Networking & Content Delivery

Category: Advanced (300)

Optimizing performance for users in China with Amazon Route 53 and Amazon CloudFront

China is an important market for global companies. Both enterprises and startups conducting or expanding business globally are looking for ways to tap into the growing user market in China. To help accelerate the customer cloud journey and help them move quickly into the new markets, AWS China (Beijing) Region was launched in 2016, followed […]

Read More

Integrating external multicast services with AWS

Introduction Many enterprise customers and telecom operators run IP Multicast in their networks for video transcoding, financial trading platforms, multimedia broadcast multicast system (MBMS), and other services. As more and more customers migrate their on-premises workloads to the cloud, there is a need to not just build multicast applications on AWS, but also to integrate […]

Read More

Simulating Site-to-Site VPN Customer Gateways Using strongSwan

Have you ever needed to demonstrate or gain hands-on experience with AWS site-to-site VPN capabilities, but didn’t know how to easily implement the on-premises side of a VPN connection? This post shows how to use an AWS CloudFormation template to easily deploy the open source strongSwan VPN solution to simulate an on-premises customer gateway in […]

Read More

Using the AWS CDK and AWS Transit Gateway Inter-Region peering to build a global network

An Amazon VPC is a logically isolated section of the AWS cloud. Some of our largest enterprise customers have global networks containing VPCs that need to communicate across different AWS Regions, even across different AWS accounts. While this can appear like a cumbersome and complex task, with AWS Transit Gateway Inter-Region peering, it can be […]

Read More

Automating DNS infrastructure using Route 53 Resolver endpoints

Introduction DNS name resolution is a fundamental part of all on-premises and cloud networks. For customers with hybrid networks, additional infrastructure and configuration are needed for private DNS resolution to work seamlessly across environments. However, building this type of DNS infrastructure in a multi-account environment is complex. In this post, we show how to automate […]

Read More
Scale your Remote VPN on AWS

Scale your Remote Access VPN on AWS

AWS gives you the ability to extend existing on-premises remote access VPN solutions to the cloud. This not only allows access to resources within AWS, but using hybrid connectivity, also to on-premises resources. VPN clients use AWS internet connectivity as an entry point, and the flexibility of Amazon EC2 to scale capacity behind remote access […]

Read More

Using Microsoft Active Directory MFA with AWS Client VPN

You can now enable multi-factor authentication (MFA) for users connecting to an AWS Client VPN endpoint. This solution is ideal for organizations that want additional security when remote users are accessing AWS or on-premises resources. MFA improves the authentication process by requiring more than a user name, password, and certificate (the first factor). MFA requires […]

Read More

Securing VPCs Egress using IDS/IPS leveraging Transit Gateway

In a typical enterprise network, customers have VPCs across multiple accounts within an AWS Region to segment workloads. This segmentation can take different forms and depends on the company structure, security policy, business functions, and model. The drivers of the segmentation can vary. For example, segmentation could be driven by security and regulatory requirements, costs, […]

Read More

How to integrate third-party firewall appliances into an AWS environment

Many customers have requirements to leverage existing on-premises firewall technology or want to get started in AWS by using their existing firewall expertise. A large number of firewall vendors have versions of their software in the AWS Marketplace that work in either bring-your-own-license (BYOL) or pay-as-you-go pricing models. This makes it easy to get up and running […]

Read More
TransitGatewayArchitectureDiagram

Automating AWS Transit Gateway attachments to a transit gateway in a central account

As IT environments grow, they can become more complex, with additional accounts, VPCs, and the networking between them. AWS Transit Gateway is a service that addresses networking complexity by building a hub-and-spoke network to simplify your network routing and security. With Transit Gateway, you can connect your Virtual Private Clouds (VPCs) that span multiple accounts […]

Read More