Customer Case Study

How Epsilon Built an AWS Global Transit Hub

Using Aviatrix Software-defined Cloud Routing to replace a vRouter

Epsilon is a global marketing company with a rich, nearly 50-year history transforming data into personalized customer experiences. Epsilon’s solutions architecture team develops and delivers unique technical solutions to enable campaigns for clients with exceptional scale, accuracy, and reach. Their platforms help clients reach millions of consumers around the globe, on a daily basis.

The Challenge

Epsilon helps Fortune 500 companies drive growth through data- driven marketing solutions and is a leader in data privacy and security. With platforms connected across Amazon Virtual Private Clouds (VPCs) and on-premises resources, Epsilon recognized the need to efficiently establish connectivity and continue to secure data-in- motion between platforms. To solve for this, Epsilon chose to build an Amazon Web Services (AWS) global transit architecture.

To implement this architecture, Epsilon decided to overhaul its cloud networking strategy and start from scratch. They began by prioritizing business requirements, specific technical challenges, and implementing a solution that could scale as fast as its AWS resources.

Begin quotationThe capability Aviatrix brings to deploy secure VPC networking was significantly easier and scalable for us, than the previous solution.End quotation

—Jason Lebaron, Sr Director, Solutions Architecture Epsilon

The Solution

Epsilon has been running its platforms on AWS for a few years. With the scale at which the company operates daily, the solutions team needs infrastructure that is designed to immediately scale-up to accommodate the data-driven campaigns Epsilon runs for its clients.

Epsilon decided on Aviatrix solutions on AWS for single pane of glass management and a breadth of automation capabilities. Moreover, Aviatrix delivered increased visibility into the health and performance of Epsilon’s cloud networking infrastructure helping the company optimize their customer experiences.

The solutions architecture team leveraged two networking approaches by implementing Aviatrix solutions for AWS. To support customer accounts on Epsilon platforms, the team leveraged Aviatrix to create a next-generation global transit VPC network (hub-and-spoke network). This design deploys Virtual Private Network (VPN) instances in a dedicated VPC to perform transitive routing between spoke VPC networks through automated deployment of Aviatrix Gateways via the Aviatrix Controller — a centralized management console.

They also used the Aviatrix Controller to simplify the configuration and provisioning of encrypted peerings between VPCs. This peer-to-peer connectivity allows client platforms to securely access multiple services, each configured to meet common regulations, such as SOC2, HIPAA, and GDPR.

Begin quotationThe ability for us to have a single point to manage and have visibility into – not only the connectivity services – but also the health and performance of those are very important.End quotation

—Jason Lebaron, Sr Director, Solutions Architecture Epsilon


The Aviatrix Controller is designed to simplify hybrid cloud networking and makes it easy to build, manage, and scale global transit architectures. Its centralized point-and-click, API-driven management allows anyone — including those without a deep background in networking — to build site-to-site VPN tunnels between VPCs and on-premises resources. The Aviatrix Controller can also be used to monitor, alert, and troubleshoot from one central console — significantly enhancing visibility across the network.

Aviatrix’s use of software-defined routing on the cloud, instead of Border Gateway Protocol (BGP), further enhances the stability of the network. This helped to facilitate Epsilon’s growth requirement of more than 100 VPCs. Moreover, Aviatrix doesn’t require that all traffic traverse the transit VPC (e.g. approved spoke-to-spoke traffic). This reduces performance bottlenecks and removes the single points of failure commonly associated with legacy vRouters.

The increased visibility, built-in firewall and security policy capabilities, and automation of deployment and configuration processes allow for enhanced data security and compliance.

Begin quotation Support engagement has been fantastic. We’ve had specific use cases and requirements we’ve shared with Aviatrix and they’ve been able to turn around responses to our business needs quicker.End quotation

—Jason Lebaron, Sr Director, Solutions Architecture Epsilon

Next Steps

Epsilon is currently preparing to onboard virtually all existing resources to Aviatrix. To minimize impact to clients, Epsilon is doing extensive pre-migration planning. Fortunately, onboarding to Aviatrix is simple and can be automated end-to-end. They’ve been able to set up pre-qualifications and validation, saving the team considerable time and reducing risk by removing manual processes.

Getting Started

  • Automated the onboarding of client accounts, including:
    • Discovery of VPC sub-networks
    • Provisioning of resources
    • Building secure tunnels between Amazon VPCs and on-premises resources.
  • Utilizing Epsilon team members’ time more efficiently by focusing on revenue generating tasks, thanks to the automation of manual networking processes
  • Increased visibility into network health, with performance metrics available on each link
  • Reduced client risk and application latency by cutting down on the number of hubs and fault domains Epsilon services have to transit through to reach end-resources
  • Established multi-factor authentication, which is now standard across the company
  • Operating Aviatrix didn’t require Epsilon to hire specialized skill sets, rather existing team members could easily be trained to perform operations
Robert Half Deploys Amazon AWS VPCs in 30 Minutes with Aviatrix
4:09 min | Share
Customer Testimonial: GREE Deploys VPCs Faster with Aviatrix
2:22 min | Share
Aviatrix Customer Hyatt Solution with Microsoft Azure
1:48 min | Share