Networking & Content Delivery
Category: Amazon VPC
Managing IP pools across VPCs and Regions using Amazon VPC IP Address Manager
Since the inception of IP networks, network engineers and operators have sought systems, solutions, and procedures to help them efficiently plan and manage IP spaces. AWS recently launched a new service named Amazon VPC IP Address Manager (IPAM) to make it easier for you to plan, track, and monitor IP addresses for your AWS workloads. […]
Continuous verification of network compliance using Amazon VPC Network Access Analyzer and AWS Security Hub
Introduction As your distributed application teams operate network infrastructure, it can be challenging for central security, networking, or cloud operations teams to determine whether the correct network controls are in place. Network controls, such as firewall rules, NAT Gateways, network access control lists (ACL’s), security groups, and network segmentation, serve as a critical first line […]
Dual-stack IPv6 architectures for AWS and hybrid networks
Introduction An increasing number of organizations are adopting IPv6 in their environments, driven by the public IPv4 space exhaustion, private IPv4 scarcity, especially within large-scale networks, and the need to provide service availability to IPv6-only clients. An intermediary step in the path to fully supporting IPv6 are dual-stack IPv4/IPv6 designs, which leverage both versions of […]
Automate Networking foundation in multi-account environments
As AWS customers adopt multi-account strategies, they need to have cross-account networking in their AWS environment. They also need to extend their network across multiple AWS Regions when creating multi-Region applications or disaster recovery environments. AWS has many services and features that allow you do to exactly that with great flexibility. But for users that […]
Introduction to Network Transformation on AWS – Part 2
Introduction This blog post is a continuation of Introduction to Network Transformation on AWS – Part 1. To recap, as your organization begins to embrace cloud, you extend your network to AWS using a hybrid connectivity architecture. When we work with customers, we see that their network traffic patterns have been changing as more applications […]
Integrating your Directory Service’s DNS resolution with Amazon Route 53 Resolvers
There are times when your client systems must resolve a Microsoft Active Directory’s Fully Qualified Domain Name (FQDN) before they can join a domain. Each VPC in your AWS environment is provisioned with a DNS resolver powered by Amazon Route 53. We call this an AmazonProvidedDNS. This resolver runs on the second IPv4 address from […]
Scale traffic using multiple Interface Endpoints
Update: As of January 27, 2022, AWS PrivateLink publishes data points to Amazon CloudWatch for your interface endpoints, Gateway Load Balancer endpoints, and endpoint services. CloudWatch enables you to retrieve statistics about those data points as an ordered set of time series data, known as metrics. As a PrivateLink Endpoint owner, you can use metrics […]
Analyze VPC Flow Logs with point-and-click Amazon Athena integration
Analyzing your VPC Flow Logs using Athena is now easier than ever! The recently introduced VPC Flow Logs integration with Amazon Athena helps you get started with extracting meaningful insights from VPC Flow Logs in just a few clicks. In this blog post, we will walk you through how you can use this recently announced […]
Introduction to Network Transformation on AWS – Part 1
Introduction Your organization may have a sprawling network built with variety of topologies. As your organization begins to embrace cloud, you extend your network to AWS using a hybrid connectivity architecture. Over time, traffic patterns change as more and more of your applications move to the cloud. This means that you can start transforming your […]
Mirror production traffic to test environment with VPC Traffic Mirroring
Many organizations want to replay production traffic to a test environment, with no impact on the end user’s experience. This is known as traffic mirroring or traffic shadowing. Testing the new version of a workload with production traffic is a key step for a successful release. Some tests use scripted requests, but real traffic is […]