Category: Thought Leadership

In this post, we explore architectural patterns for implementing centralized internet ingress with inspection using AWS Cloud WAN. We examine different design considerations and integration strategies with centralized internet egress while walking through practical examples and deployment scenarios. We demonstrate how to use the AWS Cloud WAN core networking capabilities alongside other AWS networking services […]

Building resilient and fault-tolerant systems in Amazon Web Services (AWS) is essential for maintaining stable workloads. When designing cloud architecture, the ability to handle sudden traffic surges becomes a critical consideration. Elastic Load Balancing (ELB) serves as the primary entry point for distributing both external and internal traffic efficiently across applications. In this post, we […]

In this post, we review how LexisNexis Risk Solutions modernized their Amazon Web Services (AWS) network by migrating from a legacy Transit Virtual Private Cloud (Transit VPC) architecture to a highly resilient global backbone network built with AWS Cloud WAN. We also dive deep into how AWS Cloud WAN helped LexisNexis Risk Solutions achieve streamlined […]

Introduction This post demonstrates how to migrate your Amazon CloudFront public origins to Amazon Virtual Private Cloud (Amazon VPC) origins using different strategies. You can also use VPC origins with cross-accounts to support security-first architectures. When designing network architecture for CloudFront workloads, organizations must choose between centralized or distributed models. In a centralized architecture, a […]

In this post, we examine the ability for Amazon VPC IP Address Manager (IPAM) to automate prefix lists updates with prefix list resolver. This new feature uses the IPAM database to generate groups of IP addresses based on connectivity requirements and automates connectivity configurations by propagating IP addresses to Amazon Web Services (AWS) resources, such […]

In this post, we demonstrate how to distribute Amazon VPC IP Address Manager (IPAM) costs from the IPAM owner account to the member accounts in AWS Organizations and implement chargeback. We walk through analyzing IPAM usage in AWS Cost Explorer from both member and management accounts. Furthermore, we cover key considerations and best practices for communication and […]

Users wanting to protect themselves from Layer 7 (HTTP) DDoS threats can use the AWS WAF L7 Anti-DDoS managed rule group to detect and mitigate DDoS events in single digit seconds. The Anti-DDoS managed rule group has a default configuration that is appropriate for many applications and clients. However, there are clients that need special […]

Introduction We recently announced that Amazon Route 53 Resolver Endpoint supports Domain Name System (DNS) delegation, allowing you to delegate authority for a subdomain from your on-premises infrastructure to Route 53 and vice versa. Previously, to implement DNS delegation and maintain a unified private DNS namespace across on-premises and in Amazon Web Services (AWS) environments, […]

February 2026 Update: AWS WAF has launched an AI Activity Dashboard for enhanced visibility into AI bot management. Learn more. Introduction The first web crawler was created in 1993 to measure the size of web, and they have now evolved into modern bots powered by agentic AI. Today’s internet is increasingly populated and dominated by […]

In today’s rapidly evolving cloud landscape, network architects, engineers, and cloud teams need to move faster to design, deploy, and manage complex Amazon Web Services (AWS) networking infrastructure at scale. The emergence of generative AI capabilities, particularly Amazon Bedrock and Amazon Q, offers unprecedented opportunities to transform how we approach these challenges and solve them […]