Networking & Content Delivery

Resolve DNS names of Network Load Balancer nodes to limit cross-Zone traffic

Introduction Network Load Balancer (NLB), part of the Elastic Load Balancing Family, is the flagship Layer 4 load balancer for AWS. It offers elastic capacity, high performance, and integration with many other AWS services (such as Amazon EC2 Auto Scaling). NLB is designed to handle millions of requests per second while maintaining ultra-low latency, improving […]

Read More

Leveraging AWS PrivateLink for volumetric data processing

AWS PrivateLink provides private, secure connectivity between VPCs, AWS services, and your on-premises networks, without exposing your traffic to the public internet. AWS PrivateLink offers three primary benefits to customers. First, it provides a way for two parties to establish private connectivity without requiring an Internet Gateway (IGW), thereby helping both parties to deploy airtight […]

Read More

Best practices for deploying Gateway Load Balancer

Introduction At re:Invent 2020, we launched Gateway Load Balancer (GWLB), a service that makes it easy and cost-effective to deploy, scale, and manage the availability of third-party virtual appliances. These appliances include firewalls (FW), intrusion detection and prevention systems, and deep packet inspection systems in the cloud. Since the launch, a lot of customers have […]

Read More

New APIs and functionality for managing Amazon CloudFront CNAMEs

Today, Amazon CloudFront announced the release of two new APIs, ListConflictingAliases and AssociateAlias. These APIs are useful when you need to locate or move Alternate Domain Names (CNAMEs) when you encounter the CNAMEAlreadyExists error code. In addition, more use cases have been enabled when you are working with wildcard CNAMEs across accounts. Before diving into […]

Read More

Using Route 53 Resolver DNS Firewall Logs with CloudWatch Contributor Insights and Anomaly Detection

Introduction The Domain Name System (DNS) is one of the most critical components for almost any network as every service relies on a functional DNS service. Amazon Route 53 Resolver (sometimes referred to as “AmazonProvidedDNS” or the “.2/+2 resolver”) provides a highly available and scalable DNS service that customers have come to rely upon for their recursive DNS […]

Read More

Introduction to Network Transformation on AWS – Part 1

This is a part one of a two-part blog series. Part two is coming soon! Introduction Your organization may have a sprawling network built with variety of topologies. As your organization begins to embrace cloud, you extend your network to AWS using a hybrid connectivity architecture. Over time, traffic patterns change as more and more […]

Read More

How FactSet handles networking for 1000+ AWS accounts

This is a blog post by FactSet’s Cloud Infrastructure team, Gaurav Jain, Nathan Goodman, Geoff Wang, Daniel Cordes, Sunu Joseph, and AWS solutions architects Amit Borulkar and Tarik Makota. In Factset’s own words “FactSet creates flexible, open data and software solutions for tens of thousands of investment professionals around the world. These solutions provide instant […]

Read More

Deploy centralized traffic filtering using AWS Network Firewall

In this blog, we will walk through the steps to accelerate your centralized deployment of AWS Network Firewall using a new deployment automation solution—AWS Network Firewall deployment automation for AWS Transit Gateway. We will also discuss common use cases for AWS Network Firewall in a centralized architecture that uses AWS Transit Gateway. Though this post […]

Read More

Accessing an AWS API Gateway via static IP addresses provided by AWS Global Accelerator

Introduction In this article, I will walk you through the steps to configure Amazon API Gateway in combination with AWS Global Accelerator to present Internet-facing API via static IP addresses to end users. This design addresses the need for static IP safelisting and also provides additional performance benefits to end users by sending user’s traffic […]

Read More

Automating service discovery using AWS Transit Gateway Multicast with IGMP

This post will describe how to use multicast and Internet Group Management Protocol (IGMP), two of the newer features of AWS Transit Gateway, to enable applications and services to discover each other automatically when running in Amazon Virtual Private Cloud (Amazon VPC) environments. Service discovery means that a service client, such as a network file […]

Read More