Category: Customer Solutions

This post provides a solution to enhance the Amazon CloudFront origin security of on-premises web servers by automating the AWS IP prefix update process for some network firewalls. CloudFront is a content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to customers globally with low latency and high transfer speeds—all within […]

Introduction Since its launch in 2020, AWS Transit Gateway Connect has provided a native way for you to connect third-party SD-WAN appliances to an AWS Transit Gateway. Connect attachments use Generic Routing Encapsulation (GRE) tunnels and Border Gateway Protocol (BGP) to exchange routes between the Transit Gateway and an appliance. Prior to Transit Gateway Connect, […]

Organizations have been adopting IPv6 in their IPv4 environments to solve IP address exhaustion or meet compliance requirements. Since IPv6 isn’t backward compatible with IPv4, several mechanisms can facilitate communication between hosts that support one or both protocols. One common way is by using dual stack deployments. For architectures where dual stack deployments aren’t the […]

As organizations grow, they must often serve geographically dispersed users with low latency, prompting them to have a distributed global infrastructure in the cloud. In this article, we describe how to deploy global API endpoints to reduce latency for end-users while increasing an application’s availability. By using the AWS Global Network and Amazon CloudFront to deploy applications into multiple […]

Customers often ask about hybrid security inspection architecture patterns for latency-sensitive applications, where they want to run their workloads inside of AWS Local Zones, to perform security inspection but without compromising latency. In this post, we share some hybrid inspection architectures with traffic flows, where both workloads and security inspection appliances run inside of the […]

In 2020, Amazon Elastic Compute Cloud (Amazon EC2) announced new network performance metrics for EC2 instances made available using ENA driver and Amazon CloudWatch agent. We covered the launch in this post. These network performance metrics give customers visibility into the number of packets queued or dropped when an instance’s networking allowances, such as Network […]

Observability is critical for operating any system. It should tell whether the system is functioning correctly, provide insights in user experience, notify when issues occur, and help to locate the root cause. However, building an observable video streaming system can be a challenge for customers as it requires collecting, correlating, and analyzing data from several […]

In December 2019, we announced our first Local Zone in Los Angeles. As a refresher, AWS Local Zones are a type of infrastructure deployment that place compute, storage, database, and other AWS services close to large population, industry, and IT locations. Local Zones extend the capabilities of an AWS Region – what we called “parent” […]

Amazon Virtual Private Cloud (Amazon VPC) Flow Logs helps you understand network traffic patterns on AWS by providing network telemetry data about the IP traffic flowing to and from ENIs in your VPC. It lets you perform numerous analytics tasks, such as diagnosing overly restrictive security group rules, monitoring traffic that is reaching an instance, […]

In this post we provide a regional solution for controlling outbound internet access to 1000s of Amazon Virtual Private Clouds (VPCs) using AWS Fargate and AWS PrivateLink. It removes the need to manage any proxy servers or to provide Layer 3 connectivity between your VPCs. It also provides an end-to-end deployment pipeline with a simple, […]