Category: Networking & Content Delivery

Amazon CloudFront announced support for Amazon Route 53 HTTPS DNS alias record across its global network, enabling clients to discover the optimal HTTP protocol during the initial DNS resolution phase rather than in a subsequent connection step. This helps users improve performance and security, and simultaneously reduce operational expenses. This post explores the implementation details, […]

In today’s rapidly evolving cloud landscape, organizations are increasingly adopting multicloud strategies for several compelling reasons. Following mergers and acquisitions, companies need to integrate and maintain existing cloud solutions from both organizations. Different business units within an organization often have varying technical requirements and expertise, leading them to prefer specific cloud providers. For highly regulated […]

In this post, we describe how you can use Amazon Web Services (AWS) Cloud WAN with service insertion to centralize your private NAT Gateways and PrivateLink to effectively and efficiently address private IPv4 exhaustion. We demonstrate how you can maximize the usage of available IP space while minimizing cost impact. Private IPv4 space, defined in […]

Introduction: Organizations building modern applications in AWS often need different security controls for various types of service communications. While centralized inspection using AWS Network Firewall has been the traditional approach for securing service-to-service traffic, it presents challenges as applications scale. Managing static firewall rules is operationally complex, especially for Layer 7 traffic, and troubleshooting becomes […]

In this post we cover the recently launched feature of security group referencing and enhanced DNS support on AWS Cloud WAN. This new feature allows you to create inbound security rules referencing security groups defined in other Amazon Virtual Private Clouds (Amazon VPCs) attached to an AWS Cloud WAN within the same AWS Region and […]

As the global threat landscape shifts and evolves, AWS services that help protect our customers from those threats also evolve to meet their needs. One type of threat that has changed considerably over the past few years is Distributed Denial of Service (DDoS). DDoS attacks have evolved from targeting lower network layers (Layers 3 and […]

As organizations increasingly adopt IPv6 to address public IPv4 exhaustion, private IPv4 scarcity—especially in large-scale networks—and the need to support IPv6-only clients, securing both IPv4 and IPv6 traffic becomes critical. We can apply consistent traffic inspection for inbound and outbound flows in Amazon Virtual Private Clouds (Amazon VPCs) to maintain security. In this post, we […]

In this post, we explore how you can use Amazon VPC Lattice to expose shared services and resources across an organization while maintaining security and governance. We cover key architecture concepts, security best practices, and considerations for deploying VPC Lattice in production environments. As organizations grow, managing access to shared services across multiple environments—such as […]

In our previous post External Connectivity to Amazon VPC Lattice, we discussed how your applications could consume VPC Lattice services from clients external to Amazon Web Services (AWS), as well as cross-Region patterns. At re:Invent 2024, AWS made three significant announcements in the application networking space: releasing the VPC resources capability for AWS PrivateLink, support for accessing these resources […]

Introduction AWS Cloud WAN enables organizations to build and manage a global network across multiple AWS Regions. Through AWS Cloud WAN service insertion, you can integrate security appliances, either AWS-managed (such as AWS Network Firewall) or third-party solutions, to inspect and control traffic between network segments or outbound to the internet. Although AWS Cloud WAN […]