Networking & Content Delivery
How to use Amazon Athena queries to analyze AWS WAF logs and provide the visibility needed for threat detection
Web application security is an ongoing process. AWS WAF enables real-time monitoring and blocking of potentially harmful web requests. Bot Control and Fraud Control use machine learning (ML) to detect and prevent sophisticated threats. Bot traffic can make up anywhere from 30% to 50% or even more of total web traffic. After enabling AWS WAF, […]
IPv6 deployment models for AWS Network Firewall
AWS Network Firewall is a managed, stateful network firewall and intrusion protection service that allows you to implement firewalls rules for fine grained control over your network traffic. If you’re new to AWS Network Firewall, and want to understand its features and use cases, we recommend you review the blog post AWS Network Firewall – […]
How to seamlessly migrate traffic between Direct Connect gateways
In this blog post, we explore a scenario in which Goldman Sachs, wanted to transfer ownership of several of its key network components between teams in a controlled and seamless manner. Specifically, we take a deep dive on migrating traffic between Direct Connect gateways while maintaining end-to-end connectivity. As a multinational investment bank and financial […]
Join us at the AWS World IPv6 Day Celebration
The AWS World IPv6 Day Celebration is a free in-person event. Join us for technical presentations from AWS experts plus a workshop and whiteboarding session. You will learn how to get started with IPv6 and hear from customers who have started on the journey of IPv6 adoption. Be ready to ask AWS experts questions on […]
Using connection tracking improvements to increase network performance
Connection tracking (conntrack) is a networking concept where a networking device, like a firewall, router, or NAT device, needs to track and maintain information about the state of IP traffic going through it. The AWS Nitro System that underlies AWS networking does connection tracking for some types of network traffic to implement the stateful nature […]
Connecting Saas services within a VPC Lattice service network
Many AWS customers modernizing their applications into modular services to speed up the development process and improve their ability to scale out individual services as part of the architecture. This includes services developed by the customer and SaaS applications developed by partners. Communication between services requires network connectivity across the Amazon Web Services (AWS) environment. […]
How to monitor internet traffic to CloudFront edge in one click with Amazon CloudWatch Internet Monitor
Amazon Web Services (AWS) offers a streamlined solution for you to monitor internet traffic to your CloudFront distribution with simple integration for Amazon CloudWatch Internet Monitor in the Amazon CloudFront console. Ensuring optimal performance and availability is paramount for internet applications. With this integration, you can easily gain more insights into internet health and your users’ experience for an application that you’ve set up with a CloudFront distribution.
Introducing VPC Flow Logs for Elastic Container Services
Introduction Amazon Virtual Private Cloud (VPC) is the foundational networking construct used by customers to deploy workloads on AWS. To examine VPC traffic and gain insights into communication patterns, customers collect and analyze VPC Flow Logs, leveraging the capabilities and features AWS has continuously added since 2015. You can get started with Flow Logs by […]
Restrict access to AWS Elemental MediaPackage v2 using origin access control
AWS Elemental MediaPackage provides customers the ability to deliver live and video on demand (VOD) securely and reliably at scale. Integrating with other Media Services on AWS and content delivery networks (CDNs) like Amazon CloudFront, MediaPackage offers resilient video origination while reducing media workflow complexity for customers. In 2023, we announced the support for low-latency […]
How to share IP address ranges across accounts with AWS Global Accelerator
Maintaining ownership of IP addresses while deploying resources in multiple accounts can lead to underutilized IP address ranges. AWS Global Accelerator supports cross-account sharing for bring your own IP addresses (BYOIP), which enables you to share IP address ranges with multiple AWS accounts. After you provision an IP address range with Global Accelerator using BYOIP, […]