AWS Public Sector Blog

Category: AWS Transit Gateway

AWS branded background design with text overlay that says "Add network agility and security with AWS Direct Connect MACsec encryption and AWS Support"

Add network agility and security with AWS Direct Connect MACsec encryption and AWS Support

Customers with sensitive hybrid workloads can take advantage of an additional security feature available in Amazon Web Services (AWS) Direct Connect dedicated connections: MACsec encryption (IEEE 802.1AE). In this post, we explore how Direct Connect can handle architectural changes, such as adding or isolating different networks. We also cover adding an additional account boundary for security purposes, and how customers can move their Direct Connect connection to that new account.

AWS branded background design with text overlay that says "Simplify firewall deployments using centralized inspection architecture with Gateway Load Balancer"

Simplify firewall deployments using centralized inspection architecture with Gateway Load Balancer

As government organizations transition to Amazon Web Services (AWS), they often seek to maintain operational continuity by using their existing on-premises firewall solutions. Gateway Load Balancer (GWLB) enables seamless integration of these firewall appliances into the AWS architecture, ensuring consistent security policies and minimizing disruptions. This post explores best practices for implementing GWLB to facilitate centralized traffic inspection for both east-west and north-south traffic flows.

AWS branded background design with text overlay that says "Streamlining digital transformation in German healthcare with AWS"

Streamlining digital transformation in German healthcare with AWS

Healthcare organizations worldwide are leveraging Amazon Web Services (AWS) and partner solutions to modernize, transform, and innovate their businesses. Ensuring the availability and security of critical applications is paramount. For example, two renowned German medical facilities, Fachklinikum Mainschleife and Max Grundig Klinik, needed to modernize their IT infrastructure to comply with stringent regulatory requirements outlined in the country’s Law for Accelerating the Digitalization of Healthcare (DigiG). Reliable and compliant service offerings from AWS enabled the medical facilities to provide reliable access to essential systems.

AWS branded background design with text overlay that says "Building compliant healthcare solutions using Landing Zone Accelerator"

Building compliant healthcare solutions using Landing Zone Accelerator

In this post, we explore the complexities of data privacy and controls on Amazon Web Services (AWS), examine how creating a landing zone within which to contain such data is important, and highlight the differences between creating a landing zone from scratch compared with using the AWS Landing Zone Accelerator (LZA) for Healthcare. To aid explanation, we use a simple healthcare workload as an example. We also explain how LZA for Healthcare codifies HIPAA controls and AWS Security Best Practices to accelerate the creation of an environment to run protective health information workloads in AWS.

AWS branded background with text overlay that says "Connectivity patterns between AWS GovCloud (US) and AWS commercial partition"

Connectivity patterns between AWS GovCloud (US) and AWS commercial partition

AWS GovCloud (US) was architected to have isolation (both physically and logically) from other AWS partitions for compliance. For this reason, AWS services, used to privately interconnect virtual private cloud (VPC) hosted resources within the same partition like AWS PrivateLink, Amazon Virtual Private Cloud (Amazon VPC) peering, or AWS Transit Gateway peering, cannot span from AWS GovCloud (US) to commercial Regions natively by design. In this post, we will highlight four connectivity patterns customers can use to interconnect VPC hosted systems cross partition.