Networking & Content Delivery

Category: AWS VPN

Using AWS SSO with AWS Client VPN for authentication and authorization

AWS Client VPN  is a simple solution that allows users to connect from anywhere to their AWS environments, a capability that has become important to almost every organization over the last year. Single sign-on (SSO) is used widely across organizations of all sizes to authenticate and authorize their users’ access to enterprise applications and IT […]

Read More
Building Multi-Region AWS Client VPN with AWS Directory Service and Amazon Route 53

Building Multi-Region AWS Client VPN with Microsoft Active Directory and Amazon Route 53

Introduction Organizations often require a secure connection between their users and resources on internal networks. For organizations with a global workforce, traditional virtual private network (VPN) solutions can be difficult to scale. Providing a single VPN endpoint creates a single point of failure: an outage would mean loss of connectivity to critical IT infrastructure. Authenticating […]

Read More

Secure hybrid access to Amazon S3 using AWS PrivateLink

AWS PrivateLink for Amazon S3 enables on-premises applications to privately and securely access Amazon S3 over AWS Direct Connect private virtual interface or AWS Site to Site VPN. The Interface VPC Endpoints for Amazon S3 allow security administrators to control which users can access which data in S3 from on premises and cross-Region using their […]

Read More

Introduction to Network Transformation on AWS – Part 2

Introduction This blog post is a continuation of Introduction to Network Transformation on AWS – Part 1. To recap, as your organization begins to embrace cloud, you extend your network to AWS using a hybrid connectivity architecture. When we work with customers, we see that their network traffic patterns have been changing as more applications […]

Read More

Introduction to Network Transformation on AWS – Part 1

Introduction Your organization may have a sprawling network built with variety of topologies. As your organization begins to embrace cloud, you extend your network to AWS using a hybrid connectivity architecture. Over time, traffic patterns change as more and more of your applications move to the cloud. This means that you can start transforming your […]

Read More

Simulating Site-to-Site VPN customer gateways using strongSwan part 2: Certificate-based authentication

Do you need to either demonstrate or learn more about using certificate-based authentication with AWS Site-to-Site VPN capabilities? In part 1 of this series, we showed how to use an AWS CloudFormation template to deploy the open source strongSwan VPN solution to implement the on-premises side of an AWS Site-to-Site VPN connection. The open source […]

Read More

Enforcing VPN access policies with AWS Client VPN connection handler

Overview AWS Client VPN, launched in 2018, enables you to use your OpenVPN-based clients to securely access your AWS and on-premises networks from anywhere. With recent updates, you can also enforce additional security policies on connections to a Client VPN endpoint by configuring a client connect handler (referred to as the “handler” in this post). […]

Read More

Simulating Site-to-Site VPN Customer Gateways Using strongSwan

Have you ever needed to demonstrate or gain hands-on experience with AWS site-to-site VPN capabilities, but didn’t know how to easily implement the on-premises side of a VPN connection? This post shows how to use an AWS CloudFormation template to easily deploy the open source strongSwan VPN solution to simulate an on-premises customer gateway in […]

Read More

Building a global network using AWS Transit Gateway Inter-Region peering

Global companies have historically dedicated considerable financial and engineering resources to building wide-area-networks (WANs) so people in different geographies could stay connected and operate as a single entity. Those WANs are typically implemented using Carrier Ethernet (CE) services delivered by leading telecommunications providers, commonly referred to as MPLS services. In recent years, the IT “center […]

Read More

Authenticate AWS Client VPN users with SAML

Introduction Authenticating users to applications and services on the web and at scale can be challenging. Having a separate set of credentials for each application is not an efficient approach. It is difficult to manage for IT departments and doesn’t provide a good experience for users. A common way to solve this challenge is to use […]

Read More