Networking & Content Delivery

Tag: Security

Amazon CloudFront introduces Origin Access Control (OAC)

Amazon CloudFront is a global content delivery network that securely delivers applications, websites, videos, and APIs to viewers across the globe in milliseconds. Using CloudFront, customers can access different types of origin services to suit their use cases. One of the performant architectures customers adopt is to use Amazon S3 as the origin to host […]

Restricting access on HTTP API Gateway Endpoint with Lambda Authorizer

Customers use Amazon API Gateway APIs for critical production applications ranging from simple HTTP proxies to full-blown API management with request transformation, authentication, and validation. Starting in 2019, HTTP APIs have provided an enhanced alternative to the traditional API Gateway REST APIs, with HTTP APIs offering up to 60% latency reduction, 71% cost reduction, and […]

Well-Architecting online applications with CloudFront and AWS Global Accelerator

Introduction Worldwide, millions of customers are actively using AWS to build applications for every imaginable use case, with a variety of regions in which they can deploy infrastructure. An AWS Region is a physical location where AWS clusters data centers and operates regional services, like AWS Elastic Compute Cloud (EC2) and Amazon Simple Storage Service […]

Limit access to your origins using the AWS-managed prefix list for Amazon CloudFront

Amazon CloudFront provides an easy and cost-effective way to distribute content with low latency and high data transfer speeds using a worldwide network of edge locations. To enable requests from CloudFront to access your origins (the source of your content, for example, Amazon Elastic Compute Cloud (Amazon EC2) instances, the security policies on your origin […]

Leveraging AWS PrivateLink for volumetric data processing

AWS PrivateLink provides private, secure connectivity between VPCs, AWS services, and your on-premises networks, without exposing your traffic to the public internet. AWS PrivateLink offers three primary benefits to customers. First, it provides a way for two parties to establish private connectivity without requiring an Internet Gateway (IGW), thereby helping both parties to deploy airtight […]

Introduction to Network Transformation on AWS – Part 1

Introduction Your organization may have a sprawling network built with variety of topologies. As your organization begins to embrace cloud, you extend your network to AWS using a hybrid connectivity architecture. Over time, traffic patterns change as more and more of your applications move to the cloud. This means that you can start transforming your […]

CloudFront Functions – A New Security Paradigm for CDN Edge Computing

CloudFront Functions is a new serverless scripting capability that allows you to run JavaScript code at more than 225 Amazon CloudFront edge locations to perform lightweight HTTP transformations and customize content delivery. This blog details our security journey and the controls we put in place to make CloudFront Functions raise the security bar when it comes to edge computing capabilities.

Adding MACsec security to AWS Direct Connect connections

AWS Direct Connect now supports MACsec security (IEEE 802.1AE), giving you a new option for securing your data from when it leaves your network until it arrives at AWS. With this release, Direct Connect delivers native, near line-rate, and point-to-point encryption for 10 Gbps and 100 Gbps links. Available at select locations for dedicated connections […]

Scaling network traffic inspection using AWS Gateway Load Balancer

Updated “Cross-zone load balancing and appliance failures” section on 25th March, 2021 Organizations use next-generation firewalls (NGFW) and intrusion prevention systems (IPS) as part of their defense in depth strategy. In an on-premises network, these often take the form of dedicated hardware or software or virtual “appliances.” As companies move to the cloud, they want […]

How to integrate third-party firewall appliances into an AWS environment

Update October 11, 2020 – While the implementations described in this post remain valid, it was written before Gateway Load Balancer became available. Gateway Load Balancer is designed specifically for adding firewalls and other virtual network appliances to your AWS network. If you would like to learn more, Introducing AWS Gateway Load Balancer: supported architecture […]