Networking & Content Delivery

Tag: AWS PrivateLink

Leveraging AWS PrivateLink for volumetric data processing

AWS PrivateLink provides private, secure connectivity between VPCs, AWS services, and your on-premises networks, without exposing your traffic to the public internet. AWS PrivateLink offers three primary benefits to customers. First, it provides a way for two parties to establish private connectivity without requiring an Internet Gateway (IGW), thereby helping both parties to deploy airtight […]

Read More

Scaling network traffic inspection using AWS Gateway Load Balancer

Updated “Cross-zone load balancing and appliance failures” section on 25th March, 2021 Organizations use next-generation firewalls (NGFW) and intrusion prevention systems (IPS) as part of their defense in depth strategy. In an on-premises network, these often take the form of dedicated hardware or software or virtual “appliances.” As companies move to the cloud, they want […]

Read More

Hybrid Networking using VPC Endpoints (AWS PrivateLink) and Amazon CloudWatch for Financial Services

Amazon CloudWatch offers a centralized service to collect monitoring and operational data in the form of logs, metrics, and events. This provides a unified view of AWS resources, applications, and services that run on AWS and on-premises servers. When you have Amazon CloudWatch agents running on-premises, the default behavior is to export the collected metrics […]

Read More

Centralized logging platform for EC2 instances over AWS PrivateLink

Introduction Running enterprise applications and workloads requires visibility and insight. Debugging errors or investigating a security incident in your application across hundreds of log files on hundreds of servers is time consuming and complicated. A common approach to resolve this problem is building a centralized logging platform that collects and aggregates different types of logs […]

Read More

Building an egress VPC with AWS Transit Gateway and the AWS CDK

Introduction With the introduction of AWS Transit Gateway, it is easier for customers to manage connectivity between many VPCs. Further simplification can be achieved by routing all outbound traffic through one shared egress VPC. This allows re-use of NAT Gateways and can improve overall network design and operational efficiency. This ‘egress VPC’ design pattern is […]

Read More

Integrating AWS Transit Gateway with AWS PrivateLink and Amazon Route 53 Resolver

I want to take some time to dive more deeply into a use case outlined in NET301 Best Practices for AWS PrivateLink. The use case involves using AWS Transit Gateway, along with Amazon Route 53 Resolver, to share AWS PrivateLink interface endpoints between multiple connected Amazon virtual private clouds (VPCs) and an on-premises environment. We’ve seen […]

Read More

Centralized DNS management of hybrid cloud with Amazon Route 53 and AWS Transit Gateway

A successful hybrid networking strategy goes beyond private network connectivity. It often requires dealing with independent internal zones both in Amazon Virtual Private Cloud (Amazon VPC) and on-premises. Such a strategy needs Domain Name System (DNS) naming that spans the entire network. Typically, this is managed by providing name resolution services in the same place […]

Read More

How to securely publish Internet applications at scale using Application Load Balancer and AWS PrivateLink

If you have applications spread across multiple Virtual Private Clouds (VPCs) and want to expose those applications to the Internet, you can choose from different approaches. One option is to give each VPC its own dedicated connectivity to the Internet through an attached Internet gateway. Another approach is to centralize access from the Internet through […]

Read More

How to use AWS PrivateLink to secure and scale web filtering using explicit proxy

Many customers use web filtering proxy solutions to monitor and control web traffic from their VPCs. When you have many accounts and VPCs, you will need to deploy multiple stacks of these solutions. This increases the complexity and overhead of managing these solutions. By centralizing the web filtering proxy service, you can easily and securely […]

Read More