Category: Technical How-to

Web application security is an ongoing process. AWS WAF enables real-time monitoring and blocking of potentially harmful web requests. Bot Control and Fraud Control use machine learning (ML) to detect and prevent sophisticated threats. Bot traffic can make up anywhere from 30% to 50% or even more of total web traffic. After enabling AWS WAF, […]

AWS Network Firewall is a managed, stateful network firewall and intrusion protection service that allows you to implement firewalls rules for fine grained control over your network traffic. If you’re new to AWS Network Firewall, and want to understand its features and use cases, we recommend you review the blog post AWS Network Firewall – […]

In this blog post, we explore a scenario in which Goldman Sachs, wanted to transfer ownership of several of its key network components between teams in a controlled and seamless manner. Specifically, we take a deep dive on migrating traffic between Direct Connect gateways while maintaining end-to-end connectivity. As a multinational investment bank and financial […]

Amazon Web Services (AWS) offers a streamlined solution for you to monitor internet traffic to your CloudFront distribution with simple integration for Amazon CloudWatch Internet Monitor in the Amazon CloudFront console. Ensuring optimal performance and availability is paramount for internet applications. With this integration, you can easily gain more insights into internet health and your users’ experience for an application that you’ve set up with a CloudFront distribution.

Maintaining ownership of IP addresses while deploying resources in multiple accounts can lead to underutilized IP address ranges. AWS Global Accelerator supports cross-account sharing for bring your own IP addresses (BYOIP), which enables you to share IP address ranges with multiple AWS accounts. After you provision an IP address range with Global Accelerator using BYOIP, […]

Amazon Web Services (AWS) customers implement multi-account strategies so that multiple teams can deploy workloads in separate organizational units (OUs) and AWS accounts. Cloud administrators are using this practice through offerings such as AWS Control Tower and AWS Organizations. These services help them get things done using individual accounts while maintaining centralized control for governance […]

An update was made on April 11th, 2024, outlining deployment procedure. This post guides you through setting up the networking layer for a multi-Region active-active application architecture on AWS using latency-based routing in Amazon Route 53 with Amazon CloudFront to deliver a low-latency, reliable experience for your users. Building active-active architectures using AWS networking services improves […]

In today’s workplace, your users need secure, authenticated remote connectivity to your applications. Until recently, many organizations took this requirement to mean “VPN connection.” AWS Client VPN, introduced in 2018, has provided AWS customers with a managed, OpenVPN-based VPN client solution for securing remote access to on-premises and AWS-hosted applications. AWS Verified Access, launched in […]

To operate websites, mobile apps, or services accessible to public users in China, companies should complete internet content provider (ICP) recordal and host systems on local servers or approved cloud servers located in mainland China. Amazon Web Services (AWS) offers AWS China Regions, two Regions situated in China that allow customers to host websites and […]

Public IPv4 addresses have been a scarce resource going all the way back to 2011, when the Internet Assigned Numbers Authority (IANA) distributed the last block of unallocated public IPv4 addresses. Alongside, the private IPv4 range carved out by RFC1918 has also been too small for large networks and deployments, like containers that consume a […]