Networking & Content Delivery

Optimize SEO with Amazon CloudFront

Search Engine Optimization (SEO) is the practice of optimizing your website to rank higher on search engine results pages. Since organic search is a primary way for viewers to discover online content, a solid SEO strategy involves optimizing your web application and maintaining good performance. As more than 92% of the internet searches happen on […]

Tag-based invalidation in Amazon CloudFront

In this post, we demonstrate how to implement tag-based invalidation in Amazon CloudFront with Lambda@Edge, Amazon DynamoDB, AWS Lambda, and AWS Step Functions. This post provides you with a reference architecture and sample code artifacts to help you deploy and test tag-based invalidation. Let’s look at some use cases where tagging pages together might be […]

Growing AWS internet peering with 400 GbE

Performance is a key driver of the design of the AWS global infrastructure. AWS has the largest global network infrastructure footprint of any cloud provider, and this footprint is expanding continuously to help our customers deliver better end-user experiences, rapidly expand operations to virtually any region or country, and meet their data locality and sovereignty […]

Monitoring AWS Global Network Performance

As an AWS customer, you might often want to understand the performance of the AWS Global Network. Visibility into how the AWS Global Network is performing at any given time can help you plan expansions into new AWS Regions and Availability Zones (AZs), as well as streamline troubleshooting of performance-related incidents. Today, I’m happy to […]

Limiting requests to a web application using a Gatekeeper Solution

Many types of organizations encounter DDOS attacks daily. DDoS, or Distributed Denial of Service, is an attack pattern that generates fake traffic to overwhelm organisation’s properties (websites, APIs, applications, etc.) and make it unavailable to legitimate users. They majority of these attacks involve a huge burst of fake traffic that exhausts the application’s resources (Memory […]

Centralized outbound inspection architecture in AWS Cloud WAN

AWS Cloud WAN helps you build a unified network that connects your cloud and on-premises environments. To help secure these networks, organizations use next-generation firewalls (NGFW) and intrusion prevention systems (IPS) as part of a defense in depth strategy. In this post, we describe architectural patterns for centrally managing and inspecting outbound network traffic from […]

Automating HTTP/S Redirects and certificate management at scale

Organizations today use many ways to drive traffic to their websites and applications. This is important for new feature launches, marketing campaigns, advertising, and so on. One common approach uses HTTP/S redirects, where you send a user from one domain, or Uniform Resource Locator (URL), to another. Redirects are incredibly useful tools when moving websites, […]

Visitor Prioritization on e-Commerce Websites with CloudFront and CloudFront Functions

When we wrote the previous post (Visitor Prioritization on e-Commerce Websites with CloudFront and Lambda@Edge) five years ago, Visitor Prioritization was a relatively new concept. Since then, we saw a huge need for traffic shaping, throttling, and request prioritizing, especially in the gaming and media industries. Of course, e-Commerce sites still require this capability for […]

Monitoring load balancers using Amazon CloudWatch anomaly detection alarms

Load balancers are a critical component in the architecture of distributed software services. AWS Elastic Load Balancing (ELB) provides highly performant automatic distribution for any scale of incoming traffic across many compute targets (Amazon Elastic Compute Cloud (Amazon EC2), Amazon Elastic Container Service (Amazon ECS), AWS Lambda, etc.), while enabling developers to adopt security best practices […]

Centralizing Domain List Management for AWS Network Firewall and Route 53 Resolver DNS Firewall

Many of our customers take a “defense in depth” approach to secure workloads within their Amazon Virtual Private Clouds (Amazon VPC). Using domain list rules in AWS Network Firewall and Amazon Route 53 Resolver DNS Firewall lets you enforce network security controls at multiple layers based on domain names. Although both DNS Firewall and Network […]