Networking & Content Delivery

Category: Best Practices

Monitoring load balancers using Amazon CloudWatch anomaly detection alarms

Load balancers are a critical component in the architecture of distributed software services. AWS Elastic Load Balancing (ELB) provides highly performant automatic distribution for any scale of incoming traffic across many compute targets (Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Container Service (Amazon ECS), AWS Lambda, etc.), while enabling developers to adopt security best practices […]

Centralizing outbound Internet traffic for dual stack IPv4 and IPv6 VPCs

Organizations have been adopting IPv6 in their IPv4 environments to solve IP address exhaustion or meet compliance requirements. Since IPv6 isn’t backward compatible with IPv4, several mechanisms can facilitate communication between hosts that support one or both protocols. One common way is by using dual stack deployments. For architectures where dual stack deployments aren’t the […]

VPC Routing Enhancements and GWLB Deployment Patterns

At re:Invent 2020, AWS introduced  Gateway Load Balancer (GWLB), an AWS service that helps you deploy, scale, and manage third-party virtual network appliances, such as firewalls, intrusion detection and prevention systems, and others. GWLB is a type of load balancer under the Elastic Load Balancing (ELB) family. Other load balancers within the ELB family include […]

Monitoring EC2 Connection Tracking utilization using a new network performance metric

In 2020, Amazon Elastic Compute Cloud (Amazon EC2) announced new network performance metrics for EC2 instances made available using ENA driver and Amazon CloudWatch agent. We covered the launch in this post. These network performance metrics give customers visibility into the number of packets queued or dropped when an instance’s networking allowances, such as Network […]

AWS Network Optimization Tips

When thinking about architecture, it’s very common to come across scenarios where there is no right or wrong answer – the best answer is “it depends”. You must carefully consider the tradeoffs between cost, performance, reliability, and operational efficiency before coming to a decision. A little planning ahead of time can help you avoid numerous […]

AWS Site-to-Site VPN, choosing the right options to optimize performance

AWS Site-to-Site VPN is a fully-managed performant, scalable, secure, and highly-available way to connect your on-premises users and workloads to AWS. When using Site-to-Site VPN you can connect to both Amazon Virtual Private Clouds (Amazon VPCs) with two tunnels per connection for increased redundancy. For even greater performance with sites further from your AWS Region(s), […]

Cost-Optimizing your AWS architectures by utilizing Amazon CloudFront features

Amazon CloudFront is a global content delivery network (CDN) that makes it easy to deliver websites, videos, apps, and APIs securely and at high speeds with low latency. You can use CloudFront to reduce latency by delivering data through 400+ globally dispersed Points of Presence (PoPs) and improve security with traffic encryption, access controls, and […]

Secure and accelerate Drupal CMS with Amazon CloudFront, AWS WAF, and Edge Functions

In this post, you’ll learn how to secure and accelerate the delivery of Drupal-based websites using Amazon CloudFront, AWS Web Application Firewall (AWS WAF), and Amazon CloudFront Functions. CloudFront is a content delivery network service (CDN) offering improved security and acceleration of the content served through it. This is true for static cacheable content and […]

Use CloudFront continuous deployment to safely validate CDN changes

Content delivery networks (CDN) like Amazon CloudFront are often the front door for users and devices to connect to websites or applications. A change to your CDN configuration could result in a complete outage with limited visibility into the cause of the issue. Today’s existing industry solutions for providing the testing of CDN configuration changes […]

Introducing Amazon VPC Flow Logs to Kinesis Data Firehose

Amazon Virtual Private Cloud (Amazon VPC) Flow Logs helps you understand network traffic patterns on AWS by providing network telemetry data about the IP traffic flowing to and from ENIs in your VPC. It lets you perform numerous analytics tasks, such as diagnosing overly restrictive security group rules, monitoring traffic that is reaching an instance, […]