22 February 2024

Different ways of connecting to Microsoft

Interconnection services

As an enterprise, you are most likely using one if not several services from Microsoft. Whether it is SaaS like Microsoft 365, PaaS like Azure SQL DB, or IaaS like Azure virtual machines, the overall user experience depends on the connectivity to the services. 

Here we give you an overview of the different ways of connecting to Microsoft cloud services and the pros and cons of each. 

Through an ISP

A very common way for enterprises to connect to Microsoft cloud services is via the Internet connection provided by their Internet Service Provider (ISP). While it is convenient and Internet access is available in most places, the best-effort nature of the Internet, without end-to-end guarantees, is a disadvantage which can lead to poor performance and bad user experience when consuming cloud services.

Peering with Microsoft

The peering option allows interconnection between Microsoft’s global network (AS8075) and your network for the purpose of exchanging traffic to/from Microsoft online services and Microsoft Azure Services. There are two ways of setting up peering with Microsoft:

1) Direct peering: Peering over a direct physical connection between Microsoft network at a Microsoft Edge and your network. Border Gateway Protocol (BGP) sessions are configured across these connections per Microsoft’s routing policy and a pre-negotiated agreement.

2) Internet Exchange peering: Peering connections at an Internet Exchange (IX). The physical connections between Microsoft network and your network are through a platform operated by the IX. BGP sessions are configured using IP space also provided by the IX.

While this solution might be a good fit for very large enterprises that have the traffic volumes necessary to fulfill the minimum levels required by Microsoft, it is not applicable for those which do not.

Microsoft ExpressRoute

ExpressRoute lets you extend your on-premise networks directly into the Microsoft cloud over a private connection using ExpressRoute Direct or with the help of a connectivity provider. ExpressRoute connections do not go over the public Internet, allowing more reliability, faster speeds, consistent latencies, and higher security than connections over the Internet. 

DE-CIX's DirectCLOUD service offers private, secure connectivity to Microsoft Azure from all major DE-CIX locations globally. Additionally, our global infrastructure allows you to extend your reach to Microsoft Azure regions and ExpressRoute locations worldwide.

This model is recommended for connecting to Azure IaaS and PaaS, but it is not designed to fulfill the requirement of a geographically dispersed design that is recommended for SaaS, like Microsoft 365.

Microsoft Azure Peering Service

The Microsoft Azure Peering Service (MAPS) was introduced to give customers the best experience via an IX, maintaining the benefits of a standard peering arrangement with Microsoft (AS8075) but without the need to fulfill Microsoft's minimum requirements or to maintain such a solution. 

The service offers a dedicated connection between the IX and the enterprise, leading to a stable and predictable connection to Microsoft. In addition, it gives customers deeper insights into their connection by offering Internet latency telemetry and route monitoring – something which is not offered via any of the other methods of connecting to Microsoft.

MAPS perfectly complements peering and DirectCLOUD solutions for connecting to the Microsoft cloud.