Virtual Private Cloud

A virtual private cloud service that provides an isolated cloud network to operate resources in a secure environment.


Alibaba Cloud Virtual Private Cloud (VPC) is an isolated cloud network built for your exclusive use only. VPC provides you with the utmost control over data, security and resources, including configuring route tables, network gateways and selecting the range of IP addresses. You can even augment your resources by connecting your on-premise own network to Alibaba Cloud VPC and create an extension of your private cloud to develop a hybrid cloud. This also provides you with the ability to do external backups that are required by certain regulatory needs.

Product Details

Alibaba Cloud VPC allows the flexibility to build your cloud architecture in a logically isolated and secure environment. This means you can control your virtual networking environment, including the selection of your IP address range, the creation of subnets and configuration of route tables and network gateways. You can also segregate VPC instances into different security domains using security group features.

In addition, you can build layers of security into your managed private cloud network architecture. For example, you can create a public-facing subnet for your web server hosting and place your backend systems such as database or application servers in a private-facing subnet with no Internet access. Furthermore, you can launch different Alibaba Cloud products such as ECS, SLB and RDS within a VPC.

VPC supports VPN software and dedicated data line connections, as well as multi-line connections which can be connected with private, physical or other proprietary networks.



  • Achieves security standards of traditional VLAN isolation through Alibaba Cloud advanced security features, including tunneling technology.

  • Segregates VPC instances into different security domains using security group features.

  • Compliant with security isolation regulations set by the Chinese Government for financial users.

Easy Access Control

  • Easy and flexible access control solution for each security domain.

  • Quickly create and access Alibaba Cloud VPC services using the console.

Multiple Connectivity Options

  • Easily connect to the Internet by creating public-facing subnets.

  • Securely connect to your corporate data center and route all incoming and outgoing traffic of your instances.

  • Securely share resources across multiple virtual networks by connecting privately to VPCs of other Alibaba Cloud accounts.

Rich Network Connectivity

  • Supports VPN software and dedicated data line connections.

  • Supports multi-line connections which can be connected with private, physical or other proprietary network.

  • Supports VPN gateway customization. Set up your own VPN gateway or access a variety of VPN products offered on Software Marketplace.

Easy Payment Options

  • Offers flexible billing where you pay only for the resources used such as bandwidth, storage, compute, etc.


Ease of Use:

Virtual LAN (VLAN)

Any broadcast domain which is partitioned and isolated in a computer network at the data link layer.

  • Alibaba Cloud uses VLAN to divide the range of private IP address into several VSwitches.

  • Helps easy deployment of applications and other VPC services.

Customize Routing Rules

  • Easily customize and manage VRouter routing rules.

  • Configure forwarding routes of traffic.

  • Define routing rules between source and destination in route tables.

Dedicated Resources:

  • Offers dedicated Elastic IP addresses (EIPs) which you can attach to the ECS instances within the managed private cloud and access them publicly.

  • Offers dedicated line access service which helps you to establish a private and direct connection from your office, local data center or co-hosting location to Alibaba Cloud data center bypassing the public Internet.

  • Dedicated line access reduces network latency and provides you with a more consistent network experience compared to other Internet connections.


Security Groups

Security Group is a logical segregation of instances with the same security requirements and mutual trust.

  • Alibaba Cloud VPC divides ECS instances into different security domains with the help of security groups.

  • You can control network access to ECS instances using security groups.

  • Each security domain enables you to customize access-control rules for different ports and IPs.

  • Allows you to specify inbound and outbound network traffic for each ECS instance.

Network ACLs

A network access control list (ACL) is an optional layer of security that acts as a firewall for controlling traffic into and out of a subnet.

  • Operates at the subnet level which evaluates traffic entering and exiting a subnet.

  • Enables you to configure allow and deny rules.

  • Performs stateless filtering while security groups perform stateful filtering.

Hassle-free VPC Management:

  • Flexibly allocates IP addresses using CIDR (Classless Inter-Domain Routing) blocks as opposed to original allocation system based on IP address classes.

  • Replaces the old class A, B, C system and enables a single IP address to designate many unique IP addresses.

  • You can easily define traffic in route tables.

Cost-Effective Service:

  • Free components such as VSwitches, VRouter, route tables, and route entries.

  • You only pay for resources used such as ECS, RDS etc.

Express Connnect

A dedicated network connection between different cloud environments


Alibaba Cloud Express Connect is a convenient and efficient network service. The product provides a fast, stable, secure and private or dedicated network communication between different cloud environments, including VPC intranet intercommunication and dedicated leased line connection across regions and users.

With Express Connect you can increase the flexibility of your network topology and enhance the quality and security of inter-network communication.

Product Details

As a convenient and efficient network service, Express Connect is used for fast, stable, and secure private network communication between different cloud network environments.


Optimum Communication Quality

  • Excellent infrastructure provides uncompromised network quality regardless of the geographical location

Enhanced Security

  • Isolates the cloud network for your exclusive/confidential use only through virtual network technology, increases security

  • Carries out data transfer between data centers through secured network protocols

Consistent Network Performance

  • Allows you to choose data that utilizes the dedicated network connection and how it is routed, leading to a more consistent network experience as compared to Internet-based connections

Alibaba Cloud Service Compatibility

  • Express Connect works with all Alibaba Cloud services such as VPC, ECS and OSS


Dedicated Leased Line Connection

Multi-Region Access:

  • Each of the regions i.e. Hong Kong, Singapore, and U.S. Beijing, Shanghai, Hangzhou, and Shenzhen provides more one access points.

Full-network Access:

  • Each access point connected to Alibaba Cloud provides access to the entire VPC network.

VPC Intercommunication

High Bandwidth:

  • Enjoy 10Gbps or higher VPC intercommunication bandwidth, without worrying about massive data transfers

Cross Region:

  • Supports VPC intercommunication in different regions with non-overlapping CIDR<

Cross Account:

  • Supports intercommunication of VPCs belonging to different accounts with non-overlapping CIDR


Independent Access:

  • Choose to lease a line from a carrier for independent access to Alibaba Cloud

Access Partner:

  • Choose an Alibaba Cloud access partner to gain access to high-quality, low-cost access services worldwide

Purchase on Demand

Usage Cost:

  • Activate the service in real time and pay by month<


  • Provides free bandwidth and the virtual devices are provisioned as needed at affordable prices

Regional Communication:

  • Comes with minimal communication fee in the same region