private connectivity vs. Cloud Service Provider VPN
  • How to solve one of the associated challenges—the dreaded cloud egress bandwidth charges
  • A cost comparison based on egress bandwidth traffic between private connectivity options vs. VPN over the public Internet

As millions of employees are moving to their “new normal” of working from home as a response to this pandemic we are all facing, it is imperative companies equip their employees with the best possible remote access technology to accomplish their daily work. Often, the first step in the process is to consider moving employee desktops to the public cloud providers leveraging a Desktop as a Service (DaaS), or sometimes called a Virtual Desktop Infrastructure (VDI) solution.

This is a great first step, but it comes with challenges. While Pureport is not in the DaaS/ VDI business, we wanted to share an idea about how Pureport can help solve one of the associated challenges—the dreaded cloud egress bandwidth charges.

As background: Each of the public cloud providers allows free data ingress into the cloud, but most charge a premium for data that comes out of the cloud (aka egress). This can become a challenge when moving to a cloud-based DaaS solution, as employees often need to move data from their desktop (now in the cloud) to their corporate data center in order to access applications and services housed there.

To illustrate, let’s walk through the typical DaaS journey.

Company’s DaaS Adoption Journey

  1. Identify a DaaS partner to move employee desktops into a public cloud provider’s platform. There are tons of good choices in this space, and most DaaS partners are available in more than one public cloud provider.
  2. Spin up employee desktops in the public cloud, leveraging support from the DaaS provider and/or consultants who can assist in this space.
  3. Test connectivity from employee laptops or home computers to their new desktop in the cloud over the public internet.
  4. Identify the other “corporate data center/HQ” applications to which the employee needs access.
  5. Build connectivity between the DaaS solution in the cloud and the resources employees need in the legacy data center.

There are typically two options for building connectivity between new DaaS services in the public cloud and legacy data center.

  1. Cloud Service Provider VPN: Each of the cloud providers has a site-to-site VPN service that will allow encrypted connectivity over the public internet between workloads in the cloud and the corporate data center. This is a great option for fast/easy connectivity, but it has one major drawback. Since it leverages the public internet, all data flowing from the cloud (in this case the employee’s desktop) to the corporate data center will be charged a relatively high egress bandwidth charge (typically .08–.09 per GB of data). Ouch!
  2. Build Private Connectivity: Each of the cloud providers provides a private connectivity option to their cloud. You may have heard of AWS Direct Connect, Azure ExpressRoute, Google Cloud Interconnect, or Oracle FastConnect. These significantly reduce the egress bandwidth charges, as most of the cloud providers offer highly discounted egress using their private connectivity options (typically .02–.03 per GB—which can be up to 70% savings).

The downside is that this requires the company to either co-locate equipment at one of the cloud on-ramp locations or pay a network service provider and often wait for 60–90 days to spin up the connection. While the discounted egress rate and improved performance are helpful, it can’t be accomplished within the time constraints of our current situation.

Pureport is proud to be one of the only providers in the market that can give businesses the best of both worlds. Leveraging the Pureport Multicloud Fabric®, companies can immediately spin up the private connectivity options offered by the major public cloud providers. Within Pureport’s self-service Console (which offers automation and orchestration capabilities), organizations can deploy these connections in a matter of minutes.

Each of the cloud providers provides a private connectivity option to their cloud.
Each of the cloud providers provides a private connectivity option to their cloud.

Once connected to the cloud resources, users can build a VPN connection from the Pureport platform back to their on-premises data center or office.

This allows the speed of a cloud-based VPN solution, coupled with the discounted egress benefit of the private connectivity options. The good news… this can be accomplished on-demand with the Pureport platform and be completed in well under an hour.

Source: Pureport

Published by Thomas Apel

, a dynamic and self-motivated information technology architect, with a thorough knowledge of all facets pertaining to system and network infrastructure design, implementation and administration. I enjoy the technical writing process and answering readers' comments included.