Azure ExpressRoute is not clearly named. It conjures all sorts of possible meanings, but it’s actually a private connection (like a VPN connection through a high-speed MPLS connection) from your on-premises infrastructure to your Azure cloud-based infrastructure. Avoiding the public Internet when it comes to your connections might make a CIO or CSO smile, but is there any tangible benefit to this kind of a connection other than to offer a security blanket?
The ExpressRoute connections, being direct, should provide for better throughput, reducing latency so that your off-premises servers in Azure feel like a natural extension to your data center. But that’s only a benefit if you find your public Internet connection to Azure to be painfully slow or inconsistent.
The ExpressRoute direct connection may make you feel more secure, because your data is not traveling over the public Internet. But if you’re encrypting your data (you do that, right?) you’re already protected.
Microsoft also recently released an extension to ExpressRoute for use with Office 365, to essentially make Exchange, SharePoint, and Skype for Business services -- but not Yammer or Office ProPlus -- extensions to your WAN. It has the same two security-blanket benefits as the core Azure ExpressRoute offering.
I’m not against security-blanket rationales for technology purchases. Whatever makes you more comfortable with the move to the cloud is beneficial as long as you have the budget for it.
If you deploy ExpressRoute connections, note that they are dedicated and come in pairs to ensure high availability of the connection. You can also use multiple ExpressRoute providers to establish ExpressRoute circuits in different locations for additional redundancy and geo-resiliency. But keep in mind that using ExpressRoute doesn’t mean you can drop your Internet connection, which is still needed for DNS, content delivery networks, and so on for additional services.
ExpressRoute is by no means cheap. Plus, you’ll need to pay for the VPN connection that you purchase from your network service provider, and that connection’s bandwidth has to match what you get from ExpressRoute; otherwise, you will be limiting yourself.
Azure ExpressRoute fills a gap and offers organizations the ability to extend their on-premises environments into the Azure cloud with a WAN-like private connection for more assured performance and more security confidence. (Even then, ExpressRoute doesn’t eliminate the need for IT admins to focus on network performance).
Is ExpressRoute worthwhile? Sure, to a few. But it’s not essential for most organizations.