Express Connect helps you build high-speed, stable, and secure connections between your on-premises data center and VPCs over the internal network. Leased lines allow you to bypass the Internet service provider (ISP) to keep the network stable and prevent data theft during data transmission.

As shown in the following figure, you can use a leased line to establish a physical connection between your on-premises data center and an access point of Alibaba Cloud. One end is connected to the gateway device at the data center, and the other end is connected to a Virtual Border Router (VBR) of Express Connect. This provides a more secure and faster network connection with lower latency.

After the VBR and VPC are included in the same Cloud Enterprise Network (CEN), your on-premises data center can access all resources in the VPC, such as Elastic Compute Service (ECS) instances, containers, Server Load Balancer (SLB) instances, and databases. For more information about CEN, see What is Cloud Enterprise Network?.

Components

Express Connect consists of the following parts:

  • Physical connections: connections established between on-premises data centers and Alibaba Cloud access points. You can use one of the following methods to establish a physical connection:
    • Exclusive physical connections

      An Alibaba Cloud physical port and a leased line provided by a third-party service provider are used to connect an on-premises data center to an Alibaba Cloud access point. You can apply for a physical connection interface in the Express Connect console. For more information, see Create a dedicated physical connection.

    • Shared physical connections

      A leased line and the network provided by a third-party service provider are used to connect an on-premises data center to Alibaba Cloud. In this solution, the third-party service provider establishes the link between the on-premises data center and an Alibaba Cloud access point that can be shared by multiple tenants. For more information, see Establish a shared physical connection.

  • Virtual border routers (VBRs): routers that connect customer premises equipment (CPE) at on-premises data centers and Alibaba Cloud access points. VBRs serve as bridges for data transmission from on-premises data centers to Alibaba Cloud.

Benefits

Express Connect provides the following benefits:
  • High-speed interconnections

    Powered by the network virtualization technology of Alibaba Cloud, Express Connect allows networks to connect and exchange traffic at high speeds within internal networks without carrying traffic across the Internet. The impact of distance on network performance is minimized to ensure low-latency and high-bandwidth communication.

  • Stability and reliability

    Built on the state-of-the-art infrastructure of Alibaba Cloud, Express Connect guarantees stable and reliable communication between networks.

  • Security

    Express Connect implements cross-network communication at the network virtualization layer, where data is transmitted over separate and private channels within the infrastructure of Alibaba Cloud, mitigating the risks of data breaches.

  • On-demand purchase

    Express Connect delivers connectivity with a wide range of bandwidth options. You only pay for the resources that you actually used.

Comparison between physical connections and VPNs

You can use either physical connections or VPNs to connect on-premises data centers to Alibaba Cloud. However, physical connections are superior to VPNs in terms of network quality, security, and transmission speed. The following table compares physical connections with VPNs.

Item Physical connection VPN
Network quality Physical connections use leased lines and internal networks for communication, which features high quality, low latency, and low packet loss. VPNs use the Internet for communication, which faces risks of high latency and packet loss.
Security Physical connections prevent data theft and provide high security Physical connections can satisfy customers with high security requirements, such as finance and government enterprises. VPNs use encrypted communication channels that are based on the Internet and can meet basic security requirements of customers.
Bandwidth A single link provides a bandwidth of up to 100 GE and can satisfy customers of high data volumes.

Equal-cost multi-path routing (ECMP) is supported among multiple physical connections. The bandwidth can be increased to a TB.

The network bandwidth depends on the bandwidth of the public IP address.