Intro
XTS - Secure and Adaptive Cross-Region Transmission for Cloud
XTS is a Cloud-Native Cross-Region Transmission Service which
improves the security of Cross-Region Transmission,
and provides Adaptive and Fair Hierarchical Transmission Control.
Cross-Region Transmission
Common use cases of cross-region transmission are
- cross-region replication for disaster recovery of DB, MQ, Object Storage, etc
- cross-region transmission between instances of active-active or multi-active services
- cross-region communication between services
XTS Improves the Security of Cross-Region Transmission
Security Risks of Cross-Region Transmission
Usually you have to expose a public IP-port to public networks for each Stateless Service (or each Pod of a StatefulSet) which needs cross-region transmission, in order for a Service (or Pod) to be located and connected across region.
If there’re, say, thousands of such Services (or Pods), you have to expose thousands of public IP-ports to public networks, which means there are thousands of points of attack.
Secure Cross-Region Transmission
XTS improves the security of cross-region transmission in several ways.
- XTS establishes secure tunnels between regions, and enables cross-region transmission without exposing public IP-ports for your services which need cross-region transmission.
- XTS minimizes attack surface. Only one public IP-port, i.e. the public IP-port of XTS, of each region is exposed to public networks.
- XTS protects your services from being exposed to public networks. Your services can only be accessed from within your regions.
- XTS rejects connections from public networks, except connections from XTS of another region of yours.
- XTS has builtin abilities to defend against DDoS attacks, to defend against slow attacks, to close idle connections, etc.
Adaptive and Fair Hierarchical Transmission Control
See ATC → for details.
Effortlessly Scale With Your Business
XTS effortlessly scales as your business grows. XTS is Truly Distributed, Load Balanced and Horizontally Scalable. This architecture provides the best scalability and reliability. In theory, there’s no scalability cap, i.e. you can achieve unlimited throughput by specifying an unlimited number of replicas.
Reliability
- Zero downtime during scaling out/in.
- Zero downtime during upgrade.
- All established connections remain intact on config changes.
- Zero downtime on temporary errors. Auto-recover on temporary errors.
- Zero downtime on process crash. Auto-recover on process crash.
Easy to Use
The experience of accessing services in other regions is like accessing services in the same region.