Network connectivity 

The network connectivity forms the backbone of IT and not just the hybrid cloud, so getting this right is of paramount importance. In the case of connectivity between enterprises and the public cloud, the following is a list of requirements that one would need to consider: 

• Security of the connection 
• Latency 
• Bandwidth 

So, we cannot do without security, while the levels of the other two depend on the requirements themselves. As an example, if we need to run a voice/video application, then the latency (and jitter) become important. If we are transferring large amounts of data, then the bandwidth needs to be higher. 

But based on security, we can infer that we cannot use a vanilla internet connection. So what are our choices? 

• IPSec VPN 
• MPLS connectivity 

We would go for IPSec connectivity in the following cases: 

• Amount of data transferred is small
• Low latency requirement is not very high 

This normally happens in cases where the footprint of usage in the public cloud is small, and not a lot of data is being transferred, as the environments are more or less isolated. 

The MPLS connectivity to a public cloud is normally offered as a service by the public cloud and the ISP. It's known by different names, such as Direct Connect in the case of AWS, Express Route in terms of Microsoft Azure, and Cloud Interconnect in the case of the Google Cloud platform. 

While these are provided as a 1 Gbps/10 Gbps connection, several ISPs also provide a sub-1 Gbps connection as determined by the cloud provider service. 

The routing normally happens as a static route, for IPSec tunnels and EBGP routing when it comes to MPLS. Please remember that this is simply the most prevalent routing method, and there is no technical reason for it to be as such, however the MPLS connection is definitely recommended to be run with BGP.