Cloud // Infrastructure as a Service
08:34 PM
Connect Directly
Repost This

Amazon Extends Private Cloud Capabilities

Customers have the option to connect to Amazon Web Services by setting up a virtual network within the cloud, eliminating the need to use a virtual private network.

Top 10 Cloud Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Cloud Stories Of 2010

Amazon Elastic Compute Cloud (EC2) users who want private cloud services from Amazon Web Services' public cloud have an added option on getting there -- through the VPC Internet Gateway.

Since its inception, Amazon's virtual private data center service consisted of accessing EC2 services via a virtual private network (VPN). Workload instances in a virtual private cloud (VPC) were run in an isolated part of EC2 and had no IP facing addresses. Servers, storage, and networking of what a customer designated as his virtual private cloud could be accessed only over the VPN.

In Monday's announcement, EC2 general manager Peter DeSantis said customers may now control access to private EC2 instances through networking configuration decisions made in the cloud itself, rather than by external VPN. "Starting today, enterprises can choose to connect to AWS without a VPN by setting up virtual networks within the AWS cloud that they can control and customize," said Peter De Santis, general manager of Amazon Elastic Compute Cloud.

DeSantis said an enterprise IT manager can define a virtual network topology in an EC2 virtual private cloud that resembles a traditional network in his own data center. Customers are being given control over the virtual network environment, including setting the IP address range, creation of subnetworks, configuration of route tables, and setting of network gateways.

A customer, for example, could create an IP address range that he wished to designate for a virtual private cloud, then within it, designate addresses or a subnet for Web servers serving the public over the Internet, while placing databases or application servers in a private subnet with no Internet access. This outward-facing portion of the virtual private cloud was not previously an option.

Customers may also apply existing security groups and network access control lists to their virtual private cloud workload instances, DeSantis said in the announcement. Data stored in Amazon's S3 long-term storage service can be restricted so that it is accessed only from within the customer's virtual private cloud.

At the same time, under the extended virtual private cloud's operation, a workload in the VPC can be reached directly from the Internet via the customer's Elastic IP Address, an Amazon designation for an account number that can be a proxy for any number of customer workload instances with their own IP addresses behind them.

Customers may also continue to connect via encrypted VPN, if they choose to, DeSantis said.

Comment  | 
Print  | 
More Insights
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Register for InformationWeek Newsletters
White Papers
Current Issue
Twitter Feed
Audio Interviews
Archived Audio Interviews
GE is a leader in combining connected devices and advanced analytics in pursuit of practical goals like less downtime, lower operating costs, and higher throughput. At GIO Power & Water, CIO Jim Fowler is part of the team exploring how to apply these techniques to some of the world's essential infrastructure, from power plants to water treatment systems. Join us, and bring your questions, as we talk about what's ahead.