Amazon Cloud Security Acts Like Physical Networks

Amazon Web Services, which launched its first product (Simple Storage Service) five years ago this month, has revealed a redesign to its Virtual Private Cloud (VPC) service access. Users now can set up their own virtual networks within the Amazon cloud that they can control just as they control their own physical data centre networks.

Amazon VPC now lets users specify which of their Amazon VPC resources they want to make directly accessible from their Internet connection and which they would like to maintain from behind their firewalls. Previously, Amazon Elastic Cloud (EC2) users would provision a private section of the AWS cloud and launch AWS resources into it that were only accessible via a virtual private network (VPN) connection to a physical enterprise data centre.

No More VPN Problems

As a result, Amazon VPC was not directly accessible. Because VPNs in general are notorious for connectivity problems, interruptions in services were all too common. Starting on March 15, enterprises no longer required a VPN or existing infrastructure resources in order to use VPC, the company said.

Enterprises now can define a virtual network topology in Amazon VPC that resembles a traditional network that they might operate in their own data centre, the company said. Users will have complete control over the virtual networking environment, including selection of IP address range, creation of subnets, and configuration of route tables and network gateways.

Users can customise the network configuration for Amazon VPC, for example, by creating a public-facing subnet for Web servers that have access to the Internet and placing back-end systems (such as databases or application servers) in a private-facing subnet with no Internet access.

If they choose, enterprises still can connect Amazon VPC to their own existing IT infrastructure with an encrypted VPN connection.

Specifically, Amazon VPC now enables enterprises to:

  • Create an Amazon Virtual Private Cloud on AWS’ scalable infrastructure and specify its private IP address range from any range they choose.
  • Divide Amazon VPC’s private IP address range into one or more public or private subnets to facilitate running applications and services in Amazon VPC.
  • Control inbound and outbound access to and from individual subnets using network access control lists.
  • Store data in Amazon S3 and set permissions so the data can only be accessed from within Amazon VPC.
  • Attach an Amazon Elastic IP Address to any Amazon VPC instance so it can be reached directly from the Internet.
  • Bridge Amazon VPC and an enterprise’s own IT infrastructure with an encrypted VPN connection, extending enterprises’ existing security and management policies to Amazon VPC instances as if they were running within an existing data centre.
Chris Preimesberger

Editor of eWEEK and repository of knowledge on storage, amongst other things

Recent Posts

Hate Speech Watchdog CCDH To Quit Musk’s X

Target for Elon Musk's lawsuit, hate speech watchdog CCDH, announces its decision to quit X…

28 mins ago

Meta Fined €798m Over Alleged Facebook Marketplace Violations

Antitrust penalty. European Commission fines Meta a hefty €798m ($843m) for tying Facebook Marketplace to…

2 hours ago

Elon Musk Rebuked By Italian President Over Migration Tweets

Elon Musk continues to provoke the ire of various leaders around the world with his…

3 hours ago

VW, Rivian Launch Joint Venture, As Investment Rises To $5.8 Billion

Volkswagen and Rivian officially launch their joint venture, as German car giant ups investment to…

4 hours ago

AMD Axes 4 Percent Of Staff, Amid AI Chip Focus

Merry Christmas staff. AMD hands marching orders to 1,000 employees in the led up to…

7 hours ago

Tesla Recalls 2,431 Cybertrucks Over Propulsion Issue

Recall number six in 2024 for Tesla Cybertruck, and this time the fault cannot be…

8 hours ago