Category: Expert (400)

AWS Cloud WAN makes it easy to build and operate wide area networks that connect your data centers and branch offices, as well as your Amazon Virtual Private Clouds (VPCs). With Cloud WAN, you connect to AWS through your choice of local network providers, then use a central dashboard and network policies to create a […]

AWS Cloud WAN is a managed service used to build wide area networks that connect data centers, branch offices, and Amazon Virtual Private Clouds (VPCs) using AWS global infrastructure. When building with Cloud WAN, many organizations employ next-generation firewalls (NGFW) and intrusion prevention systems (IPS) to inspect network traffic as part of a defense-in-depth strategy. […]

AWS Site-to-Site VPN is a fully-managed performant, scalable, secure, and highly-available way to connect your on-premises users and workloads to AWS. When using Site-to-Site VPN you can connect to both Amazon Virtual Private Clouds (Amazon VPCs) with two tunnels per connection for increased redundancy. For even greater performance with sites further from your AWS Region(s), […]

Many customers ask us how they can point their zone apex to their web content if it uses a DNS name rather than an IP address. This blog covers three design patterns and approaches that solve zone apex challenges with third-party DNS providers for applications hosted in AWS—and the pros and cons of each approach.

Update August 8,2022: AWS Direct Connect now supports connections to AWS Transit Gateway at speeds of 500 megabits per second (Mbps) and lower. The architecture described in this post is no longer needed. AWS Transit Gateway provides you with the ability to connect multiple VPCs, VPNs and scale up to 5,000 attachments. It simplifies management […]

I want to take some time to dive more deeply into a use case outlined in NET301 Best Practices for AWS PrivateLink. The use case involves using AWS Transit Gateway, along with Amazon Route 53 Resolver, to share AWS PrivateLink interface endpoints between multiple connected Amazon virtual private clouds (VPCs) and an on-premises environment. We’ve seen […]

Last year, a colleague of mine wrote a blog post about new security measures that Amazon CloudFront was implementing to enhance the security of how domains are used on CloudFront distributions. This included mitigations to prevent the abusive use of domain fronting practices by not allowing SSL handshake requests and subsequent requests over the secured […]