Networking & Content Delivery

Category: Amazon VPC

Simplify network routing and security administration with VPC Prefix Lists

The recently announced Amazon Virtual Private Cloud (VPC) Prefix Lists feature makes it easier to create consistent security postures and routing behaviors. A Prefix List is a collection of CIDR blocks that can be used to configure VPC security groups, VPC route tables, and AWS Transit Gateway route tables and can be shared with other […]

Integrating external multicast services with AWS

Introduction Many enterprise customers and telecom operators run IP Multicast in their networks for video transcoding, financial trading platforms, multimedia broadcast multicast system (MBMS), and other services. As more and more customers migrate their on-premises workloads to the cloud, there is a need to not just build multicast applications on AWS, but also to integrate […]

Zendesk’s Global Mesh Network: How we lowered operational overhead and cost by migrating to AWS Transit Gateway

This post is presented by our guest Vicente De Luca, Principal Engineer at Zendesk and contributor at AWS Community Builders program, focusing on architecting scalable and reliable networks for Zendesk’s global footprint, and Tom Adamski, AWS Networking Solutions Architect. Zendesk is a global CRM company, building software designed to improve customer relationships. Our customers span […]

Using the AWS CDK and AWS Transit Gateway Inter-Region peering to build a global network

An Amazon VPC is a logically isolated section of the AWS cloud. Some of our largest enterprise customers have global networks containing VPCs that need to communicate across different AWS Regions, even across different AWS accounts. While this can appear like a cumbersome and complex task, with AWS Transit Gateway Inter-Region peering, it can be […]

Automating DNS infrastructure using Route 53 Resolver endpoints

Introduction DNS name resolution is a fundamental part of all on-premises and cloud networks. For customers with hybrid networks, additional infrastructure and configuration are needed for private DNS resolution to work seamlessly across environments. However, building this type of DNS infrastructure in a multi-account environment is complex. In this post, we show how to automate […]

Scale your Remote VPN on AWS

Scale your Remote Access VPN on AWS

AWS gives you the ability to extend existing on-premises remote access VPN solutions to the cloud. This not only allows access to resources within AWS, but using hybrid connectivity, also to on-premises resources. VPN clients use AWS internet connectivity as an entry point, and the flexibility of Amazon EC2 to scale capacity behind remote access […]

Using VPC Flow Logs to capture and query EKS network communications

Introduction Capturing and querying Amazon EKS and Kubernetes (K8s) cluster traffic is an important skill to possess. It is especially useful during incident-response and when troubleshooting networking issues surrounding nodes, pods, or services in your cluster. Amazon makes it easier to perform capture and query tasks with Amazon VPC Flow Logs and Amazon Athena. Administrators can use Amazon VPC Flow Logs to […]

Securing VPCs Egress using IDS/IPS leveraging Transit Gateway

In a typical enterprise network, customers have VPCs across multiple accounts within an AWS Region to segment workloads. This segmentation can take different forms and depends on the company structure, security policy, business functions, and model. The drivers of the segmentation can vary. For example, segmentation could be driven by security and regulatory requirements, costs, […]

How to integrate third-party firewall appliances into an AWS environment

Update October 11, 2020 – While the implementations described in this post remain valid, it was written before Gateway Load Balancer became available. Gateway Load Balancer is designed specifically for adding firewalls and other virtual network appliances to your AWS network. If you would like to learn more, Introducing AWS Gateway Load Balancer: supported architecture […]

Network Architecture that shows Direct Connect Gateway attached to private virtual interface, and associated to virtual private gateway in two region.

Setting up AWS Direct Connect gateway to route DX traffic to any AWS Region

Direct Connect Senior Product Managers Madhura Kale and Erik Klavon contributed to this post. AWS Direct Connect (DX) has been a popular method for businesses to connect to AWS services, giving users a secure and reliable connection to an AWS Region. There are more than 100 DX locations available globally across major cities. However, you […]