Networking & Content Delivery

Category: Amazon VPC

Securing VPCs Egress using IDS/IPS leveraging Transit Gateway

In a typical enterprise network, customers have VPCs across multiple accounts within an AWS Region to segment workloads. This segmentation can take different forms and depends on the company structure, security policy, business functions, and model. The drivers of the segmentation can vary. For example, segmentation could be driven by security and regulatory requirements, costs, […]

Read More

How to integrate third-party firewall appliances into an AWS environment

Many customers have requirements to leverage existing on-premises firewall technology or want to get started in AWS by using their existing firewall expertise. A large number of firewall vendors have versions of their software in the AWS Marketplace that work in either bring-your-own-license (BYOL) or pay-as-you-go pricing models. This makes it easy to get up and running […]

Read More
Network Architecture that shows Direct Connect Gateway attached to private virtual interface, and associated to virtual private gateway in two region.

Setting up AWS Direct Connect gateway to route DX traffic to any AWS Region

Direct Connect Senior Product Managers Madhura Kale and Erik Klavon contributed to this post. AWS Direct Connect (DX) has been a popular method for businesses to connect to AWS services, giving users a secure and reliable connection to an AWS Region. There are more than 100 DX locations available globally across major cities. However, you […]

Read More
TransitGatewayArchitectureDiagram

Automating AWS Transit Gateway attachments to a transit gateway in a central account

As IT environments grow, they can become more complex, with additional accounts, VPCs, and the networking between them. AWS Transit Gateway is a service that addresses networking complexity by building a hub-and-spoke network to simplify your network routing and security. With Transit Gateway, you can connect your Virtual Private Clouds (VPCs) that span multiple accounts […]

Read More

Performing Route 53 health checks on private resources in a VPC with AWS Lambda and Amazon CloudWatch

If you have ever used Amazon Route 53 health checks to monitor resources, you know that monitored resources must have public IP addresses. This is because Route 53 health checkers are public and they can only monitor hosts with IP addresses that are publicly routable on the internet. You may want to monitor your resources […]

Read More

Migrate from Transit VPC to AWS Transit Gateway

Amazon Virtual Private Cloud (Amazon VPC) provides you with the ability to create as many virtual networks as you need. It also provides different options for connecting these networks to each other and to non-AWS infrastructure, such as on-premises data centers, remote headquarters, or other offices. Most of you start this journey with a few […]

Read More

Debugging tool for network connectivity from Amazon VPC

Resources in AWS rely heavily on their underlying network to deliver a service at optimal performance. For example, your databases could be fine-tuned and your front end application servers could be running on the most expensive, high-end Amazon EC2 instances available. However, if the underlying network is experiencing an issue, all of these beneficial factors […]

Read More

Introducing Bring Your Own IP (BYOIP) for Amazon VPC

A public IP address is a big part of what is used to identify you on the public internet. In cases such as migration, whitelisting, or even IP address reputation, it can be important to you as the application owner, that your application’s IP address remains the same, or in the case of a migration, […]

Read More

How to securely publish Internet applications at scale using Application Load Balancer and AWS PrivateLink

If you have applications spread across multiple Virtual Private Clouds (VPCs) and want to expose those applications to the Internet, you can choose from different approaches. One option is to give each VPC its own dedicated connectivity to the Internet through an attached Internet gateway. Another approach is to centralize access from the Internet through […]

Read More