Networking & Content Delivery

Category: Advanced (300)

Migrating from Squid Web Proxy to AWS Network Firewall

Introduction Regardless of size or industry, it’s common for organizations to have security and compliance rules for securing internet-bound traffic. AWS customers need control over, and the ability to filter, requests that are initiated by resources in private and public subnets and sent to the internet. This is also known as “egress filtering.” In AWS, […]

Read More

Using Route 53 Resolver DNS Firewall Logs with CloudWatch Contributor Insights and Anomaly Detection

Introduction The Domain Name System (DNS) is one of the most critical components for almost any network as every service relies on a functional DNS service. Amazon Route 53 Resolver (sometimes referred to as “AmazonProvidedDNS” or the “.2/+2 resolver”) provides a highly available and scalable DNS service that customers have come to rely upon for their recursive DNS […]

Read More

Accessing an AWS API Gateway via static IP addresses provided by AWS Global Accelerator

Introduction In this article, I will walk you through the steps to configure Amazon API Gateway in combination with AWS Global Accelerator to present Internet-facing API via static IP addresses to end users. This design addresses the need for static IP safelisting and also provides additional performance benefits to end users by sending user’s traffic […]

Read More

Moving towards DevOps CI/CD approach to configure and manage AWS networking resources

Introduction Organizations are moving from traditional monolithic data center networks to an agile application programming interface (API) driven cloud network. As a result, customers are looking for an efficient and reliable way to make changes to their cloud network infrastructure. They want to adopt a pipeline driven approach to make any network changes following DevOps […]

Read More

Mirror production traffic to test environment with VPC Traffic Mirroring

Many organizations want to replay production traffic to a test environment, with no impact on the end user’s experience. This is known as traffic mirroring or traffic shadowing. Testing the new version of a workload with production traffic is a key step for a successful release. Some tests use scripted requests, but real traffic is […]

Read More

Simulating Site-to-Site VPN customer gateways using strongSwan part 2: Certificate-based authentication

Do you need to either demonstrate or learn more about using certificate-based authentication with AWS Site-to-Site VPN capabilities? In part 1 of this series, we showed how to use an AWS CloudFormation template to deploy the open source strongSwan VPN solution to implement the on-premises side of an AWS Site-to-Site VPN connection. The open source […]

Read More
Influencing Traffic over Hybrid Networks using Longest Prefix Match

Influencing Traffic over Hybrid Networks using Longest Prefix Match

Introduction Many organizations use hybrid networks to connect on-premises data centers to the cloud. These networks often use both AWS Direct Connect and private WAN MPLS links to connect data centers to cloud resources and to each other. With multiple connections, organizations need to be able to control the path that network traffic will follow […]

Read More

CloudFront Migration Series (Part 3): OLX Europe, The DevOps Way

Business and scale at OLX Group At OLX Group, we operate the fastest-growing network of trading platforms globally. Serving 300 million people every month in 30+ countries around the world, OLX Group helps buy and sell cars, find housing, get jobs, buy and sell household goods, and much more. With more than 20 well-loved local […]

Read More

Customize 403 error pages from Amazon CloudFront Origin with Lambda@Edge

AWS Web Application Firewall (AWS WAF) is commonly used to protect HTTP and HTTPS requests forwarded to Amazon CloudFront. When you are using this approach, default 403 error pages do not distinguish whether the error came from AWS WAF or the CloudFront Origin. As an AWS WAF and Amazon CloudFront user, you may want to […]

Read More
Audible Plus

CloudFront Migration Series (Part 2): Audible Plus, The Turning Point

Introduction In 2020, users have come to expect a flawless streaming media experience, whether it’s video, music, or audiobooks. Playback must start quickly and be resilient to changes in network availability and bandwidth. To deliver all of this content, you must have a performant, highly available and reliable Content Delivery Network (CDN) to reach customers […]

Read More