Arize PrivateConnect
Secure enterprise connectivity solution for SaaS deployments
Last updated
Secure enterprise connectivity solution for SaaS deployments
Last updated
Copyright © 2023 Arize AI, Inc
Arize provides multiple deployment options including SaaS, Arize PrivateConnect (supporting AWS PrivateLink, Azure Private Link, and Google Cloud's Private Service Connect), and VPC deployments to ensure secure cloud connectivity. This document outlines why Arize PrivateConnect is the recommended solution for most customers, offering secure and seamless integration with existing cloud infrastructure while maintaining data privacy and operational agility.
Talk to our customer solutions team for more detailed setup instructions by reaching out to support@arize.com
When you set up Arize with PrivateConnect, your cloud storage account creates a VPC endpoint that connects directly to Arize's cloud environment. When your application sends AI/ML telemetry data to Arize, it flows through this private endpoint inside your cloud provider's network - never touching the public internet.
The data first goes to your secure virtual private cloud environment, then through the private service endpoint, and finally reaches Arize's compute resources. Everything stays within the cloud provider's private network backbone, ensuring secure and private data transmission between your infrastructure and Arize's platform. By having PrivateConnect, any API or UI related operation will also be driven by this PrivateConnect endpoint and user operations will not touch the public internet at all.
Here is a sample diagram for Arize PrivateConnect using AWS PrivateLink:
Ease of Setup and Faster Time-to-Value: Setting up Arize PrivateConnect is typically faster than a full VPC installation across all cloud providers. This quicker setup reduces time-to-value and lets customers start using the platform immediately.
Reduced Operational Complexity: With Arize PrivateConnect, customers don't have to manage complex networking or infrastructure updates within their virtual network. Instead, they can connect directly to the Arize platform without the need for extensive configurations, upgrades, or ongoing maintenance.
Data Security & Isolation: Arize PrivateConnect provides secure, private connections without exposing traffic to the internet, maintaining a high level of security similar to VPC deployments. The service is accessible from a customer's virtual network directly, keeping traffic isolated and secure within each cloud provider's network backbone.
Scalability & Flexibility: Arize PrivateConnect allows customers to easily connect to the Arize platform from any of their virtual networks within a single region or even across regions (with appropriate network peering). This flexibility can be especially beneficial as usage grows or if multi-region access is needed without reconfiguring or expanding a full VPC deployment.
Ongoing Compliance and Updates: By connecting through Arize PrivateConnect, customers can leverage the latest security updates, patches, and feature improvements of the Arize platform without requiring downtime or maintenance within their own virtual network due to Arize's CI/CD deployment practices.
Cost Efficiency: Arize PrivateConnect can significantly reduce costs compared to a full virtual network deployment. A VPC deployment requires additional infrastructure and ongoing maintenance, while Arize PrivateConnect uses managed network connections, cutting down infrastructure and operational expenses.
Simplified Access Control: Arize PrivateConnect integrates easily with each cloud provider's identity and access management services (AWS IAM, Azure AD, Google Cloud IAM), providing granular control over access to the platform without requiring complex configuration in addition to SSO.
Using Arize PrivateConnect provides a private, secure, and high-performance connection with all the advantages of using a managed SaaS platform without the added overhead of deploying and managing the entire software stack in their environment. This solution works seamlessly whether you're using AWS PrivateLink, Azure Private Link, or Google Cloud's Private Service Connect.
