VPC AND VPC PEERING

-

                                    VPC AND VPC PEERING

VPC stands for Virtual Private Cloud. Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you've definedWith Amazon VPC, your instances run in a virtual private cloud (VPC) that's logically isolated to your AWS account. Amazon Virtual Private Cloud is a commercial cloud computing service that provides users a virtual private cloud, by "provision[ing] a logically isolated section of Amazon Web Services Cloud". Enterprise customers are able to access the Amazon Elastic Compute Cloud over an IPsec based virtual private network. By default you can create up to 5 VPCs. You can ask for additional VPCs using the VPC Request Limit Increase form. VPC networking and security are a fundamental part of your AWS Infrastructure as a Service (IaaS) design and day-to-day operations. AWS VPC provides a facility of instant scalability so that you can instantly scale your resources up or down, select Amazon EC2 instances types and sizes that are right for your applications. It also helps to save the extra cost as there are no upfront costs. The advantages of a VPC are that you're able to functionally use your own private cloud using secure service and you'll have access to all features and functions of the public cloud computing provider hosting your VPC.

Elements and Components of a VPC are highlighted below:-

  • IPv4 and IPv6 address blocks.
  • Internet connectivity.
  • Subnet creation.
  • Network/subnet security.
  • Elastic IP addresses (EIPs)
  • Route tables.
  • Additional networking services.


                               DIAGRAM:AWS VPC COMPONENTS

Security within a VPC is provided through

  • Security groups – Act as a firewall for associated EC2 instances, controlling both inbound and outbound traffic at the instance level
  • Network access control lists (ACLs) – Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level
  • Flow logs – Capture information about the IP traffic going to and from network interfaces in your VPC

Comments

Post a Comment

Popular posts from this blog

WEB APPLICATION FIREWALL(WAF)

-
Image
                                           WEB APPLICATION FIREWALL(WAF) Web Application Firewall (WAF) is a critical defense security tool for filtering, blocking and monitoring incoming & outgoing data packets from a web application or website.  A  Web Application Firewall (WAF)  is a device or service that protects  web  applications from attacks by filtering and monitoring HTTP traffic.  By inspecting HTTP traffic, it can prevent attacks exploiting a web application's known vulnerabilities, such as  SQL injection ,  cross-site scripting  (XSS),  file inclusion , and improper system configuration.  By deploying a WAF in front of a web application, a protective shield is placed between the web application and the Internet.  The  Open Web Application Security Project ( OWASP) provides a bro...
Read more

AMAZON WEB SERVICE(AWS)-CLOUDFRONT(CF)

-
Image
                                       AMAZON WEB SERVICE(AWS)-CLOUDFRONT(CF) Amazon CloudFront is  a web service that speeds up distribution of your static and dynamic web content, such as .   html, .   css, .   js, and image files, to your users.  Amazon CloudFront is a content delivery network(CDN) operated by Amazon Web Services. Content delivery networks provide a globally-distributed network of proxy servers that cache content, such as web videos or other bulky media, more locally to consumers, thus improving access speed for downloading the content.  CloudFront delivers your content through a worldwide network of data centers called edge l ocations. CloudFront speeds up the distribution of your content by routing each user request through the AWS backbone network to the edge location that can best serve your content. Typically, this is a CloudFront edg...
Read more