Store Sign in Sign up Connect with Us Let's Connect
#
Networking Service

Soracom Direct

Dedicated, high-performance private network connection from Soracom to your AWS environment using AWS Direct Connect.

Create a high-performance private link between your devices and AWS

Soracom Direct uses AWS Direct Connect to establish a physically dedicated, private network path between your Soracom VPG and your AWS environment. This provides predictable latency, higher throughput, and a fully isolated communication channel for mission-critical IoT systems.

Move sensitive or high-volume IoT data into AWS without touching the public internet

Unlike VPNs or VPC peering alone, Soracom Direct uses a dedicated physical connection through AWS Direct Connect to link your VPG to your AWS environment. This gives IoT workloads a stable, low-latency, and congestion-free data path that remains isolated from the public internet. Direct is ideal for real-time industrial systems, high-throughput telemetry, and deployments where predictable performance and regulatory compliance matter.

Predictable network timing

Direct ensures stable, low-latency connectivity unaffected by internet congestion.

Handle big telemetry

Move large volumes of data without saturating public or VPN-based links.

Meet compliance needs

Private physical connections support strict industry security requirements.

What you’d build without Soracom Direct

Rely solely on public internet paths
Public routes introduce congestion, unpredictable latency, and risk exposure—an issue for high-value or time-sensitive IoT systems.

Overuse complex VPN topologies
VPNs add encryption overhead, require certificate management, and often struggle to scale for high-throughput fleets.

Create cloud-specific networking stacks
Without Direct, teams build separate networking systems for AWS and on-prem, increasing operational burden and cost.

How it works

AWS Integration abstract

Dedicated private line via AWS Direct Connect

Soracom Direct leverages AWS Direct Connect to create a private, high-bandwidth link from Soracom’s infrastructure to your AWS VPC. This bypasses the unpredictable nature of public internet routes, ensuring stable connectivity for latency-sensitive systems.

Industrial Automation

Consistent performance for real-time IoT workloads

Direct reduces jitter and latency variation by traveling over a dedicated connection, not shared public networks. This makes it ideal for industrial automation, machine telemetry, and round-trip control systems that demand consistent timing.

secure data

Increased security for regulated industries

Because traffic moves over a private backbone and never traverses the public internet, Direct helps organizations meet stringent requirements for financial systems, critical infrastructure, and healthcare data.

Learn more in the Beam Developer Guide
Take a shortcut directly to technical documentation

Explore physical link configuration, routing examples, and performance guidelines in the developer docs, or start testing with real devices using your own AWS account.

Visit Developer Docs

Architecture and implementation

Soracom Direct establishes a dedicated, private circuit using AWS Direct Connect between the Soracom cellular core and your AWS VPC. Devices connect through an encrypted cellular link and receive private IP addresses from the VPG. Their traffic then travels through the Direct Connect link directly into your AWS environment, avoiding public routes entirely. This architecture is commonly used for real-time control systems, regulated workloads, and high-bandwidth telemetry pipelines.

Support industrial automation and control systems

Use Direct to provide stable, predictable round-trip times between devices and AWS-hosted control applications.

Ingest large telemetry streams at scale

High-volume data, such as video frames, machine logs, or sensor arrays, can move reliably without saturating consumer VPN links.

Connect regulated workloads without public exposure

Direct enables financial, healthcare, and critical infrastructure systems to meet stringent requirements for private connectivity.

Step 1

Establish a dedicated private connection between your network and Soracom

Begin by opening the Soracom User Console to create or select a Virtual Private Gateway (VPG) for your devices.
Enable Soracom Direct for the VPG, which allows you to build a dedicated Layer-2 or Layer-3 private connection from your on-premises or data center network directly to Soracom.

Direct provides the lowest-latency, highest-reliability option for private connectivity, bypassing the public Internet entirely.
Setup options and requirements are described in the Soracom Direct documentation.

Step 2

Configure routing and VLAN settings for your dedicated Soracom Direct link

Work with your connectivity provider or colocation facility to establish the physical or virtual cross-connect to Soracom’s network edge location.
Once the connection is active, configure your VLANs, BGP sessions, or static routing depending on the Direct mode you are using.

This creates a seamless extension of your network, enabling devices to appear as if they are operating inside your private infrastructure.
Routing configuration examples are available in the Direct configuration guide.

Step 3

Attach your SIM group to the VPG and start using private network access

Attach the device SIM group to the VPG assigned to your Direct connection so all device traffic routes through your private link.
Your backend systems can now communicate with devices using private IPs over the dedicated connection, ensuring secure, predictable, and high-performance connectivity.

Combine Direct with Canal or Gate if you need VPN failover or Layer-2 access for advanced networking architectures.
Learn more about verifying connectivity in the Direct monitoring guide.

How Soracom Direct works with other Soracom services

Use Direct + Canal for dual private paths
Canal handles native AWS VPC peering, while Direct adds a physical connection for workloads needing predictable performance.

Use Direct + Door for hybrid multi-cloud VPNs
Door allows VPN connections to Azure, GCP, or on-prem systems alongside your Direct Connect link to AWS.

Use Direct + Gate for private remote access
Gate gives you secure, private inbound access to devices, routed through the Direct Connect link for consistent performance.

#

Build a dedicated private link with Soracom Direct

Create a free Soracom account and establish a high-performance Direct Connect link between your IoT devices and AWS. Evaluate private networking performance with real devices in minutes.

Get started

Frequently Asked Questions

What is Soracom Direct?
Soracom Direct is a private connectivity service that uses AWS Direct Connect to create a dedicated network path between your Soracom VPG and your AWS environment.
Who benefits most from Soracom Direct?
Enterprises with real-time workloads, heavy telemetry, regulated data, or systems requiring predictable connectivity.
Is traffic encrypted end-to-end?
Yes. Device-to-Soracom traffic is encrypted over cellular, and Soracom-to-AWS uses a private Direct Connect link that never touches the public internet.
Can Direct coexist with VPN connections?
Yes. Many customers use Direct for AWS and Door VPN for other clouds or on-prem systems.
How is Direct different from Soracom Canal?
Canal uses AWS VPC peering, while Direct uses a physical dedicated line for higher performance, lower latency variation, and better throughput.
Does Direct work with AWS Transit Gateway?
Yes. Direct can connect to Transit Gateway, allowing routing across multiple VPCs or accounts.
Do devices need special configuration?
No. They connect normally using Soracom Air — Direct applies only to backend routing between Soracom and AWS.
Does Direct support bi-directional access?
Yes. AWS services can reach devices via private IPs through the Direct Connect link.