Networking & Content Delivery

Category: AWS Transit Gateway

Migrating accounts between AWS Organizations from a network perspective

In this post, we’ll discuss the considerations, recommendations, and approach for migrating AWS accounts between AWS Organizations from a networking perspective. We’ll explain the behavior of AWS networking resources when AWS accounts are moved between Organizations. We’ll also analyze the behavior from different viewpoints including service availability, management and governance, as well as commercial and operations. […]

Read More

Introducing VPC Flow Logs for AWS Transit Gateway

Since the launch of Amazon Virtual Private Cloud (Amazon VPC) Flow Logs in 2015, customers have utilized VPC Flow Logs to gain better visibility of network traffic patterns on AWS by providing network telemetry data regarding the IP traffic flowing to and from ENIs within a given VPC. As customers’ networks grew, customers began utilizing […]

Read More

AWS Cloud WAN and AWS Transit Gateway migration and interoperability patterns

Introduction At AWS re:Invent 2021, we launched a public preview of AWS Cloud WAN, a managed service for creating a global network using AWS global network infrastructure. Cloud WAN makes it easy to build and operate global wide area networks (WAN) to connect your data centers, branch offices, and Amazon Virtual Private Clouds (VPCs). Cloud […]

Read More

Introducing AWS Site-to-Site VPN Private IP VPNs

One of the most common ways that customers connect securely to AWS from on premises is by using the AWS Site-to-Site VPN managed IPSec VPN solution. One key benefit our customers look for when using the service is not having to manage 3rd-party or custom VPN solutions built using EC2 instances. The native service is […]

Read More

Using AWS Transit Gateway connect to extend VRFs and increase IP prefix advertisement

Overview You can solve advanced network use-cases encountered by Service Providers extending AWS cloud hosted services to their customers. Doing this often requires advertising thousands of IP prefixes into the AWS cloud, while maintaining separation of unavoidable conflicting IP address space. This can be accomplished by increasing IP prefix advertisement and extending Virtual Routing and […]

Read More

How Repsol manages and monitors their AWS network with dashboards, alarms and automation

Large enterprises often deploy workloads on Amazon Web Services (AWS) using multiple accounts. This helps isolate workloads, manage permissions more easily, and simplifies cost allocation. However, managing a multi-account environment can make your network topology more complex and requires additional monitoring and automation. At Repsol, a global multi-energy company present throughout the entire value chain, […]

Read More

Running multicast-enabled containers on AWS

Introduction Multicast is a popular IP-based communication mechanism that is actively employed in many industry verticals, including finance, media, telco, transportation, and others. This post describes how to enable multicast in container environments orchestrated by Amazon Elastic Container Service (ECS). Although Amazon ECS is a fully managed container orchestration service, some additional steps must be […]

Read More

Design your firewall deployment for Internet ingress traffic flows

Introduction Exposing Internet-facing applications requires careful consideration of what security controls are needed to protect against external threats and unwanted access. These security controls can vary depending on the type of application, size of the environment, operational constraints, or required inspection depth. For some scenarios, running Network Access Control Lists (NACL) and Security Groups (SG) […]

Read More
AWS Transit Gateway now supports Intra-Region Peering

AWS Transit Gateway now supports Intra-Region Peering

Introduction When we first released AWS Transit Gateway in 2018, it started with support for Amazon Virtual Private Cloud (Amazon VPC) and Site-to-Site VPN attachments. Customers loved the simplicity of deploying hub-and-spoke architectures, built-in resiliency and high availability, and the ability to scale to thousands of attachments using a single gateway. Thereafter we followed with […]

Read More

Automate Networking foundation in multi-account environments

As AWS customers adopt multi-account strategies, they need to have cross-account networking in their AWS environment. They also need to extend their network across multiple AWS Regions when creating multi-Region applications or disaster recovery environments. AWS has many services and features that allow you do to exactly that with great flexibility. But for users that […]

Read More