Networking & Content Delivery

Category: Security, Identity, & Compliance

Migrating accounts between AWS Organizations from a network perspective

In this post, we’ll discuss the considerations, recommendations, and approach for migrating AWS accounts between AWS Organizations from a networking perspective. We’ll explain the behavior of AWS networking resources when AWS accounts are moved between Organizations. We’ll also analyze the behavior from different viewpoints including service availability, management and governance, as well as commercial and operations. […]

Read More

Automating Domain Delegation for Public Applications in AWS

Security is top priority at AWS. Cybersecurity and digital risk management are the primary considerations of customers when ensuring that security and trust are always in place for a secure data and cloud infrastructure. These concerns are even more critical for public internet facing applications, which are accessed using a public domain. In AWS Cloud, […]

Read More

AWS Networking and Content Delivery Recap of re:Invent 2021

Happy 2022 AWS Networking & Content Delivery enthusiasts! In December 2021, AWS hosted its 10th annual re:Invent conference. The Networking & Content Delivery team had 14 unique breakout sessions that were recorded and can be found on this playlist. In addition to these sessions, the Networking team had a leadership session presented by David Brown, […]

Read More

Using AWS SSO with AWS Client VPN for authentication and authorization

AWS Client VPN  is a simple solution that allows users to connect from anywhere to their AWS environments, a capability that has become important to almost every organization over the last year. Single sign-on (SSO) is used widely across organizations of all sizes to authenticate and authorize their users’ access to enterprise applications and IT […]

Read More

Design your firewall deployment for Internet ingress traffic flows

Introduction Exposing Internet-facing applications requires careful consideration of what security controls are needed to protect against external threats and unwanted access. These security controls can vary depending on the type of application, size of the environment, operational constraints, or required inspection depth. For some scenarios, running Network Access Control Lists (NACL) and Security Groups (SG) […]

Read More

Continuous verification of network compliance using Amazon VPC Network Access Analyzer and AWS Security Hub

Introduction As your distributed application teams operate network infrastructure, it can be challenging for central security, networking, or cloud operations teams to determine whether the correct network controls are in place. Network controls, such as firewall rules, NAT Gateways, network access control lists (ACL’s), security groups, and network segmentation, serve as a critical first line […]

Read More
Building Multi-Region AWS Client VPN with AWS Directory Service and Amazon Route 53

Building Multi-Region AWS Client VPN with Microsoft Active Directory and Amazon Route 53

Introduction Organizations often require a secure connection between their users and resources on internal networks. For organizations with a global workforce, traditional virtual private network (VPN) solutions can be difficult to scale. Providing a single VPN endpoint creates a single point of failure: an outage would mean loss of connectivity to critical IT infrastructure. Authenticating […]

Read More

Join us for AWS Content Delivery Network Edge Week!

Upcoming Virtual Event Your customers expect low-latency, highly-available connectivity to your web applications all over the world, while your organization demands security, performance, and support at a reasonable cost. AWS CDN Edge Week is an online event series designed to help you navigate these business needs when building solutions in the evolving CDN edge. Join […]

Read More

Deployment models for AWS Network Firewall with VPC routing enhancements

Introduction Amazon Virtual Private Cloud (VPC) is a logically isolated virtual network. It has inbuilt network security controls and implicit routing between VPC subnets by design. Network security controls such as security groups (SGs) and network access control lists (ACLs) provide you with options to control network traffic. However these controls operate at network and transport […]

Read More