AWS Networking and Content Delivery
The network for the world’s workloads delivered through continuous innovation
Your network is the foundation of your infrastructure. It defines the level of security, performance, availability, and global reach of the cloud services that you deliver to your customers. Over the past 13 years, we have made investments in our networking infrastructure in five key areas: security, availability, performance, global coverage, and manageability. These investments ensure that AWS has the networking capabilities to run the world’s workloads.
Our commitment to support the broadest set of workloads is why AWS is trusted by more enterprises and organizations than any other cloud network. Every second of every day, the AWS network reliably carries terabits of business-critical data around the globe for the world’s most popular internet applications and companies such as Netflix, Pinterest, Amazon Prime Video, Twilio, Salesforce, Samsung, Adobe, GE, and Johnson & Johnson.
*Based on downtime hours from 1/1/18 to 12/31/18 pulled directly from the public service health dashboards of the major cloud providers.
Why AWS Networking
Our vision is to provide the network for the world’s workloads with the most feature rich and highest performing cloud services. We have made deep investments over the past 13 years to ensure that AWS has the networking capabilities required to run any workload in the cloud with security, availability, performance, global coverage, and manageability.
The broad set of AWS networking services offers essential security features by isolating resources, encrypting data, and connecting privately on the AWS global network.
AWS monitoring tools detect unusual activity and identify security issues such as Distributed Denial of Service (DDoS) attacks, Man in the Middle (MITM) attacks, IP Spoofing, or Port Scanning. AWS also supports more security certifications and compliance programs than any other provider.
Amazon Virtual Private Cloud (Amazon VPC) isolates your network resources and protects data with encrypted interconnectivity. AWS Site-to-Site VPN establishes encrypted sessions with IP Security (IPsec) and Transport Layer Security (TLS) tunnels. AWS Direct Connect lets you create a private connection that reaches your on-premises environment and the cloud. AWS PrivateLink privately connects your network to cloud services and SaaS solutions without exposing any of that traffic over the public internet.
Highest network availability
AWS delivers the highest network availability of any cloud provider, with 3x fewer down time hours from networking issues than the next largest cloud provider.
Our approach is fundamentally different. Each region is fully isolated and within each region we have built availability zones (AZ) that are fully isolated partitions of our infrastructure. To better isolate any issues and achieve high availability, you can partition applications across multiple AZs in the same region. Each AZ has its own power infrastructure and is connected with a fast, private fiber-optic network.
We also uniquely design our services into smaller cells that scale out within a region. This reduces the blast radius of a cell-level failure. This is why AWS, unlike other cloud provider, has never experienced a network event that spanned multiple regions.
Consistent High Performance
The AWS global network delivers the best support for the broadest set of applications, even those with the highest throughput and lowest latency requirements.
Our consistently high performance is delivered by the Nitro system that offloads many traditional virtualization functions. Our dedicated hardware delivers higher performance, higher availability, lower jitter, and consistently lower instance-to-instance latency than any other cloud provider.
With our new C5n and P3dn instances, we are also the only cloud provider with compute instances that deliver 100 Gbps of networking throughput. Our superior networking performance is one of the reasons why more high performance computing (HPC) and machine learning workloads run on AWS than anywhere else.
Broadest global coverage
The AWS global network delivers customer applications and content anywhere in the world over a private network.
AWS has built the largest global network that spans 66 availability zones, covers 21 regions, and provides 180 points of presence connected by 100 Gbps trans-oceanic cables.
With 89 AWS Direct Connect locations, over 23% more locations and twice as many connectivity partners than any other provider, AWS provides the broadest geographic coverage for creating a secure connection between AWS and an on-premises network.
Complete management capabilities
You can easily manage workloads even if you have thousands of Amazon VPCs and reach millions of users.
We are the only cloud provider with a Transit Gateway, that simplifies routing between thousands of VPCs and your on-premises network.
AWS is also the only provider with a Global Accelerator, which provides higher performance and availability for global applications. It ensures that each user connects to the closest AWS Point-of-Presence (PoP) and routes the application traffic over AWS’s high performance global network.
AWS networking services and features are deeply integrated with Amazon CloudWatch, which provides detailed visibility on networking and application performance.
AWS offers a broad set of networking services to design a robust networking architecture, provide streamlined and secure network connectivity, and globally deliver content and applications with high availability.
Provision a logically isolated section of the Amazon Web Services (AWS) Cloud.
Achieve fault tolerance for any application by ensuring scalability, performance, and security.
Global performance and delivery
Improve global application availability and performance using the AWS global network.
Scale network design
Easily scale connectivity across thousands of Amazon VPCs, AWS accounts, and on-premises networks.
