X
Tech

AWS expands private cloud networking

Amazon Web Services has added a multitude of free networking features to its virtual private cloud product, boosting security, network topology control and management.The additional features for the Virtual Private Cloud (VPC), announced on Monday, simplify the process of setting up a VPC, allow control over the specific network topology of the cloud network, add greater security features and allow the creation of specific internet gateways within the VPC.
Written by Jack Clark, Contributor

Amazon Web Services has added a multitude of free networking features to its virtual private cloud product, boosting security, network topology control and management.

The additional features for the Virtual Private Cloud (VPC), announced on Monday, simplify the process of setting up a VPC, allow control over the specific network topology of the cloud network, add greater security features and allow the creation of specific internet gateways within the VPC.

"You can now create a network topology in the AWS cloud that closely resembles the one in your physical datacentre including public, private, and DMZ subnets. Instead of dealing with cables, routers, and switches you can design and instantiate your network programmatically," Amazon Web Services' Jeff Barr said in a blog post. "This means that you could store your entire network layout in abstract form, and then realise it on demand."

The VPC Wizard feature allows a VPC to be configured with four network architectures, ranging from a VPC purely accessed by virtual private network (VPN) to a VPC with a single public subnet.

The configuration options also make it possible to create bespoke networks from the ground up. For instance, a network with a public subnet for its web servers and a private subnet for backend databases or application servers, AWS said.

AWS also added the ability to create security groups within the Elastic Compute Cloud (EC2) instances contained within the VPC, which makes it possible to filter outbound traffic and create rules to match IP protocols. The groups can be added and removed in real-time, via the AWS Management Console.

Another security feature is Network Address Translation (NAT) addressing, which allows an Amazon Machine Image (AMI) of a NAT to be loaded onto an EC2 instance, which is then used to route private instances' connections to the internet without revealing their IP addresses.

The features were made available for free on Monday, with costs only coming in when a feature depended on the consumption, rather than configuration, of an AWS resource. For example, NAT addressing carries a cost, as users must run a dedicated EC2 instance with a NAT AMI to use it, so they pay for the instance.

A number of AWS features are not available for use in VPC. These include AWS Elastic Beanstalk, Elastic Load Balancing, Amazon Elastic MapReduce and the Relational Database Service, according to AWS.

Editorial standards