Tag: VPC

Introduction In this post, we explain how Amazon EC2 interprets idle timeouts and how to customize this configuration to optimize for your traffic patterns and workloads. We also dive into some common use-cases. Earlier this year, Amazon Elastic Compute Cloud (Amazon EC2) announced the Conntrack Utilization Metric for EC2 instances that offers you the ability […]

Introduction Since its launch in 2020, AWS Transit Gateway Connect has provided a native way for you to connect third-party SD-WAN appliances to an AWS Transit Gateway. Connect attachments use Generic Routing Encapsulation (GRE) tunnels and Border Gateway Protocol (BGP) to exchange routes between the Transit Gateway and an appliance. Prior to Transit Gateway Connect, […]

It is common to encounter network designs on AWS with resources that belong to multiple AWS accounts. For example, you may have several AWS accounts with Virtual Private Clouds (VPCs) in those accounts connected to an AWS Transit Gateway in a central networking account. You may need to determine or diagnose network reachability between AWS […]

Amazon Virtual Private Cloud (Amazon VPC) Flow Logs helps you understand network traffic patterns on AWS by providing network telemetry data about the IP traffic flowing to and from ENIs in your VPC. It lets you perform numerous analytics tasks, such as diagnosing overly restrictive security group rules, monitoring traffic that is reaching an instance, […]

Introduction As your distributed application teams operate network infrastructure, it can be challenging for central security, networking, or cloud operations teams to determine whether the correct network controls are in place. Network controls, such as firewall rules, NAT Gateways, network access control lists (ACL’s), security groups, and network segmentation, serve as a critical first line […]

This post shows how to integrate and automate network testing as part of AWS infrastructure deployment. We will show you how to use a new tool, Infrastructure as Code (IaC) Network Tester, to perform connectivity testing between a source resource and a destination resource in Virtual Private Cloud (VPC). It supports testing resources deployed via AWS Management Console, SDK, Command Line Interface (CLI) or via a CI/CD pipeline.

Security and cost are always a top priority for AWS customers when designing their network. Amazon Virtual Private Cloud (Amazon VPC),  and it’s related networking components, offer many tools for implementing network connectivity. One such tool is VPC endpoints. Powered by AWS PrivateLink, VPC endpoints are private connections between your VPC and another AWS service […]

VPC Traffic Mirroring is an AWS feature used to copy network traffic from the elastic network interface of an EC2 instance to a target for analysis. This makes a variety of network-based monitoring and analytics solutions possible on AWS. By capturing the raw packet data required for content inspection, VPC Traffic Mirroring enables agentless methods […]

Introduction Internet-facing applications, by their nature, have a larger attack surface and are exposed to categories of threats most other types of applications will never have to face. Having the necessary protection from attacks on these types of applications, and minimizing the impact of attacks, are a core part of any security strategy. Traditional AWS […]

10-Sep-2021: With recent enhancements to VPC routing primitives and how it unlocks additional deployment models for AWS Network Firewall along with the ones listed below, read part 2 of this blog post here. Introduction AWS services and features are built with security as a top priority. With Amazon Virtual Private Cloud (VPC), customers are able […]