Cloud // Infrastructure as a Service
08:34 PM
Connect Directly
Mobile Threats & How to Keep Them at Bay
Jun 01, 2016
With savvy cybercriminals using vulnerabilities in apps, networks, and operating systems to gain c ...Read More>>

Amazon Extends Private Cloud Capabilities

Customers have the option to connect to Amazon Web Services by setting up a virtual network within the cloud, eliminating the need to use a virtual private network.

Top 10 Cloud Stories Of 2010
(click image for larger view)
Slideshow: Top 10 Cloud Stories Of 2010

Amazon Elastic Compute Cloud (EC2) users who want private cloud services from Amazon Web Services' public cloud have an added option on getting there -- through the VPC Internet Gateway.

Since its inception, Amazon's virtual private data center service consisted of accessing EC2 services via a virtual private network (VPN). Workload instances in a virtual private cloud (VPC) were run in an isolated part of EC2 and had no IP facing addresses. Servers, storage, and networking of what a customer designated as his virtual private cloud could be accessed only over the VPN.

In Monday's announcement, EC2 general manager Peter DeSantis said customers may now control access to private EC2 instances through networking configuration decisions made in the cloud itself, rather than by external VPN. "Starting today, enterprises can choose to connect to AWS without a VPN by setting up virtual networks within the AWS cloud that they can control and customize," said Peter De Santis, general manager of Amazon Elastic Compute Cloud.

DeSantis said an enterprise IT manager can define a virtual network topology in an EC2 virtual private cloud that resembles a traditional network in his own data center. Customers are being given control over the virtual network environment, including setting the IP address range, creation of subnetworks, configuration of route tables, and setting of network gateways.

A customer, for example, could create an IP address range that he wished to designate for a virtual private cloud, then within it, designate addresses or a subnet for Web servers serving the public over the Internet, while placing databases or application servers in a private subnet with no Internet access. This outward-facing portion of the virtual private cloud was not previously an option.

Customers may also apply existing security groups and network access control lists to their virtual private cloud workload instances, DeSantis said in the announcement. Data stored in Amazon's S3 long-term storage service can be restricted so that it is accessed only from within the customer's virtual private cloud.

At the same time, under the extended virtual private cloud's operation, a workload in the VPC can be reached directly from the Internet via the customer's Elastic IP Address, an Amazon designation for an account number that can be a proxy for any number of customer workload instances with their own IP addresses behind them.

Customers may also continue to connect via encrypted VPN, if they choose to, DeSantis said.

Comment  | 
Print  | 
More Insights
Threaded  |  Newest First  |  Oldest First
Multicloud Infrastructure & Application Management
Multicloud Infrastructure & Application Management
Enterprise cloud adoption has evolved to the point where hybrid public/private cloud designs and use of multiple providers is common. Who among us has mastered provisioning resources in different clouds; allocating the right resources to each application; assigning applications to the "best" cloud provider based on performance or reliability requirements.
Register for InformationWeek Newsletters
White Papers
Current Issue
2016 InformationWeek Elite 100
Our 28th annual ranking of the leading US users of business technology.
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.