Networking & Content Delivery
Category: *Post Types
Protect against bots with AWS WAF Challenge and CAPTCHA actions
Protecting against bot threats requires insights into the client environment beyond what is available through network-level characteristics of a request, such as TCP or HTTP payload signatures. AWS WAF uses CAPTCHA and Challenge actions to undertake a client-side interaction, whether on a mobile device or browser, to understand this client environment before they can be […]
Introducing dual-stack without public IPv4 Application Load Balancer
In May 2024, Amazon Web Services (AWS) launched a new feature for internet-facing Application Load Balancers. This enhancement allows you to provision an internet-facing Application Load Balancer without needing public IPv4 addresses, enabling clients to connect using only IPv6 addresses. To connect, clients resolve the AAAA DNS records assigned to the Application Load Balancer. The […]
Tenant routing strategies for SaaS applications on AWS
A key challenge for SaaS providers is designing secure, scalable tenant routing mechanisms to identify tenants and route requests to appropriate resources. Effective tenant routing ensures isolation, scalability, and security. This post explores strategies for routing HTTP requests in multi-tenant SaaS environments on AWS, including considerations, best practices, and example scenarios. For routing strategies at […]
Simplify global security inspection with AWS Cloud WAN Service Insertion
Update: June 28, 2024 – Corrections were made to Figure 5 and the subsequent packet walkthrough. AWS Cloud WAN is a managed wide-area networking (WAN) service that you can use to build and operate wide area networks that connect your data centers and branch offices, as well as your Amazon Virtual Private Cloud (Amazon VPC) […]
How to use Amazon Athena queries to analyze AWS WAF logs and provide the visibility needed for threat detection
Web application security is an ongoing process. AWS WAF enables real-time monitoring and blocking of potentially harmful web requests. Bot Control and Fraud Control use machine learning (ML) to detect and prevent sophisticated threats. Bot traffic can make up anywhere from 30% to 50% or even more of total web traffic. After enabling AWS WAF, […]
IPv6 deployment models for AWS Network Firewall
AWS Network Firewall is a managed, stateful network firewall and intrusion protection service that allows you to implement firewalls rules for fine grained control over your network traffic. If you’re new to AWS Network Firewall, and want to understand its features and use cases, we recommend you review the blog post AWS Network Firewall – […]
How to seamlessly migrate traffic between Direct Connect gateways
In this blog post, we explore a scenario in which Goldman Sachs, wanted to transfer ownership of several of its key network components between teams in a controlled and seamless manner. Specifically, we take a deep dive on migrating traffic between Direct Connect gateways while maintaining end-to-end connectivity. As a multinational investment bank and financial […]
Join us at the AWS World IPv6 Day Celebration
The AWS World IPv6 Day Celebration is a free in-person event. Join us for technical presentations from AWS experts plus a workshop and whiteboarding session. You will learn how to get started with IPv6 and hear from customers who have started on the journey of IPv6 adoption. Be ready to ask AWS experts questions on […]
How to monitor internet traffic to CloudFront edge in one click with Amazon CloudWatch Internet Monitor
Amazon Web Services (AWS) offers a streamlined solution for you to monitor internet traffic to your CloudFront distribution with simple integration for Amazon CloudWatch Internet Monitor in the Amazon CloudFront console. Ensuring optimal performance and availability is paramount for internet applications. With this integration, you can easily gain more insights into internet health and your users’ experience for an application that you’ve set up with a CloudFront distribution.
Introducing VPC Flow Logs for Elastic Container Services
Introduction Amazon Virtual Private Cloud (VPC) is the foundational networking construct used by customers to deploy workloads on AWS. To examine VPC traffic and gain insights into communication patterns, customers collect and analyze VPC Flow Logs, leveraging the capabilities and features AWS has continuously added since 2015. You can get started with Flow Logs by […]