Domain Name System
A reliable and cost-effective way to route end users to Internet applications.
Private connection to applications
Access services hosted on AWS easily and securely by keeping your network traffic within the AWS network.
Direct connection to AWS
Easily establish a dedicated network connection from your premises to AWS.
Securely access your on-premises and cloud networks from anywhere.
Build a scalable network
Peak demand is often unpredictable. When that happens, you need to quickly grow network capacity to deliver the best performance for your users.
AWS Transit Gateway enables you to easily add Amazon VPCs and AWS accounts to support increased demands on your workloads.
Both Elastic Load Balancing and AWS Client VPN can automatically scale to handle peak demand and rapid changes in network traffic, to provide your applications and your users a high-quality experience.
Deliver applications worldwide
As your user base grows, you need a network that will support more users and deliver your services to different parts of the world.
Regardless of where your users are located, AWS Global Accelerator intelligently routes the application traffic over the vast congestion-free AWS global network to the endpoint that provides the best performance.
For a consistent application experience on the AWS network, you can keep your VPC traffic secure on the AWS network with AWS PrivateLink, giving applications the look and feel of being hosted directly on a private network.
Build a hybrid cloud
Building a hybrid cloud or migrating applications to the cloud, can be complex and precarious.
You can simplify and secure the connection between application servers in the cloud and databases in your data center by connecting Amazon VPCs to your premises over a dedicated AWS Direct Connect or encrypted AWS Site-to-Site VPN.
Amazon Route 53 Resolver endpoints further simplify cloud migrations by enabling seamless Domain Name System (DNS) query resolution across your entire hybrid cloud. Create DNS endpoints and conditional forwarding rules to allow resolution of DNS namespaces between your on-premises data center and Amazon VPCs.
Secure your SaaS applications
Your SaaS application traffic contains most sensitive data for you and for your customers. Your security level depends on how you architect your cloud network.
AWS network services, such as AWS PrivateLink, AWS Direct Connect, and AWS Global Accelerator, help to secure your traffic by keeping it private on the AWS global network instead of over the internet, where it has a higher risk of being compromised.
Security groups in Amazon VPCs let you set IP filter rules to define how to handle incoming (ingress) and outgoing (egress) traffic to isolate and protect your SaaS resources.
Celsa Group uses AWS to gain competitive advantage in the steel manufacturing industry through fast, cost-effective IT provisioning. Celsa Group runs numerous workloads—including its websites, business and industrial applications, and development and test environments—using Amazon Elastic Compute Cloud (Amazon EC2), Amazon Relational Database Service (Amazon RDS), and Amazon Route 53, within an Amazon Virtual Private Cloud (Amazon VPC).
Comcast, the world's largest cable company and the leading U.S. provider of high-speed Internet and voice services, discusses how products such as Amazon Virtual Private Cloud (Amazon VPC) and Amazon Direct Connect deliver the scalability and security needed for rapidly innovating in a hybrid environment.
Hulu is an American subscription video-on-demand service that is redefining the television experience for viewers by using AWS services, such as Amazon CloudFront and AWS Direct Connect, to support the addition of more than 50 live channels for its Live TV offering. Hulu runs its live TV service on AWS’ reliable and secure infrastructure so it can deliver a great viewer experience, even in times of viewership and traffic spikes.
Lionsgate maintains a library of 15,000 motion picture titles while continually releasing new movies and prime-time television programs for a global audience. Since 2010, the company’s diversified and geographically dispersed business units have collaborated using Microsoft SharePoint running in Amazon VPC.
Using AWS, McDonald’s Corporation transformed into a digital technology company, beat performance targets by up to 66 percent, and completes 8,600 transactions per second via its point-of-sale (POS) system. McDonald’s Corporation is an American hamburger and fast food restaurant chain that serves 69 million customers each day. McDonald’s uses a number of AWS services including Amazon EC2, Elastic Load Balancing, Amazon EBS, and Amazon ElastiCache to support its global POS system, including 200,000 registers and 300,000 POS devices.
Naughty Dog is the developer of the Uncharted game franchise, in addition to other notable titles for the Sony PlayStation family of consoles. The company hosts online game components, including multiplayer functionality, with Amazon S3, Amazon EC2, and Amazon CloudFront. This service stack offers a 90% savings over Naughty Dog’s on-premise option, in addition to greater flexibility and responsiveness.
New York Public Library (NYPL) revamped its fractured IT environment—which had older technology and legacy computing—to a modernized platform on AWS. The New York Public Library is a provider of free books, information, ideas, and education for more than 17 million patrons a year. Using Amazon EC2, Elastic Load Balancing, Amazon RDS and Auto Scaling, NYPL is able to build scalable, repeatable systems quickly at a fraction of the cost.