AWS Networking and Content Delivery

The network for the world’s workloads delivered through continuous innovation

Your network is the foundation of your infrastructure. It defines the level of security, performance, availability, and global reach of the cloud services that you deliver to your customers. Over the past 13 years, we have made investments in our networking infrastructure in five key areas: security, availability, performance, global coverage, and manageability. These investments ensure that AWS has the networking capabilities to run the world’s workloads.

Our commitment to support the broadest set of workloads is why AWS is trusted by more enterprises and organizations than any other cloud network. Every second of every day, the AWS network reliably carries terabits of business-critical data around the globe for the world’s most popular internet applications and companies such as Netflix, Pinterest, Amazon Prime Video, Twilio, Salesforce, Samsung, Adobe, GE, and Johnson & Johnson.

Our vision and strategy for AWS networking [2:16]

66
Availability Zones

Multiple, physically separated, and isolated

3x

Fewer downtime hours in 2018 than the next largest cloud provider*

100 GB

Network bandwidth available from C5n instances

21
AWS Regions

Low latency, high throughput, and highly redundant

180
Points of Presence

Providing global coverage for your users

*Based on downtime hours from 1/1/18 to 12/31/18 pulled directly from the public service health dashboards of the major cloud providers.

Why AWS Networking

Our vision is to provide the network for the world’s workloads with the most feature rich and highest performing cloud services. We have made deep investments over the past 13 years to ensure that AWS has the networking capabilities required to run any workload in the cloud with security, availability, performance, global coverage, and manageability.

Most secure

The broad set of AWS networking services offers essential security features by isolating resources, encrypting data, and connecting privately on the AWS global network.

AWS monitoring tools detect unusual activity and identify security issues such as Distributed Denial of Service (DDoS) attacks, Man in the Middle (MITM) attacks, IP Spoofing, or Port Scanning. AWS also supports more security certifications and compliance programs than any other provider.

Amazon Virtual Private Cloud (Amazon VPC) isolates your network resources and protects data with encrypted interconnectivity. AWS Site-to-Site VPN establishes encrypted sessions with IP Security (IPsec) and Transport Layer Security (TLS) tunnels. AWS Direct Connect lets you create a private connection that reaches your on-premises environment and the cloud. AWS PrivateLink privately connects your network to cloud services and SaaS solutions without exposing any of that traffic over the public internet.

Highest network availability

AWS delivers the highest network availability of any cloud provider, with 3x fewer down time hours from networking issues than the next largest cloud provider.

Our approach is fundamentally different. Each region is fully isolated and within each region we have built availability zones (AZ) that are fully isolated partitions of our infrastructure. To better isolate any issues and achieve high availability, you can partition applications across multiple AZs in the same region. Each AZ has its own power infrastructure and is connected with a fast, private fiber-optic network.

We also uniquely design our services into smaller cells that scale out within a region. This reduces the blast radius of a cell-level failure. This is why AWS, unlike other cloud provider, has never experienced a network event that spanned multiple regions.

Consistent High Performance

The AWS global network delivers the best support for the broadest set of applications, even those with the highest throughput and lowest latency requirements.

Our consistently high performance is delivered by the Nitro system that offloads many traditional virtualization functions. Our dedicated hardware delivers higher performance, higher availability, lower jitter, and consistently lower instance-to-instance latency than any other cloud provider.

With our new C5n and P3dn instances, we are also the only cloud provider with compute instances that deliver 100 Gbps of networking throughput. Our superior networking performance is one of the reasons why more high performance computing (HPC) and machine learning workloads run on AWS than anywhere else.

Broadest global coverage

The AWS global network delivers customer applications and content anywhere in the world over a private network.

AWS has built the largest global network that spans 66 availability zones, covers 21 regions, and provides 180 points of presence connected by 100 Gbps trans-oceanic cables.

With 89 AWS Direct Connect locations, over 23% more locations and twice as many connectivity partners than any other provider, AWS provides the broadest geographic coverage for creating a secure connection between AWS and an on-premises network.

