Let me start with a quick overview of what these components are and where they may fit strategically in your organization. First, let’s look at VPNs, which support a couple types of interaction and run over public internet. One VPN gateway is site to site integration, meaning you plug your data center into Azure on a VPN and have them trust each other. This is a common way to start out with Azure.
Or you can use a point to site gateway, which means you want to take your laptop and have it secured using a VPN into Azure and both these VPNs are supported across the platform. Which you choose depends on what makes sense for you. If you have a mobile workforce, you may need to do a lot of point to site work, for instance.
Express Routes, unlike VPNs, run on dedicated private network fiber. To make Express Route happen, you’ll need a connectivity partner (like AT&T or Verizon) to provide the private fiber connection between your assets and the Azure cloud. Express Route is appealing from both a performance and security standpoint, but it’s not always something you can easily scale out due to cost implications and there’s more work involved.
Let’s look at some comparisons:
Bottom line is, because of the complexity and cost of all these scenarios, it’s common to leverage multiple types of connectivity to Azure based on your needs for your business. You need to keep in mind all factors, such as security, performance and SLA capabilities. VPNs can be turned on quickly, where using Express Route will take a lot more work to utilize.
Choose wisely to make the best, most cost-effective choice for your organization. If you have questions about network connectivity or the best choice based on your needs or anything Azure related, click the link below—we’re here to help.