The value of the cloud is growing, and many large enterprises are moving their workload to the cloud. However, often, it's not possible to move entirely to the cloud in one day, and for most customers, this is a journey. Those customers seek a hybrid cloud model where they maintain a part of the application in an on-premise environment that needs to communicate with the cloud module. 

In a hybrid deployment, you need to establish connectivity between the resources running in the on-premises environment and the cloud environment. The most common method of hybrid deployment is between the cloud and existing on-premises infrastructure to extend and grow an organization's infrastructure into the cloud while connecting cloud resources to the internal system. The common causes of setting up a hybrid cloud may include the following:

• You want to have operating legacy applications in an on-premise environment while you refactor and deploy in the cloud with a blue-green deployment model.
• A legacy application such as a mainframe may not have a compatible cloud option and has to continue running on-premise.
• Need to keep part of the application on-premise due to compliance requirements.
• To speed up migration, keep the database on-premise and move the application server to the cloud.
• The customer wants to have more granular control of part of the application.
• Data ingestion in the cloud from on-premise for the cloud's Extract, Transform, Load (ETL) pipeline.

Cloud providers provide a mechanism for integrations between a customer's existing infrastructure and the cloud so that customers can easily use the cloud as a seamless extension to their current infrastructure investments. These hybrid architecture functionalities allow customers to do everything from integrating networking, security, and access control to powering automated workload migrations and controlling the cloud from their on-premises infrastructure management tools. 

Taking the example of AWS Cloud, you can establish a secure connection to AWS Cloud using a VPN. Since a VPN connection is set up over the internet, there may be latency issues due to multiple router hops from third-party internet providers. You can have your fiber optics private line go to AWS Cloud for better latency using AWS Direct Connect.

As shown in the following diagram, with AWS Direct Connect, you can establish high-speed connectivity between your data center and AWS Cloud to achieve a low latency hybrid deployment:

As shown in the preceding diagram, AWS Direct Connect Location establishes the connectivity between the on-premises data center to AWS Cloud. This helps you achieve the customer need of having dedicated fiber-optic lines to an AWS Direct Connect location; the customer can opt for this fiber optic line from a third-party vendor such as AT&T, Verizon, or Comcast in the USA. AWS has a directly connected partner in each region of the world.

At the AWS Direct Connect location, the customer fiber optic line is connected to AWS private network, which provides dedicated end-to-end connectivity from the data center to AWS Cloud. These optic lines can provide speeds of up to 10 GB/s. To secure traffic over direct connect, you can set up a VPN, which will apply IPSec encryption to the traffic flow.