Route on-premise internet traffic through AWS

Introduction

As companies of all sizes move into public cloud, a key question is often around internet access. Primarily for the servers and infrastructure within AWS, however as they begin to have less equipment on-premise and look to either make their datacenter/physical server footprint as small as possible, or close on-premise datacenters entirely they are often left with a key question. What can I do about the firewalls serving my on-premise infrastructure? Often these firewalls are the remaining infrastructure in a datacenter which not only keeps you tied to the datacenters, but also tied to all of the costs associated.

Continue reading “Route on-premise internet traffic through AWS”

Transit VPC vs Transit Gateway for AWS Architectures

When looking to deploy any infrastructure onto AWS, as with on-premise infrastructure, its important to get the foundations and connectivity right from the start to avoid a “bolt-on” fix later. Its important to not only design for what you have in place currently, but also allow for future growth while understanding the limitations of what you are implementing. In this article, we will look at some of the key reasons to use Transit VPC or Transit Gateway architectures. This will be a brief comparison of both architectures and a Transit VPC vs Transit Gateway comparison to help you make the correct choice for your infrastructure.

Continue reading “Transit VPC vs Transit Gateway for AWS Architectures”

AWS – Flow Logs and Secondary IP’s on a ENI

Sometimes it may be necessary to add a secondary IP onto an elastic network interface on your EC2 instances. This can be for many reasons such as hosting multiple websites secured with certificates on a single server where each certificate is mapped to an IP, having application or appliances that have rules based on the target IP address and also having a IP address that you could move between different EC2 instances. The following example may help you better understand what you need to watch out for when using flowlogs in this scenario.

Continue reading “AWS – Flow Logs and Secondary IP’s on a ENI”

AWS – Overlooked Network Charges

Understanding your network charges within AWS can often be a confusing task; whether you know what your current estate traffic amounts too, or you are building from fresh and don’t really have a full picture of how demand and usage will develop. Even with the best preparation and planning, charges can often seem to be higher or lower and it can take time and effort away from development to understand why. Below I will go through one or two small charges that are often overlooked, but can add up.

Continue reading “AWS – Overlooked Network Charges”