AWS Cloud WAN
WAN edge infrastructure software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if AWS Cloud WAN and its alternatives fit your requirements.
Pay-as-you-go
Free Trial unavailableFree version unavailable
Small
Medium
Large
- Public sector and nonprofit organizations
- Healthcare and life sciences
- Banking and insurance
What is AWS Cloud WAN
AWS Cloud WAN is a managed wide-area networking service that helps organizations build and operate a global network connecting AWS Regions, on-premises sites, and other networks through a centrally managed core network. It targets cloud and network teams that need consistent connectivity, segmentation, and routing policy across multiple locations. The service integrates with AWS networking components such as AWS Transit Gateway and AWS Direct Connect and is configured via AWS console, APIs, and Infrastructure-as-Code tools.
Centralized global network policy
Cloud WAN provides a single logical core network with policy-based segmentation and routing controls that can be applied across multiple Regions. This reduces the need to configure routing and segmentation independently per Region or per gateway. It fits organizations that want standardized connectivity patterns for many VPCs and sites. Policy changes can be managed centrally and propagated through the service.
Native AWS networking integration
The service works with AWS Transit Gateway attachments and can incorporate connectivity from AWS Direct Connect and VPN-based site connections through AWS networking constructs. This makes it practical for enterprises already standardizing on AWS for cloud networking. It also aligns with AWS identity, logging, and automation approaches (for example, IAM-based access control and API-driven provisioning). For AWS-centric architectures, it can reduce reliance on third-party overlay components.
Managed service operations model
As a managed AWS service, Cloud WAN offloads parts of the control-plane and backbone operations to AWS. Organizations can focus on defining network intent (segments, attachments, routing) rather than deploying and maintaining WAN controller infrastructure. It can simplify multi-Region expansion because the core network is service-managed. This model can be attractive where teams want fewer appliances and less controller lifecycle management.
AWS-centric scope and lock-in
Cloud WAN is designed primarily around AWS networking primitives and AWS connectivity options. Organizations with significant non-AWS cloud footprints or requirements for a cloud-agnostic WAN overlay may find the model less portable. Moving policies and operational processes to Cloud WAN can increase dependence on AWS-specific constructs. This can be a constraint for multi-cloud standardization initiatives.
Not a full SD-WAN/SASE stack
Cloud WAN focuses on connectivity, routing, and segmentation rather than delivering an integrated SD-WAN edge appliance feature set. Capabilities commonly expected in WAN edge products—such as last-mile link bonding, application-aware path selection at the branch, or integrated secure web gateway—typically require additional products or services. Branch edge hardware and cellular/ISP diversity are outside the core service. As a result, it may not replace dedicated edge platforms for branch-heavy environments.
Feature parity varies by region
AWS networking services and integrations can have regional availability differences and evolving feature sets. Organizations operating globally may need to validate that required capabilities (attachments, connectivity options, and operational tooling) are available in each target Region. This can add design and rollout complexity compared with solutions that provide uniform functionality independent of cloud region. Ongoing service changes also require continuous review of AWS release notes and limits.
Plan & Pricing
Pricing model: Pay-as-you-go Key unit prices (from AWS official Cloud WAN pricing page):
- Core network edge (CNE): $0.50 per hour (billed per CNE; partial hours rounded up). Note: this is charged regardless of Region.
- Data processing (traffic sent from a VPC, VPN, or Direct Connect Gateway to a CNE): $0.02 per GB in all Regions.
- Data transfer between CNE and Transit Gateway (peered connections): $0.01 per GB (per examples on the pricing page).
- Core network edge attachments (VPC, VPN, Connect/SD-WAN, Direct Connect): hourly fees that vary by Region. Example rates shown on the official page:
- VPC attachment (US East - N. Virginia): $0.065 per hour (example shown).
- VPC attachment (Europe - Frankfurt): $0.080 per hour (example shown).
- Peering connections: hourly fee same as core network edge attachments and vary by Region.
- Additional: Standard AWS data transfer charges (EC2 data transfer pricing) also apply in addition to Cloud WAN charges.
Example cost notes (from AWS examples):
- AWS uses 730 hours/month (8,760/12) to illustrate monthly costs (e.g., 1 CNE * $0.50 * 730 = $365/month).
- Transit Gateway attachments and Transit Gateway peering attachment example rates are shown in examples (e.g., $0.05 per hour for Transit Gateway attachments in US East in the example calculations).
Notes & references: Prices and region-specific attachment rates vary by Region; AWS provides example regional prices on the official Cloud WAN pricing page and links to the AWS Pricing Calculator for tailored estimates.
Seller details
Amazon Web Services, Inc.
Seattle, Washington, USA
2006
Subsidiary
https://aws.amazon.com/
https://x.com/awscloud
https://www.linkedin.com/company/amazon-web-services/
