Networking & Content Delivery

Category: Networking & Content Delivery

Growing AWS internet peering with 400 GbE

Performance is a key driver of the design of the AWS global infrastructure. AWS has the largest global network infrastructure footprint of any cloud provider, and this footprint is expanding continuously to help our customers deliver better end-user experiences, rapidly expand operations to virtually any region or country, and meet their data locality and sovereignty […]

Monitoring AWS Global Network Performance

As an AWS customer, you might often want to understand the performance of the AWS Global Network. Visibility into how the AWS Global Network is performing at any given time can help you plan expansions into new AWS Regions and Availability Zones (AZs), as well as streamline troubleshooting of performance-related incidents. Today, I’m happy to […]

Limiting requests to a web application using a Gatekeeper Solution

Many types of organizations encounter DDOS attacks daily. DDoS, or Distributed Denial of Service, is an attack pattern that generates fake traffic to overwhelm organisation’s properties (websites, APIs, applications, etc.) and make it unavailable to legitimate users. They majority of these attacks involve a huge burst of fake traffic that exhausts the application’s resources (Memory […]

Centralized outbound inspection architecture in AWS Cloud WAN

AWS Cloud WAN helps you build a unified network that connects your cloud and on-premises environments. To help secure these networks, organizations use next-generation firewalls (NGFW) and intrusion prevention systems (IPS) as part of a defense in depth strategy. In this post, we describe architectural patterns for centrally managing and inspecting outbound network traffic from […]

Automating HTTP/S Redirects and certificate management at scale

Organizations today use many ways to drive traffic to their websites and applications. This is important for new feature launches, marketing campaigns, advertising, and so on. One common approach uses HTTP/S redirects, where you send a user from one domain, or Uniform Resource Locator (URL), to another. Redirects are incredibly useful tools when moving websites, […]

Visitor Prioritization on e-Commerce Websites with CloudFront and CloudFront Functions

When we wrote the previous post (Visitor Prioritization on e-Commerce Websites with CloudFront and Lambda@Edge) five years ago, Visitor Prioritization was a relatively new concept. Since then, we saw a huge need for traffic shaping, throttling, and request prioritizing, especially in the gaming and media industries. Of course, e-Commerce sites still require this capability for […]

Monitoring load balancers using Amazon CloudWatch anomaly detection alarms

Load balancers are a critical component in the architecture of distributed software services. AWS Elastic Load Balancing (ELB) provides highly performant automatic distribution for any scale of incoming traffic across many compute targets (Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Container Service (Amazon ECS), AWS Lambda, etc.), while enabling developers to adopt security best practices […]

Centralizing Domain List Management for AWS Network Firewall and Route 53 Resolver DNS Firewall

Many of our customers take a “defense in depth” approach to secure workloads within their Amazon Virtual Private Clouds (Amazon VPC). Using domain list rules in AWS Network Firewall and Amazon Route 53 Resolver DNS Firewall lets you enforce network security controls at multiple layers based on domain names. Although both DNS Firewall and Network […]

How to enhance CloudFront origin security of on-premise web servers using third-party firewalls

This post provides a solution to enhance the Amazon CloudFront origin security of on-premises web servers by automating the AWS IP prefix update process for some network firewalls. CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds—all within […]

How to analyze AWS Network Firewall logs using Amazon OpenSearch Service – Part 2

In part 1 of this blog-post series, we walked you through steps to configure Amazon OpenSearch Service to receive logs from AWS Network Firewall using Amazon Kinesis Data Firehose. In this part 2, we cover steps to generate test alerts, validating them and configure dashboards in Amazon OpenSearch Service to visualize and analyze log data. […]