AWS Cloud WAN is a managed wide-area network (WAN) service that gives you a central dashboard to build, manage, and monitor a global network that spans your on-premises locations and AWS Regions.
What it does
Cloud WAN uses a global network as the core resource. You attach your existing networks—VPCs via Transit Gateway, on-prem via VPN or Direct Connect—to this global network as core network segments. Routing is handled in the cloud; you define policies for segmentation and encryption, and Cloud WAN takes care of the underlying connectivity and routing.
That means you can:
- Connect multiple Regions and on-prem sites through a single logical WAN
- Use a single place (the AWS console or APIs) to manage routing and segmentation
- Apply consistent security and encryption policies across the global network
When it makes sense
Cloud WAN is a good fit when you have (or are planning):
- Multiple AWS Regions and multiple on-prem locations that need to talk in a hub-and-spoke or mesh style
- A desire to move WAN design and operations into the cloud instead of managing traditional SD-WAN or MPLS yourself
- Requirements for network segmentation (e.g. dev vs prod, or per-business-unit) that you want to express as policy rather than manual routing
It’s more than “Transit Gateway in multiple Regions”—it’s a dedicated control plane and operations model for a global WAN, with a per-hour and per-GB cost model.
How we use it
We use Cloud WAN when a client’s footprint is multi-Region and multi-site and they want a single, policy-driven WAN. We design the core network, segment strategy, and attachment of VPCs and on-prem, and we integrate it with the rest of their AWS network—Transit Gateway, Direct Connect, and VPN—so the global network and the existing pieces work together.
If you’re weighing Cloud WAN against a mesh of Transit Gateways or a traditional WAN refresh, we can help you map the trade-offs and design something that fits.