Category: Expert (400)

While website performance issues are a common occurrence, pinpointing their root causes can be a challenging task. In this post, you will learn how to simplify the performance troubleshooting process by unlocking the potential of the Server-Timing header. This header allows backend components to communicate timing metrics and other insights relevant to performance monitoring in […]

Update: June 28, 2024 – Corrections were made to Figure 5 and the subsequent packet walkthrough.  AWS Cloud WAN is a managed wide-area networking (WAN) service that you can use to build and operate wide area networks that connect your data centers and branch offices, as well as your Amazon Virtual Private Cloud (Amazon VPC) […]

AWS Cloud WAN makes it easy to build and operate wide area networks that connect your data centers and branch offices, as well as your Amazon Virtual Private Clouds (VPCs). With Cloud WAN, you connect to AWS through your choice of local network providers, then use a central dashboard and network policies to create a […]

Update: As of June 11 2024, the Service Insertion feature of AWS Cloud WAN allows users to easily insert firewalls and other security solutions into the traffic flow within a Cloud WAN environment. Rather than manually configuring the underlying routing required to insert these security services, as described in this blog, Service Insertion provides a managed offering that handles this […]

AWS Site-to-Site VPN is a fully-managed performant, scalable, secure, and highly-available way to connect your on-premises users and workloads to AWS. When using Site-to-Site VPN you can connect to both Amazon Virtual Private Clouds (Amazon VPCs) with two tunnels per connection for increased redundancy. For even greater performance with sites further from your AWS Region(s), […]

Many customers ask us how they can point their zone apex to their web content if it uses a DNS name rather than an IP address. This blog covers three design patterns and approaches that solve zone apex challenges with third-party DNS providers for applications hosted in AWS—and the pros and cons of each approach.

Update August 8,2022: AWS Direct Connect now supports connections to AWS Transit Gateway at speeds of 500 megabits per second (Mbps) and lower. The architecture described in this post is no longer needed. AWS Transit Gateway provides you with the ability to connect multiple VPCs, VPNs and scale up to 5,000 attachments. It simplifies management […]

I want to take some time to dive more deeply into a use case outlined in NET301 Best Practices for AWS PrivateLink. The use case involves using AWS Transit Gateway, along with Amazon Route 53 Resolver, to share AWS PrivateLink interface endpoints between multiple connected Amazon virtual private clouds (VPCs) and an on-premises environment. We’ve seen […]

Last year, a colleague of mine wrote a blog post about new security measures that Amazon CloudFront was implementing to enhance the security of how domains are used on CloudFront distributions. This included mitigations to prevent the abusive use of domain fronting practices by not allowing SSL handshake requests and subsequent requests over the secured […]