How Salesforce Business Technology uses AWS Direct Connect SiteLink for reliable global connectivity

Note: This post is published in collaboration with Georgi Stoev, Senior Technical Architect at Salesforce, and Ravi Patel, Senior Engineering Manager at Salesforce 

In this post, we review how Salesforce Business Technology uses Amazon Web Services (AWS) Direct Connect SiteLink to build resilient hybrid architectures, facilitating global expansion and accelerating AWS Cloud migrations. We also dive deeper into how SiteLink helped Salesforce Business Technology unify the network architecture across seven global locations, modernized network communication to reduce costs, streamline operational overhead, and improve performance.

Salesforce is an AWS Partner and a trusted global leader in customer relationship management (CRM). The Salesforce Business Technology team provides a suite of services to help build, run, and transform enterprise applications and support Salesforce’s corporate financials, workforce, call centers, physical security, corporate data warehouse, virtual desktop, and more. For enterprises such as Salesforce, global operations demand a resilient and redundant network architecture that scales seamlessly to handle growing traffic and minimize downtime. Traditional networking solutions, often dependent on internet-based connectivity, may not meet the strict requirements of availability and performance. SiteLink helps address these challenges by enabling private, dedicated connections that bypass the internet, providing enhanced security and improved latency. SiteLink interconnects locations worldwide and offers built-in redundancy and resiliency, making sure of uninterrupted connectivity even during public internet outages or high-traffic periods.

Prerequisites

We assume you’re familiar with networking constructs on AWS, such as Amazon Virtual Private Cloud (Amazon VPC), AWS Transit Gateway, and AWS Direct Connect. These services form the backbone of users’ global network architecture, allowing private, low-latency connections between multiple Direct Connect locations without the need for traffic to traverse AWS Regions. Integrating these services allows users to achieve enhanced performance and flexibility in managing the hybrid cloud environment.

AWS Direct Connect SiteLink

Direct Connect links your on-premises network to AWS, bypassing the internet to deliver more consistent, latency-optimized performance. SiteLink is a feature of Direct Connect that allows you to create connections between your on-premises networks through the AWS global network backbone. You can use SiteLink to send data from one Direct Connect location to another on the shortest path, bypassing AWS Regions. SiteLink allows you to create global, reliable, and pay-as-you-go connections between the offices and data centers in your global network by sending data over the fastest path between Direct Connect locations. If you’re using Direct Connect now, either through a direct or hosted connection, then you have everything you need to use SiteLink. No new connections are needed.

When using SiteLink, you first connect your on-premises networks to AWS at any of the over 100 Direct Connect locations worldwide. Then, you create Virtual Interfaces (VIFs) on those connections and enable SiteLink. When all VIFs are attached to the same Direct Connect Gateway (DXGW), which is a global and highly available AWS resource, you can start sending data between them. Your data follows the shortest path between Direct Connect locations to its destination, using the fast, secure, and reliable AWS global network. Check the documentation for all AWS Direct Connect locations where SiteLink is available today.

Salesforce Business Technology global footprint

Salesforce Business Technology has established a global footprint that spans seven strategic locations: three in the United States, three in Asia-Pacific, and one in Europe, as shown in the following figure. Network connectivity relies on a private backbone with an MPLS architecture, complemented by AWS Regions. This hybrid setup supports complex data flows between data centers and cloud environments for both production and staging use cases. However, Salesforce faced challenges in maintaining and scaling this private backbone, primarily driven by the mismatch between the static infrastructure and dynamic nature of business needs and requirements. The existing infrastructure pre-provisioning model limited Salesforce’s efforts to improve cost-efficiency and didn’t align with the pay-as-you-go flexibility that modern businesses need. Operational complexity was another major concern, because the network team struggled with multi-carrier management, prolonged carrier outages in some geo-locations, and the complexities of MPLS routing.

Figure 1: A sample of the global private data center connectivity using private circuits

SiteLink solution

To address these challenges and better serve internal customers, Salesforce Business Technology decided to modernize the global network infrastructure. The goal was to create a network that scales dynamically with business demands, helps streamline operations, reduces management overhead, and enables rapid deployment of new services and features. To achieve this, the team started exploring advanced cloud networking options such as SiteLink, and uses the features and benefits of SiteLink to enhance scalability, agility, and innovation.

Salesforce Business Technology chose to deploy SiteLink on existing Direct Connect connections by creating new dedicated VIFs to match production and development environments, as shown in the following figure. Furthermore, with the support for multiple data flows such as Data Center (DC) to DC, and DC to AWS, Salesforce could use existing and new Direct Connect connections without impacting production traffic flows. This allowed the team to maintain global segmentation and meet data residency requirements.

Figure 2: A sample of the global SiteLink deployment for Production and Development

Benefits

This solution addressed the Salesforce Business Technology requirements, while delivering enhanced performance, security, and operational efficiency. Using existing Direct Connect circuits and implementing new VIFs for global segments allowed Salesforce to streamline network management, eliminating the complexity of MPLS global routing Layer 3 VPN while maintaining virtualization and separation capabilities. Moreover, the Direct Connect dedicated connectivity model helped Salesforce Business Technology increase network stability, use the AWS backbone for improved resilience and redundancy, and ensure overall latency improvements by 15% on average.

A significant benefit was the optimized performance achieved between data centers. Salesforce shortened the route path taken between sites, through the direct connectivity to the AWS backbone using Direct Connect. SiteLink allowed Salesforce to achieve a lower, more consistent latency between on-premises locations, improving end user experience and productivity. This enhancement, coupled with global visibility from AWS Regions to on-premises through CloudWatch Network Synthetic Monitor, and the overall Network Monitoring suite, allows for comprehensive monitoring and management of the entire network footprint. Moreover, the Salesforce Business Technology SiteLink deployment leverages MACSec encryption with all Direct Connect connections, providing Layer 2 point-to-point encryption for the cross-connects between Salesforce and AWS. For more information on MACSec encryption support on Direct Connect, refer to the Direct Connect User Guide.

Salesforce’s SiteLink implementation approach was phased and strategic. Phase 1 used SiteLink as a backup solution for the global private backbone. The next steps were aligned with gradually transitioning SiteLink to the primary connectivity service and removing legacy point-to-point connections. Through this network transformation effort, Salesforce Business Technology is positioned to provide more reliable, secure, and high-performance services to the internal teams, enabling faster innovation and adaptability to evolving business needs.

“With SiteLink, Salesforce Business Technology was able to streamline network operations, and make sure of maximum resiliency for our global backbone connectivity. The SiteLink feature was easy to enable on existing Direct Connect circuits. This allowed us to establish connectivity across seven global on-premises data centers within minutes, and meet network needs for future market opportunities with ease. As our business continues to grow and workload traffic scales up, we can use the scale and connectivity of the AWS backbone with SiteLink and expand to new markets within weeks or days.” shared Ravi Patel, Senior Engineering Manager at Salesforce.

Conclusion

In this post, we reviewed how Salesforce Business Technology uses the AWS Direct Connect SiteLink service to unify the network architecture across seven global locations, and modernized network communication to reduce costs, streamline operational overhead, and improve performance. For more details on Direct connect SiteLink, we recommend reviewing documentation. If you have questions about this post, start a new thread on AWS re:Post or contact AWS Support.

About the authors