Category: *Post Types

Information security practitioners use internet protocol (IP) address-based security controls such as block lists and rate-based rules to block malicious traffic. However, blocking malicious traffic solely based on an IP address can unintentionally block legitimate users, resulting in false positives. This is because many users share an IP address behind a network address translation (NAT) […]

Introduction Today Amazon Web Services (AWS) is enhancing subnet management capabilities of Network Load Balancer (NLB). NLBs were previously restricted to only adding subnets in new Availability Zones (AZs), and they now support full subnet management, including removal of subnets, matching the capabilities of Application Load Balancer (ALB). This enhancement offers organizations greater control over […]

Learn when and why LCU Reservation should be used and how to get started

In today’s world, organizations are increasingly looking to migrate their on-premises infrastructure to the cloud to take advantage of scalability, cost-effectiveness, and agility offered by cloud. One critical component of many enterprise architectures is the load balancer, which distributes incoming traffic across multiple servers. If you’re considering migrating your on-premise hardware load balancers to AWS, it’s […]

Network incidents can occur at times that may impact latency in AWS Regions , Availability Zones (AZs), and individual infrastructure components, such as server hardware. Users can also experience more latency because of the introduction of network appliances in their traffic path. This post explains some of the best practices that allow you to identify […]

Introduction In this post, we discuss VPC Lattice Transport Layer Security (TLS) Passthrough feature. We walk through how users designed workloads prior to this feature, what this feature provides, and best practices for implementing TLS passthrough communication using VPC Lattice. AWS announced the general availability of TLS Passthrough for VPC Lattice, which allows users to […]

Managing DNS configurations across multiple Amazon Virtual Private Clouds (Amazon VPCs) and Amazon Web Services (AWS) accounts can be a daunting task for network administrators, especially in complex environments with numerous Private Hosted Zones (PHZs) and Amazon Route 53 Resolver rules. Traditionally, they relied on outbound and inbound Route 53 Resolver endpoints to transport DNS […]

Configuring Amazon Application Recovery Controller (ARC) zonal autoshift observer notifications can be an enabler on your journey to architecting and operating resilient workloads on AWS, a key focus of the reliability pillar of AWS Well-Architected. AWS provides an array of design principles and services to guide users in building highly available and fault-tolerant architectures. A […]

This post was co-authored by: George Oakes, Senior Specialist Solutions Architect; Wafa Adeel, Senior Product Manager; and Devin Taylor, Senior Software Engineer Overview AWS PrivateLink offers a secure and simple way of sharing and accessing services across VPCs and accounts. All traffic stays on AWS network without going over the public internet. Until now the […]

Customers frequently use on-premises DNS infrastructure to resolve DNS queries for internal domains. In 2018, we announced Amazon Route 53 Resolver endpoints, which enable customers to integrate Route 53 with their on-premises DNS infrastructure for hybrid DNS resolution. In 2023, we improved this integration by providing customers the ability to encrypt DNS queries and responses […]