Express Connect helps you establish a fast, stable, secure, and private connection between your data center and a virtual private cloud (VPC). Express Connect circuits ensure secure data transmission, prevent network jitters, and reduce the potential for data breaches.

Network topology

The following figure shows an Express Connect circuit that connects a data center to an access point of Alibaba Cloud. One end of the Express Connect circuit is connected to the gateway device in the data center, and the other end is connected to a virtual border router (VBR) on Alibaba Cloud. Data is exchanged through secure, reliable, and high-speed connections with low network latency.

To access resources in a VPC, you must attach the VBR and the VPC to a Cloud Enterprise Network (CEN) instance. Then, your data center can access all resources in the VPC, such as Elastic Compute Service (ECS) instances, pods, Server Load Balancer (SLB) instances, and ApsaraDB services. For more information about CEN, see What is CEN?.

Express Connect architecture

Components

  • Connection over an Express Connect circuit: a private connection established between a data center and an access point of Alibaba Cloud by using Express Connect.

    You can create the following types of connections over Express Connect circuits:

    • Dedicated connection

      You can lease an Express Connect circuit to connect your data center to an access point of Alibaba Cloud. The Express Connect circuit is dedicated to you. Before you create a dedicated connection, you must apply for an Express Connect circuit in the Express Connect console. For more information, see Create a dedicated connection over an Express Connect circuit.

    • Hosted connection

      The access points of Express Connect partners are already connected to the access points of Alibaba Cloud. Therefore, you need only to connect your data center to the access point of an Express Connect partner. The Express Connect circuit used by a hosted connection is shared among multiple tenants. For more information, see Overview.

  • A VBR is a router between the customer-premises equipment (CPE) in a data center and an access point of Alibaba Cloud. After you connect your data center to an access point of Alibaba Cloud, you can create a VBR to exchange data between your data center and Alibaba Cloud.

Benefits

  • High-speed connections

    Powered by the network virtualization technology of Alibaba Cloud, Express Connect allows networks to communicate with each other through direct, private, and high-speed connections. Network traffic does not traverse the Internet. Express Connect circuits ensure low network latency, low packet loss rate, and high throughput even if data is transmitted over a long distance.

  • Stability and reliability

    Built on the high-quality infrastructure of Alibaba Cloud, Express Connect ensures stable and reliable communication between networks.

  • Security

    Express Connect enables communication at the network virtualization layer. Data transmission among different tenants is isolated. This reduces the risks of data breaches.

  • On-demand purchase

    Express Connect circuits are provided with different bandwidth limits. You can specify a proper bandwidth limit to meet your business requirements.

Differences between connections over Express Connect circuits and VPN connections

You can use both Express Connect circuits and VPN to connect your data center to Alibaba Cloud. Compared with VPN connections, connections over Express Connect circuits offer better network conditions, higher security, and larger bandwidth. The following table describes the differences between connections over Express Connect circuits and VPN connections.

Item Connection over Express Connect circuit VPN connection
Network conditions When you use an Express Connect circuit to connect to Alibaba Cloud, data is transmitted through a private connection with low network latency and packet loss. VPN connections are established over the Internet and are subject to network latency and packet loss.
Security Express Connect circuits are dedicated to users. This prevents data breaches and ensures high security. Connections over Express Connect circuits are best suited for users in the finance industry and enterprises in the public service sector that have high security requirements. VPN connections are encrypted Internet connections and are suitable for users that have basic security requirements.
Bandwidth The bandwidth of a connection over an Express Connect circuit can reach 100 Gbit/s for handling a large number of requests.

You can also configure equal-cost multi-path routing (ECMP) with multiple Express Connect circuits. This ensures service availability and also aggregates the bandwidth to Tbit/s.

The bandwidth of a VPN connection is limited by the bandwidth limit of the public IP address.