Networking & Content Delivery
Tag: Gateway Load Balancer
Introducing configurable TCP idle timeout for Gateway Load Balancer
Update: Sep 10, 2024 – Corrected a CloudWatch metric name. Amazon Web Service (AWS) Gateway Load Balancer (GWLB) is a managed AWS service that allows you to insert third-party firewall appliances into the data path. GWLB helps you deploy, scale, and manage third-party appliances, and it acts as a bump-in-the-wire device and passes traffic transparently […]
Experian: Centralized internet ingress using AWS Gateway Load Balancer and AWS Transit Gateway
This is a guest post co-written with Mike Mosher, Sr Principal Cloud Platform Network Architect, and Daniel Lee, Lead Cloud Platform Engineer, from Experian. Experian is a global technology company that offers credit risk, fraud, targeted marketing, and automated decisioning solutions. We are an AWS early adopter and have embraced the cloud to drive digital […]
Announcing Amazon Virtual Private Gateway Ingress Routing support for Gateway Load Balancer
Today, on 30th August 2023, AWS launched a new enhancement to the Amazon Virtual Private Cloud (Amazon VPC) Ingress Routing feature. With this enhancement, customers can now specify a Gateway Load Balancer Endpoint (GWLBE) as the next-hop in the virtual private gateway (VGW) route table. This allows customers to inspect their traffic coming into AWS […]
VPC Routing Enhancements and GWLB Deployment Patterns
At re:Invent 2020, AWS introduced Gateway Load Balancer (GWLB), an AWS service that helps you deploy, scale, and manage third-party virtual network appliances, such as firewalls, intrusion detection and prevention systems, and others. GWLB is a type of load balancer under the Elastic Load Balancing (ELB) family. Other load balancers within the ELB family include […]
Introducing AWS Gateway Load Balancer Target Failover for Existing Flows
Introduction: AWS Gateway Load Balancer (GWLB) is an Elastic Load Balancing (ELB) service that allows customers to insert third-party virtual appliances such as firewall, intrusion detection and prevention systems (IDS/IPS), network observability and others, transparently into the traffic path. Application Load Balancer (ALB) and Network Load Balancer (NLB) are reverse proxies and traffic is routed […]
Introduction to Traffic Mirroring to GWLB Endpoints as Target
Network architects need the ability to gain insights into real-time traffic between different resources within their VPCs. Since the announcement of VPC Traffic Mirroring in 2019, the VPC feature has provided this by copying network traffic from elastic networking interfaces (ENIs) on customer’s instances as source, and then sending the traffic to a destination target […]
Building an Open Source IDS IPS service for Gateway Load Balancer
The Gateway Load Balancer (GWLB) service launched with support from the partner network. These partners provide networking appliances that enable customers to perform varying levels of packet inspection on flows that pass through them, taking action as necessary and as defined within their configuration. For a list of partners that support GWLB, refer to the […]
Best practices for deploying Gateway Load Balancer
As of September 5, 2024, GWLB allows you to configure the GWLB transmission control protocol (TCP) idle timeout from 60 seconds to 6000 seconds. And, GWLB uses either a 2-tuple, 3-tuple, or a 5-tuple hash to define a flow and routes all packets of a flow to one of its backend targets. Refer to the […]
Centralized inspection architecture with AWS Gateway Load Balancer and AWS Transit Gateway
In our conversations with customers, we are often asked about the best way to architect centralized inspection architectures. Since the launch of AWS Gateway Load Balancer (GWLB), those discussions increasingly revolve around how to use AWS Transit Gateway, Gateway Load Balancer and Gateway Load Balancer Endpoints (GWLBE) together. In this post, we explain how to […]
Scaling network traffic inspection using AWS Gateway Load Balancer
Updated “Cross-zone load balancing and appliance failures” section on 25th March, 2021 Organizations use next-generation firewalls (NGFW) and intrusion prevention systems (IPS) as part of their defense in depth strategy. In an on-premises network, these often take the form of dedicated hardware or software or virtual “appliances.” As companies move to the cloud, they want […]