Complete management capabilities

You can easily manage workloads even if you have thousands of Amazon VPCs and reach millions of users.

We are the only cloud provider with a Transit Gateway, that simplifies routing between thousands of VPCs and your on-premises network.

AWS is also the only provider with a Global Accelerator, which provides higher performance and availability for global applications. It ensures that each user connects to the closest AWS Point-of-Presence (PoP) and routes the application traffic over AWS’s high performance global network.

AWS networking services and features are deeply integrated with Amazon CloudWatch, which provides detailed visibility on networking and application performance.

Networking Services

AWS offers a broad set of networking services to design a robust networking architecture, provide streamlined and secure network connectivity, and globally deliver content and applications with high availability. 

Network Architecture

product-icon_Amazon-VPC_PrivateLink_icon_squid_ink_125
Resource isolation

Provision a logically isolated section of the Amazon Web Services (AWS) Cloud.

Amazon VPC
product-icon_Elastic_Load_Balancing_icon_squid_ink_125
Load balancing

Achieve fault tolerance for any application by ensuring scalability, performance, and security.

Elastic Load Balancing
product-icon_AWS_Ubiquity_125_squid-ink
Global performance and delivery

Improve global application availability and performance using the AWS global network.

AWS Global Accelerator
product-icon_AWS_Transit_Gateway_125_squid-ink
Scale network design

Easily scale connectivity across thousands of Amazon VPCs, AWS accounts, and on-premises networks.

AWS Transit Gateway

Network Connectivity

product-icon_Amazon-Route53_icon_squid_ink_125
Domain Name System

A reliable and cost-effective way to route end users to Internet applications.

Amazon Route 53
product-icon_AWS_PrivateLink_icon_squid_ink_125
Private connection to applications

Access services hosted on AWS easily and securely by keeping your network traffic within the AWS network.

AWS PrivateLink
product-icon_AWS_Direct_Connect_icon_squid_ink_125
Direct connection to AWS

Easily establish a dedicated network connection from your premises to AWS.

AWS Direct Connect
product-icon_AWS_SecureConnect_125_squid-ink
Encryption

Securely access your on-premises and cloud networks from anywhere.

AWS VPN

Application Delivery

product-icon_Amazon-CloudFront_icon_squid_ink_125
Content delivery

Fast, highly secure and programmable content delivery network (CDN).

Amazon CloudFront
product-icon_AWS_Lattice_icon_squid_ink (1) (1)
Monitor microservices

Easily monitor and control microservices.

AWS App Mesh
product-icon_AWS_SkyMap_125_squid-ink
Service discovery

Service discovery for cloud resources.

AWS Cloud Map

Use cases

Build a scalable network

Peak demand is often unpredictable. When that happens, you need to quickly grow network capacity to deliver the best performance for your users.

AWS Transit Gateway enables you to easily add Amazon VPCs and AWS accounts to support increased demands on your workloads.

Both Elastic Load Balancing and AWS Client VPN can automatically scale to handle peak demand and rapid changes in network traffic, to provide your applications and your users a high-quality experience.

Deliver applications worldwide

As your user base grows, you need a network that will support more users and deliver your services to different parts of the world.

Regardless of where your users are located, AWS Global Accelerator intelligently routes the application traffic over the vast congestion-free AWS global network to the endpoint that provides the best performance.

For a consistent application experience on the AWS network, you can keep your VPC traffic secure on the AWS network with AWS PrivateLink, giving applications the look and feel of being hosted directly on a private network.

Build a hybrid cloud

Building a hybrid cloud or migrating applications to the cloud, can be complex and precarious.

You can simplify and secure the connection between application servers in the cloud and databases in your data center by connecting Amazon VPCs to your premises over a dedicated AWS Direct Connect or encrypted AWS Site-to-Site VPN.

Amazon Route 53 Resolver endpoints further simplify cloud migrations by enabling seamless Domain Name System (DNS) query resolution across your entire hybrid cloud. Create DNS endpoints and conditional forwarding rules to allow resolution of DNS namespaces between your on-premises data center and Amazon VPCs.

