Amazon dove into the wide-area networking space this week with the launch of Amazon Web Services (AWS) Cloud WAN.

The platform — which has already garnered support from leading SD-WAN vendors: Cisco, VMware, Palo Alto Networks, and Aruba — is a managed WAN service that streamlines the process of connecting on-premises data centers and branch offices to the cloud provider’s global backbone network.

If this sounds familiar, that’s because SD-WAN vendors have achieved similar functionality in the past using AWS’ previously announced Transit Connect Gateway and Direct Connect products.

Direct Connect provides an on ramp into AWS, while Transit Connect Gateway enabled inter-virtual private cloud (VPC) networking. The two products, in conjunction with an SD-WAN overlay, enabled AWS to be used as a high-performance, middle-mile network.

However, these products were never intended for this purpose and had to be meticulously stitched together to fold AWS into an enterprise WAN fabric. The disjointed nature of these products created a patchwork of networking and security policies that was unnecessarily complicated to configure and manage, Amazon claims. Cloud WAN, which is available in preview now, unifies this functionality under a single dashboard with this specific use case in mind.

“AWS Cloud WAN removes the difficulty of stitching together and managing third-party tools so customers can now more easily keep their networks securely connected and high performing,” David Brown, VP of AWS Elastic Compute Cloud, said in a statement.

Cloud WAN works like most middle-mile network providers. In the case of branch-to-branch communications, customer traffic travels a short distance across the internet to the nearest AWS data center where it hops aboard the cloud provider’s private network.

Once on the network, customers can define how that traffic should be routed between AWS data centers based on networking and security policy configured in the Cloud WAN dashboard. The traffic then leaves AWS' network at the data center closest to its destination — or as dictated otherwise by routing policy — and completes its final leg once again over the internet.

While Cloud WAN supports a variety of popular SD-WAN vendors at launch, it should be noted that SD-WAN is not a prerequisite. The service also supports AWS VPN, Direct Connect, and Transit Connect Gateway as on ramps.

However, according to Cisco’s Raj Gulani, senior director of product management for enterprise cloud and SD-WAN, using AWS Cloud WAN in conjunction with SD-WAN presents numerous benefits.

By integrating with Cloud WAN, SD-WAN customers can extend their existing WANs into and across AWS’ private network, enabling consistent networking and security policy enforcement, he said. “We can actually orchestrate the entire internal network backbone with just a push of a script from our side and that gets honored by AWS.”

This is possible thanks to deep API integrations with Cloud WAN that enable SD-WAN vendors, like Cisco, to orchestrate the middle-mile network based on the customer's intent, he explained. “Now we can actually honor the enterprise SD-WAN policy from an intent perspective.”

By extending the SD-WAN overlay across AWS Cloud WAN customers can also maintain visibility and more importantly, extend network segmentation across the middle mile, noted Karl Brown, senior director of product marketing for VMware’s SASE business unit, in an interview with SDxCentral. “If they [the customer] had segmented guest traffic from employee traffic, if they had segmented different internal teams … we can maintain that segmentation across the AWS Cloud WAN."

AWS is far from the first cloud provider to venture down this path. Earlier this year, Google announced the evolution of its SD-WAN Cloud Hub platform — which bears striking similarities to Transit Connect Gateway and Direct Connect — to support middle-mile transport.

Google Cloud’s Network Connectivity Center, similar to AWS Cloud WAN, provides a single dashboard for provisioning and managing VPN tunnels and SD-WAN interconnects. Cisco was among the first to announce support for the service and was joined by rival SD-WAN vendors Fortinet and Versa late this spring.

Meanwhile, Microsoft introduced this functionality more than a year earlier in an update to the Azure Virtual WAN Hub. In addition to providing an on-ramp to workloads running in Azure, vWAN provides a platform on which technology partners could extend their SD-WAN overlays across the public cloud provider’s network.

While not public cloud providers, content delivery network (CDN) and domain name system (DNS) providers Cloudflare also offers similar transport services targeted at SD-WAN customers.

Building on these developments, many SD-WAN vendors see an opportunity to glue the various clouds together, enabling branches, users, and workloads to communicate seamlessly regardless of where they’re located or on which cloud they’re running.

“What VMware, as a company, will provide is a means to go across cloud and provide security and connectivity as you shift data and workloads across the different cloud providers,” Karl Brown said.

VMware isn't alone in this endeavor. Cisco and Fortinet have announced similar plans to address multi-cloud networking challenges using their SD-WAN and security platforms.