Moving to DaaS or VDI? How to Limit the Impact of Public Cloud Egress Charges


Share on twitter
Share on linkedin
Gary McAuliffe


Share on twitter
Share on linkedin

While I promised my marketing team I wouldn’t use the “CV” word in my blog post, it’s hard not to focus on the strange new reality in which we are all living. This has been a tough week for our country, and the team at Pureport wishes Godspeed to all those impacted by the troubling events generated so abruptly in response to this pandemic. Please be vigilant in limiting your public exposure and let’s collectively get through this as quickly as possible.

As millions of employees are moving to their “new normal” of working from home, companies must equip their employees with the best possible remote access technology to accomplish their daily work. Often, the first step in the process is to consider moving employee desktops to the public cloud providers leveraging a Desktop as a Service (DaaS), or sometimes called a Virtual Desktop Infrastructure (VDI) solution.

This is a great first step, but it comes with challenges. While Pureport is not in the DaaS/VDI business, I wanted to share an idea about how Pureport can help solve one of the associated challenges—the dreaded cloud egress bandwidth charges.

As background: Each of the public cloud providers allows free data ingress into the cloud, but most charge a premium for data that comes out of the cloud (aka egress). This can become a challenge when moving to a cloud-based DaaS solution, as employees often need to move data from their desktop (now in the cloud) to their corporate data center in order to access applications and services housed there.

To illustrate, let’s walk through the typical DaaS journey.

Company’s DaaS Adoption Journey

  1. Identify a DaaS partner to move employee desktops into a public cloud provider’s platform. There are tons of good choices in this space, and most DaaS partners are available in more than one public cloud provider.
  2. Spin up employee desktops in the public cloud, leveraging support from the DaaS provider and/or consultants who can assist in this space.
  3. Test connectivity from employee laptops or home computers to their new desktop in the cloud over the public internet.
  4. Identify the other “corporate data center/HQ” applications to which the employee needs access.
  5. Build connectivity between the DaaS solution in the cloud and the resources employees need in the legacy data center.

There are typically two options for building connectivity between new DaaS services in the public cloud and legacy data center.

  1. Cloud Service Provider VPN: Each of the cloud providers has a site-to-site VPN service that will allow encrypted connectivity over the public internet between workloads in the cloud and the corporate data center. This is a great option for fast/easy connectivity, but it has one major drawback. Since it leverages the public internet, all data flowing from the cloud (in this case the employee’s desktop) to the corporate data center will be charged a relatively high egress bandwidth charge (typically .08–.09 per GB of data). Ouch!
  2. Build Private Connectivity: Each of the cloud providers provides a private connectivity option to their cloud. You may have heard of AWS Direct Connect, Azure ExpressRoute, Google Cloud Interconnect, or Oracle FastConnect. These significantly reduce the egress bandwidth charges, as most of the cloud providers offer highly discounted egress using their private connectivity options (typically .02–.03 per GB—which can be up to 70% savings).

The downside is that this requires the company to either co-locate equipment at one of the cloud on-ramp locations, or pay a network service provider and often wait 60–90 days to spin up the connection. While the discounted egress rate and improved performance are helpful, it can’t be accomplished within the time constraints of our current situation.

Pureport is proud to be one of the only providers in the market that can give businesses the best of both worlds. Leveraging the Pureport Multicloud FabricⓇ, companies can immediately spin up the private connectivity options offered by the major public cloud providers. Within Pureport’s self-service Console (which offers automation and orchestration capabilities), organizations can deploy these connections in a matter of minutes.

Once connected to the cloud resources, users can build a VPN connection from the Pureport platform back to their on-premises data center or office.

This allows the speed of a cloud-based VPN solution, coupled with the discounted egress benefit of the private connectivity options. The good news… this can be accomplished on-demand with the Pureport platform and be completed in well under an hour.

If you are moving to a cloud-based DaaS to enable your remote workers during these challenging times, Pureport can help you limit your exposure to high egress bandwidth fees. Our team is ready to support your efforts. Please send us a note at to discuss, or feel free to get started immediately at

Please take care of yourselves and your families, and let Pureport handle your networking! Let’s flatten the curve and get through this together!

Schedule a Pureport Demo