Category: *Post Types

Organizations today use many ways to drive traffic to their websites and applications. This is important for new feature launches, marketing campaigns, advertising, and so on. One common approach uses HTTP/S redirects, where you send a user from one domain, or Uniform Resource Locator (URL), to another. Redirects are incredibly useful tools when moving websites, […]

Load balancers are a critical component in the architecture of distributed software services. AWS Elastic Load Balancing (ELB) provides highly performant automatic distribution for any scale of incoming traffic across many compute targets (Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Container Service (Amazon ECS), AWS Lambda, etc.), while enabling developers to adopt security best practices […]

Many of our customers take a “defense in depth” approach to secure workloads within their Amazon Virtual Private Clouds (Amazon VPC). Using domain list rules in AWS Network Firewall and Amazon Route 53 Resolver DNS Firewall lets you enforce network security controls at multiple layers based on domain names. Although both DNS Firewall and Network […]

This post provides a solution to enhance the Amazon CloudFront origin security of on-premises web servers by automating the AWS IP prefix update process for some network firewalls. CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds—all within […]

Earlier this year, we released technical guidance regarding three advanced design patterns for highly available applications using Amazon CloudFront and Amazon Route 53. In this post, we dive deeper into CloudFront origin failover, Amazon Route 53 DNS failover, and the hybrid origin failover approach to further enhance the availability of your web applications. We also […]

Introduction Since its launch in 2020, AWS Transit Gateway Connect has provided a native way for you to connect third-party SD-WAN appliances to an AWS Transit Gateway. Connect attachments use Generic Routing Encapsulation (GRE) tunnels and Border Gateway Protocol (BGP) to exchange routes between the Transit Gateway and an appliance. Prior to Transit Gateway Connect, […]

AWS Verified Access (AVA) offers a solution to the challenges faced by enterprises by managing remote workforce connectivity through traditional remote access VPNs. It allows remote employees to securely access corporate applications over the Internet while authenticating and authorizing each request. Unlike traditional VPN systems, which lack granularity for application-level authentication and authorization, AVA implements […]

Introduction Customers use multi-region architecture to achieve application resiliency such as Active-Active or Disaster Recovery (DR). Depending on DR strategy, customers may need to have failover from one region to the next. DR strategies are covered off in detail in a prior AWS Blog. DR strategies include either an Active/Passive or Multi-Site Active/Active approaches. Active/Passive […]

It was only just over a month ago, yet somehow it already feels like it could have been a dream. Following 4 action-packed weeks of soccer, capped by perhaps the greatest ever final of any major tournament, Lionel Messi lifted the World Cup aloft in the futuristic Lusail Stadium in Qatar. It was a World […]

Organizations have been adopting IPv6 in their IPv4 environments to solve IP address exhaustion or meet compliance requirements. Since IPv6 isn’t backward compatible with IPv4, several mechanisms can facilitate communication between hosts that support one or both protocols. One common way is by using dual stack deployments. For architectures where dual stack deployments aren’t the […]