Secure your SaaS applications

Your SaaS application traffic contains most sensitive data for you and for your customers. Your security level depends on how you architect your cloud network.

AWS network services, such as AWS PrivateLink, AWS Direct Connect, and AWS Global Accelerator, help to secure your traffic by keeping it private on the AWS global network instead of over the internet, where it has a higher risk of being compromised.

Security groups in Amazon VPCs let you set IP filter rules to define how to handle incoming (ingress) and outgoing (egress) traffic to isolate and protect your SaaS resources.

Customers

AWS_Cela Group_Iberia_Logo

Celsa Group uses AWS to gain competitive advantage in the steel manufacturing industry through fast, cost-effective IT provisioning. Celsa Group runs numerous workloads—including its websites, business and industrial applications, and development and test environments—using Amazon Elastic Compute Cloud (Amazon EC2), Amazon Relational Database Service (Amazon RDS), and Amazon Route 53, within an Amazon Virtual Private Cloud (Amazon VPC).

Read the story »

600x400_Comcast-Logo

Comcast, the world's largest cable company and the leading U.S. provider of high-speed Internet and voice services, discusses how products such as Amazon Virtual Private Cloud (Amazon VPC) and Amazon Direct Connect deliver the scalability and security needed for rapidly innovating in a hybrid environment.

Read the story »

600x400_Hess_Color_Logo

Hess switched to AWS Direct Connect with a 1Gbps connection for more consistent network performance.

Read the story »

600x400_Hulu_Logo

Hulu is an American subscription video-on-demand service that is redefining the television experience for viewers by using AWS services, such as Amazon CloudFront and AWS Direct Connect, to support the addition of more than 50 live channels for its Live TV offering. Hulu runs its live TV service on AWS’ reliable and secure infrastructure so it can deliver a great viewer experience, even in times of viewership and traffic spikes.

Read the story »

600x400_Lionsgate_Logo

Lionsgate maintains a library of 15,000 motion picture titles while continually releasing new movies and prime-time television programs for a global audience. Since 2010, the company’s diversified and geographically dispersed business units have collaborated using Microsoft SharePoint running in Amazon VPC.

Read the story »

600x400_mcdonalds_logo

Using AWS, McDonald’s Corporation transformed into a digital technology company, beat performance targets by up to 66 percent, and completes 8,600 transactions per second via its point-of-sale (POS) system. McDonald’s Corporation is an American hamburger and fast food restaurant chain that serves 69 million customers each day. McDonald’s uses a number of AWS services including Amazon EC2, Elastic Load Balancing, Amazon EBS, and Amazon ElastiCache to support its global POS system, including 200,000 registers and 300,000 POS devices.

Read the story »

600x400_NaughtyDog_Logo

Naughty Dog is the developer of the Uncharted game franchise, in addition to other notable titles for the Sony PlayStation family of consoles. The company hosts online game components, including multiplayer functionality, with Amazon S3, Amazon EC2, and Amazon CloudFront. This service stack offers a 90% savings over Naughty Dog’s on-premise option, in addition to greater flexibility and responsiveness.

Read the story » 

new-york-public-library_logo

New York Public Library (NYPL) revamped its fractured IT environment—which had older technology and legacy computing—to a modernized platform on AWS. The New York Public Library is a provider of free books, information, ideas, and education for more than 17 million patrons a year. Using Amazon EC2, Elastic Load Balancing, Amazon RDS and Auto Scaling, NYPL is able to build scalable, repeatable systems quickly at a fraction of the cost.

Read the story »

4402_600x400_Slack_Logo

Slack use Elastic Load Balancing to balance workloads across Amazon EC2 instances, Amazon CloudFront for secure API acceleration, and Amazon Route 53 for DNS management. For security, Slack uses Amazon Virtual Private Cloud (Amazon VPC) to control security groups.

Read the story »