Amazon Web Services

Amazon Virtual Private Cloud

Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.
You can easily customize the network configuration of your Amazon VPC. For example, you can create a public-facing subnet for your web servers that have access to the internet. You can also place your backend systems, such as databases or application servers, in a private-facing subnet with no internet access. You can use multiple layers of security, including security groups and network access control lists, to help control access to Amazon EC2 instances in each subnet.

Amazon VPC Functionality

With Amazon Virtual Private Cloud (Amazon VPC), you can:

    Create an Amazon VPC on AWS's scalable infrastructure and specify its private IP address range from any range you choose.
    Expand your VPC by adding secondary IP ranges.
    Divide your VPC’s private IP address range into one or more public or private subnets to facilitate running applications and services in your VPC.
    Control inbound and outbound access to and from individual subnets using network access control lists.
    Store data in Amazon S3 and set permissions such that the data can only be accessed from within your Amazon VPC.
    Assign multiple IP addresses and attach multiple elastic network interfaces to instances in your VPC.
    Enable EC2 instances in the EC2-Classic platform to communicate with instances in a VPC using private IP addresses.
    Associate VPC Security Groups with instances on EC2-Classic.
    Enable both IPv4 and IPv6 in your VPC.
    Intercept and analyze ingress and egress traffic using a network and security appliance, including third-party offerings.
    Attach one or more Amazon Elastic IP addresses to any instance in your VPC so it can be reached directly from the internet.
    Connect your VPC with other VPCs and access resources in other VPCs via private IP addresses using VPC Peering.
    Privately connect to AWS services without using an internet gateway, NAT or firewall proxy through a VPC Endpoint.
    Available AWS services include S3, DynamoDB, Kinesis Streams, Service Catalog, EC2 Systems Manager (SSM), Elastic Load Balancing (ELB) API, Amazon Elastic Compute Cloud (EC2) API, and Amazon SNS.
    Privately connect to your own services or SaaS solutions powered by AWS PrivateLink.
    Bridge your Amazon VPC and your on-site IT infrastructure with AWS Site-to-Site VPN.
    Use VPC Flow Logs to log information about network traffic going in and out of network interfaces in your VPC.
    Use Amazon VPC traffic mirroring to capture and mirror network traffic for Amazon EC2 instances.

- Use cases

- Host a simple, public-facing website

Host a basic web application, such as a blog or simple website in a VPC, and gain the additional layers of privacy and security afforded by Amazon VPC. You can help secure the website by creating security group rules which allow the webserver to respond to inbound HTTP and SSL requests from the Internet while simultaneously prohibiting the webserver from initiating outbound connections to the Internet. 

- Host multi-tier web applications

Host multi-tier web applications and strictly enforce access and security restrictions between your web servers, application servers, and databases. Launch web servers in a publicly accessible subnet while running your application servers and databases in private subnets, so that application servers and databases cannot be directly accessed from the internet. You control access between the servers and subnets using inbound and outbound packet filtering provided by network access control lists and security groups.

- Disaster recovery

By using Amazon VPC for disaster recovery, you can have all the benefits of a disaster recovery site at a fraction of the cost. You can periodically backup critical data from your datacenter to a small number of Amazon EC2 instances with Amazon Elastic Block Store (EBS) volumes, or import your virtual machine images to Amazon EC2. To ensure business continuity, you can quickly launch replacement compute capacity in AWS. 

- Extend your corporate network into the cloud

Move corporate applications to the cloud, launch additional web servers, or add more compute capacity to your network by connecting your VPC to your corporate network. Because your VPC can be hosted behind your corporate firewall, you can seamlessly move your IT resources into the cloud without changing how your users access these applications. You can select "VPC with a Private Subnet Only and Hardware VPN Access" from the Amazon VPC console wizard to create a VPC that supports this use case.

- Securely connect cloud applications to your datacenter

An IPsec VPN connection between your Amazon VPC and your corporate network encrypts all communication between the application servers in the cloud and databases in your data center. Web servers and application servers in your VPC can leverage Amazon EC2 elasticity and Auto Scaling features to grow and shrink as needed. You can create a VPC to support this use case by selecting "VPC with Public and Private Subnets and Hardware VPN Access" in the Amazon VPC console wizard.

- Out-of-band and inline traffic inspection

Amazon VPC traffic mirroring duplicates the traffic, along with full payload data, from elastic network interfaces (ENIs) of EC2 instances, and delivers it to out-of-band monitoring and security analysis tools.
Amazon VPC ingress routing allows you to easily deploy network and security appliances, including third-party offerings, inline to the inbound or outbound Amazon VPC traffic.

Get in touch with our AWS specialists

Consult with them about products and AWS solutions. Our specialists will help you to choose a personalized solution according to your needs. We will get you started with the AWS, making it clear.

Thank you!

We will contact you shortly.

Can't send form.

Please try again later.

Made with