Category: Technical How-to

AWS Direct Connect now supports MACsec security (IEEE 802.1AE), giving you a new option for securing your data from when it leaves your network until it arrives at AWS. With this release, Direct Connect delivers native, near line-rate, and point-to-point encryption for 10 Gbps and 100 Gbps links. Available at select locations for dedicated connections […]

In this blog post, we will present an approach to starting small and testing the benefits of AWS Global Accelerator before determining if you would like to transition to a full Global Accelerator enhanced application. Similarly, if you are interested in performing A/B testing or looking for a rolling deployment method for the Global Accelerator, this blog […]

Many organizations want to replay production traffic to a test environment, with no impact on the end user’s experience. This is known as traffic mirroring or traffic shadowing. Testing the new version of a workload with production traffic is a key step for a successful release. Some tests use scripted requests, but real traffic is […]

Many customers ask us how they can point their zone apex to their web content if it uses a DNS name rather than an IP address. This blog covers three design patterns and approaches that solve zone apex challenges with third-party DNS providers for applications hosted in AWS—and the pros and cons of each approach.

Security and cost are always a top priority for AWS customers when designing their network. Amazon Virtual Private Cloud (Amazon VPC),  and it’s related networking components, offer many tools for implementing network connectivity. One such tool is VPC endpoints. Powered by AWS PrivateLink, VPC endpoints are private connections between your VPC and another AWS service […]

Introduction Many organizations use hybrid networks to connect on-premises data centers to the cloud. These networks often use both AWS Direct Connect and private WAN MPLS links to connect data centers to cloud resources and to each other. With multiple connections, organizations need to be able to control the path that network traffic will follow […]

AWS Web Application Firewall (AWS WAF) is commonly used to protect HTTP and HTTPS requests forwarded to Amazon CloudFront. When you are using this approach, default 403 error pages do not distinguish whether the error came from AWS WAF or the CloudFront Origin. As an AWS WAF and Amazon CloudFront user, you may want to […]

On the AWS networking team, we’re often asked by customers who use AWS Global Accelerator to provide guidance around how to test and measure the network performance of their applications. To share this information more broadly, we decided to write this blog post. In this post, we discuss the factors that impact network performance and […]

Introduction When you provide content online, personalization is used to improve your customers’ experience, market effectively, and meet regulatory requirements. One common way you can personalize web content is based on the geographical location of your customers. Since 2014, Amazon CloudFront has supported country-level location based personalization with a feature called Geolocation Headers. Using the […]

Introduction AWS services and features are built with security as a top priority. With Amazon Virtual Private Cloud (VPC), customers are able to control network security using Network Access Control Lists (NACL) and Security Groups (SG). Many customers have requirements beyond the scope of these network security controls, such as deep packet inspection (DPI), application […]