AWS Cloud WAN: a cloud-native attach paradigm to simplify global connectivity and segmentation

For the uninitiated, AWS Cloud WAN is a fundamental networking innovation that allows customers to define global network policies that set up multi-region connectivity and segmentation. For our customers, this translates to a much simpler cloud-native connectivity model, devoid of complex peering constructs at the networking layer and allowing them to focus on communication and security relationships between workloads and applications.

Autonomous Multicloud Transit and Cloud WAN

Prosimo’s autonomous multicloud transit leverages these powerful cloud-native constructs to set up global connectivity across regions and even extend them into the hybrid cloud. Security, access, and performance are not bound to an external network provider’s reach; instead, the transit network scales elastically to provide these outcomes wherever users and applications have a presence. All this is possible because Prosimo’s solution orchestrates cloud-native constructs to take advantage of AWS’s global presence. Imagine having your own private post office network doing its job while you as a customer figure out where to send your packages, how securely they get there, and how fast they get there.

Zero Trust with Cloud WAN

With Prosimo’s full-stack cloud transit, customers migrate global connectivity from hub-and-spoke and peering models, then connect VPCs to Cloud WAN. Prosimo’s full-stack transit not only orchestrates this underlying cloud-native connectivity in the customers’ infrastructure but also makes these applications and workloads accessible globally to users in a zero-trust manner. Compare and contrast this with a legacy, tunnel-based approach: this would be akin to a modern post office network but using it to deliver mail via horseback.

Setting up a global transit network

Another customer challenged Prosimo with building a global transit network that internal customers could connect to and get zero trust connectivity for users accessing applications and workloads communicating internally with shared services. Prosimo’s cloud-native architecture was the perfect fit for this global, elastic transit that had to work across shared governance models while staying faithful to the cloud-native mandate. Prosimo is cloud-native by design; we orchestrate constructs such as AWS Transit Gateway (TGW) and Cloud WAN for hybrid and inter-cloud region connectivity. Prosimo makes it easy to incorporate new constructs and migrate to them seamlessly.

Configuring Prosimo to use Cloud WAN

Using Cloud WAN for connectivity as a part of the Prosimo infrastructure is extremely simple. While onboarding an application, customers choose the Cloud WAN option and the core network attach points the infrastructure will use, and that’s it! Prosimo will automagically set up the underlying infrastructure.
02g_OnboardAPP_Cloud-guide - private - VPC - Auto SMALLER data-lazy-srcset=
Figure 1: Configuring an application for Cloud WAN

Prosimo value

Core network policies for hybrid cloud

Managing a flat, segmented network based on AWS Cloud WAN provides the building blocks for a simpler networking architecture. Prosimo orchestrates the global network to include Cloud WAN segments and advertises the cloud network segments to the private cloud.

App layer segmentation

With Prosimo’s full-stack cloud transit, customers can define granular application access policies and a zero-trust model for users. If, for example, you want to restrict access to an application for users from a particular geographical region or gain insights into the user experience for that region, Prosimo provides a single pane of glass with which to operate your Cloud WAN-based transit network. A simpler, flatter networking architecture reduces the operational burden of maintaining peering relationships at the network level. Instead, it allows customers to define peering and segmentation policies where they belong – at the application layer.


We expect that customers will have to continue juggling multiple cloud-native networking paradigms as they slowly migrate to a more modern, simpler global cloud network. With Prosimo, organizations can support multiple connectivity paradigms and governance domains while migrating at their own pace. Prosimo seamlessly orchestrates connectivity between these different workloads while enforcing zero-trust access for users and policy-based app-to-app peering, regardless of how these constituents connect to the global cloud transit. Bottom line – no migration tradeoffs to make.

In closing...

With AWS Cloud WAN, customers have a simple yet powerful new way to describe a global cloud transit network. With the Prosimo full-stack overlay, customers can deploy an elastic, seamlessly orchestrated network that allows them to migrate and connect their brownfield cloud deployments. Customers can scale their teams around a uniform operational and governance model with a direct line of sight into operational KPIs such as MTTR, change window reduction, uptime, and SLAs. With a modern SaaS platform, deep visibility, and insights architected into the Prosimo solution, customers can seamlessly scale their people, processes, and technologies around a uniform framework.