Networking & Content Delivery
Category: *Post Types
Accelerate your IPv6 adoption on AWS with Amazon VPC Lattice
An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, and the need to provide service availability to IPv6-only clients. While undergoing this transformation, customers sometimes find it difficult to assess application behavior in IPv6-enabled environments on AWS. In this blog post, we show […]
Using Amazon CloudWatch Internet Monitor for enhanced internet observability
Amazon CloudWatch Internet Monitor alerts you to critical internet health events that affect your application users. However, it can also play a key role in helping you efficiently troubleshoot and mitigate network problems before they affect your customers or cause headaches for your leadership. The simplest and most efficient way to leverage the new internet-centric […]
Announcing AWS Global Accelerator IPv6 support for Amazon EC2 endpoints
AWS Global Accelerator now offers dual-stack accelerators that let you route both IPv4 and IPv6 traffic to Amazon Elastic Compute Cloud (Amazon EC2) instances as endpoints, in addition to Application Load Balancers. In this post, we describe the benefits of using dual-stack accelerators with IPv6 EC2 endpoints, and go through a step-by-step guide for adding […]
How to configure block duration for IP addresses rate limited by AWS WAF
Volumetric attack is one of the most common type of cyberattack, where a web application is overwhelmed with an enormous number of HTTP requests. This flood of excessive requests puts a strain on the application’s servers, leading to degraded performance, increased latency for legitimate users and in severe cases, resource exhaustion. AWS WAF’s rate-based rules […]
Integrating AWS Verified Access with device trust providers
In this post, we discuss how to architect Zero Trust based remote connectivity on AWS. Specifically, we will be exploring how to integrate Verified Access with CrowdStrike, a device trust provider. This solution builds upon the Okta-based identity provider integration previously published in this AWS post. Zero Trust is a conceptual model, and an associated […]
Deploying hybrid networks using AWS Cloud WAN and AWS Direct Connect
Update: Jan 14, 2025 – AWS launched built-in support for Direct Connect attachments without requiring a TGW. For more information, please see the following launch blog AWS Cloud WAN is a managed wide-area networking (WAN) service for building, managing, and monitoring a unified global network, as well as connecting resources running across your cloud and […]
Set up end-to-end tracing with Amazon CloudFront using OpenTelemetry
In a modern distributed system, identifying where a problem has occurred is not a trivial task. In fact, it’s a key capability that an organization must master to maintain its competitiveness. Tracing is a great methodology to be used for this purpose. It creates a series of formatted logs with an identifier called Trace ID, which […]
Removing Unassociated Elastic IPs
Have you ever wondered why your Elastic IP (EIP) count is growing, and what’s behind the “ElasticIP:IdleAddress” line item on your AWS bill? This could be because there is an hourly charge for EIP addresses that are not associated with a running instance, when an EIP is associated with a stopped instance, or when there […]
Improving Performance on AWS and Hybrid Networks
In this post, we provide recommendations to improve network performance on AWS and hybrid networks. In today’s enterprise networking environment, it is becoming common for customers to have multi-gigabit connectivity to AWS either through AWS Direct Connect or over the Internet. Although network bandwidth is fundamental, several other factors come into play for network performance, […]
Using AWS WAF intelligent threat mitigations with cross-origin API access
AWS WAF offers advanced features for filtering undesired web application traffic, such as Bot Control and Fraud Control. These intelligent threat mitigations include techniques such as client-side interrogations using JavaScript challenges or CAPTCHA, as well as client-side behavioral analysis. Implementing these techniques on a web page with a same-origin access is simple. When a cross-domain […]