Networking & Content Delivery

Tag: VPC

Centralize access using VPC interface endpoints to access AWS services across multiple VPCs

Security and cost are always a top priority for AWS customers when designing their network. Amazon Virtual Private Cloud (Amazon VPC),  and it’s related networking components, offer many tools for implementing network connectivity. One such tool is VPC endpoints. Powered by AWS PrivateLink, VPC endpoints are private connections between your VPC and another AWS service […]

Read More

Using VPC Traffic Mirroring to monitor and secure your AWS infrastructure

VPC Traffic Mirroring is an AWS feature used to copy network traffic from the elastic network interface of an EC2 instance to a target for analysis. This makes a variety of network-based monitoring and analytics solutions possible on AWS. By capturing the raw packet data required for content inspection, VPC Traffic Mirroring enables agentless methods […]

Read More

Securing ingress using security solutions and AWS Transit Gateway

Introduction Internet-facing applications, by their nature, have a larger attack surface and are exposed to categories of threats most other types of applications will never have to face. Having the necessary protection from attacks on these types of applications, and minimizing the impact of attacks, are a core part of any security strategy. Traditional AWS […]

Read More

Deployment models for AWS Network Firewall

Introduction AWS services and features are built with security as a top priority. With Amazon Virtual Private Cloud (VPC), customers are able to control network security using Network Access Control Lists (NACL) and Security Groups (SG). Many customers have requirements beyond the scope of these network security controls, such as deep packet inspection (DPI), application […]

Read More

Simplify network routing and security administration with VPC Prefix Lists

The recently announced Amazon Virtual Private Cloud (VPC) Prefix Lists feature makes it easier to create consistent security postures and routing behaviors. A Prefix List is a collection of CIDR blocks that can be used to configure VPC security groups, VPC route tables, and AWS Transit Gateway route tables and can be shared with other […]

Read More

Integrating external multicast services with AWS

Introduction Many enterprise customers and telecom operators run IP Multicast in their networks for video transcoding, financial trading platforms, multimedia broadcast multicast system (MBMS), and other services. As more and more customers migrate their on-premises workloads to the cloud, there is a need to not just build multicast applications on AWS, but also to integrate […]

Read More

Zendesk’s Global Mesh Network: How we lowered operational overhead and cost by migrating to AWS Transit Gateway

This post is presented by our guest Vicente De Luca, Principal Engineer at Zendesk and contributor at AWS Community Builders program, focusing on architecting scalable and reliable networks for Zendesk’s global footprint, and Tom Adamski, AWS Networking Solutions Architect. Zendesk is a global CRM company, building software designed to improve customer relationships. Our customers span […]

Read More

Building a global network using AWS Transit Gateway Inter-Region peering

Global companies have historically dedicated considerable financial and engineering resources to building wide-area-networks (WANs) so people in different geographies could stay connected and operate as a single entity. Those WANs are typically implemented using Carrier Ethernet (CE) services delivered by leading telecommunications providers, commonly referred to as MPLS services. In recent years, the IT “center […]

Read More

Automating DNS infrastructure using Route 53 Resolver endpoints

Introduction DNS name resolution is a fundamental part of all on-premises and cloud networks. For customers with hybrid networks, additional infrastructure and configuration are needed for private DNS resolution to work seamlessly across environments. However, building this type of DNS infrastructure in a multi-account environment is complex. In this post, we show how to automate […]

Read More

Using VPC Flow Logs to capture and query EKS network communications

Introduction Capturing and querying Amazon EKS and Kubernetes (K8s) cluster traffic is an important skill to possess. It is especially useful during incident-response and when troubleshooting networking issues surrounding nodes, pods, or services in your cluster. Amazon makes it easier to perform capture and query tasks with Amazon VPC Flow Logs and Amazon Athena. Administrators can use Amazon VPC Flow Logs to […]

Read More