Previously on...
Hello everyone! In the previous issue, we discussed the importance of data security and the challenges faced by enterprises. We introduced Alibaba Cloud Enterprise Network (CEN), a solution for internal network connections within enterprises. We explored both traditional on-premises methods and modern cloud trends. We delved into the features and advantages of CEN. In this issue, we will dive deeper into the world of CEN, exploring the use of Alibaba Cloud's Direct Connect technology for acceleration and presenting a real customer case study. This will provide readers with a firsthand experience of relevant scenarios. Let's dive right in!

Link to the previous article : https://www.highercloud.com.tw/architectcolumn-cen

---

Alibaba Cloud Exclusive - Hong Kong Express
The Alibaba Cloud Hong Kong Express is a high-speed network connection line built in collaboration with Hong Kong Telecom. It links Alibaba Cloud data centers in mainland China with those of Hong Kong Telecom, providing high-speed, stable, and secure network connection services. This dedicated line utilizes submarine cables to establish direct network connectivity between mainland China and Hong Kong. In simple terms, it not only accelerates data transmission between mainland China and Hong Kong but also ensures reliable network connectivity for enterprise users. The Alibaba Cloud Hong Kong Express supports various connection methods, including point-to-point connections and cross-regional disaster recovery backups. Among them is the focus of this article - Cloud Enterprise Network (CEN).
   

1. Intra-Region Network Interconnection: Within the same region and under the same account, VPCs can be interconnected. After creating a CEN instance, VPCs can be attached to the CEN instance.
2. Inter-Region Network Interconnection: CEN is used to connect networks across two or more (including two) regions. For example, connecting VPCs in four regions: Japan (Tokyo), China (Hong Kong), China (Beijing), and Australia (Sydney). First, create a CEN instance and attach the VPCs that need to be connected. If there are on-premises data centers involved, dedicated lines can be used to connect VBR to on-premises, as shown in the Japan (Tokyo) part of the diagram. VPNs can also be established for cloud-to-ground connections, as shown in the China (Hong Kong) part of the diagram.

Customer Case Solution
Now, let's introduce a relevant customer case. Based on the project experience of the Haier team, a customer's head office is located in Taipei, Taiwan, and they require optimization of network access speed and security between the head office and branch offices in Shanghai and Guangzhou. They also need to connect to multi-cloud application systems.  

CEN Customer Case Solution Architecture Document

Based on the above architecture diagram, the first step is to deploy an Alibaba Cloud VPC in the Shenzhen region. Using a VPN Gateway, the on-premises network environments of the Shanghai and Guangzhou offices are connected to the Shenzhen VPC. Subsequently, an Alibaba Cloud VPC is created in the Hong Kong region. Within this VPC environment, an ECS cloud server is established, and a Proxy is deployed as a forward proxy server. Using a VPN Gateway, the Hong Kong region VPC is connected to the Taipei office environment. Additionally, due to the client's use of other cloud application systems, the previously deployed forward proxy server within the ECS is utilized to connect external networks to multi-cloud application systems.

The simplified steps are as follows:

1. Create a VPC in the Alibaba Cloud Shenzhen region.
2. Use a VPN Gateway to connect the network environments of the Shanghai and Guangzhou offices to the Shenzhen VPC.
3. Create a VPC in the Alibaba Cloud Hong Kong region and deploy an ECS within this VPC environment. Deploy a Proxy as a forward proxy server.
4. Use a VPN Gateway to connect the Hong Kong region VPC to the Taipei office.
5. Set up a forward proxy server within the ECS and connect external networks to multi-cloud application systems.

---