AWS Security Blog
Tag: Networking
Protect your remote workforce by using a managed DNS firewall and network firewall
More of our customers are adopting flexible work-from-home and remote work strategies that use virtual desktop solutions, such as Amazon WorkSpaces and Amazon AppStream 2.0, to deliver their user applications. Securing these workloads benefits from a layered approach, and this post focuses on protecting your users at the network level. Customers can now apply these […]
Control VPC sharing in an AWS multi-account setup with service control policies
January 29, 2021: We made minor updates to the architectural diagram in Figure 1. Amazon Web Services (AWS) customers who establish shared infrastructure services in a multi-account environment through AWS Organizations and AWS Resource Access Manager (RAM) may find that the default permissions assigned to the management account are too broad. This may allow organizational […]
A simpler way to assess the network exposure of EC2 instances: AWS releases new network reachability assessments in Amazon Inspector
Performing network security assessments allows you to understand your cloud infrastructure and identify risks, but this process traditionally takes a lot of time and effort. You might need to run network port-scanning tools to test routing and firewall configurations, then validate what processes are listening on your instance network ports, before finally mapping the IPs […]
Securing messages published to Amazon SNS with AWS PrivateLink
Amazon Simple Notification Service (SNS) now supports VPC Endpoints (VPCE) via AWS PrivateLink. You can use VPC Endpoints to privately publish messages to SNS topics, from an Amazon Virtual Private Cloud (VPC), without traversing the public internet. When you use AWS PrivateLink, you don’t need to set up an Internet Gateway (IGW), Network Address Translation […]
Now Available: Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track
Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now available. SEC201: AWS Security State of the Union: How Should We All Think About Security? Video Slide […]
Controlling Network Access to EC2 Instances Using a Bastion Server
As the number of EC2 instances in your AWS environment grows, so too does the number of administrative access points to those instances. Depending on where your administrators connect to your instances from, you may consider enforcing stronger network-based access controls. A best practice in this area is to use a bastion. A bastion is […]