{"id":39922,"date":"2021-08-19T11:39:43","date_gmt":"2021-08-19T11:39:43","guid":{"rendered":"https:\/\/www.vmengine.net\/2021\/08\/19\/network-and-security-aws-best-practices-and-services\/"},"modified":"2025-05-23T17:32:05","modified_gmt":"2025-05-23T17:32:05","slug":"network-and-security-aws-best-practices-and-services","status":"publish","type":"post","link":"http:\/\/temp_new.vmenginelab.com\/en\/2021\/08\/19\/network-and-security-aws-best-practices-and-services\/","title":{"rendered":"Network and security. AWS Best Practices and Services"},"content":{"rendered":"<div class=\"et_pb_section et_pb_section_310 et_section_regular\" >\n<div class=\"et_pb_row et_pb_row_408\">\n<div class=\"et_pb_column et_pb_column_4_4 et_pb_column_414  et_pb_css_mix_blend_mode_passthrough et-last-child\">\n<div class=\"et_pb_module et_pb_text et_pb_text_1174  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p>AWS enhances security with<strong> the Transit Gateway<\/strong> service, which allows you to route all traffic to and from any VPC or VPN and manage everything from one place.<\/p>\n<p>AWS Transit Gateway connects to<a href=\"https:\/\/aws.amazon.com\/it\/vpc\/?vpc-blogs.sort-by=item.additionalFields.createdDate&amp;vpc-blogs.sort-order=desc\"> VPC<\/a> networks through a <strong>central hub<\/strong>, and allows you to connect, thanks to <strong>VPNs<\/strong>, even to <strong>local networks (on-premises),<\/strong> simplifying the network and putting a stop to complex <strong>peering<\/strong> relationships.<br \/>The real advantage of Transit Gateway is that it can be used to connect multiple VPNs with always only one component on the Cloud side.<\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1175  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p>AWS Transit Gateway acts as a<strong> cloud router<\/strong> and can be used to interconnect your VPCs and on-premises networks. It is a cross-account, per-Region service, but can be easily extended to multiple Regions by peering to multiple AWS Transit Gateway instances in different Regions.<\/p>\n<p>Transit Gateway is obviously connected to the AWS global network, which is why your data is automatically encrypted and will never transit over the public internet. In addition, AWS <a href=\"https:\/\/aws.amazon.com\/it\/transit-gateway\/network-manager\/\"><strong>Transit Gateway Network Manager<\/strong> <\/a>is centrally located and can view your entire network in a unique way, even when connected to software-defined wide area network (SD-WAN) devices.<\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_cta_199 et_pb_promo  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_promo_description et_multi_view_hidden\"><\/div>\n<div class=\"et_pb_button_wrapper\"><a class=\"et_pb_button et_pb_promo_button\" href=\"https:\/\/aws.amazon.com\/it\/about-aws\/global-infrastructure\/\" target=\"_blank\">AWS Global Network  <\/a><\/div>\n<\/p><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1176  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\"><H2>  What are the benefits of Transit Gateway?  <\/p>\n<h2><\/h2>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1177  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<ul>\n<li><strong>Simplified connectivity<\/strong><br \/>AWS Transit Gateway acts as a cloud router to simplify network architecture.<br \/>Even with the growth of the network and the complexity of managing incremental connections, the business is not affected in any way.<br \/>AWS Transit Gateway can also be used to build global applications, using cross-Region peering.<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>Better visibility and control<\/strong><br \/>With AWS Transit Gateway Network Manager, you can easily monitor your Amazon VPC and edge connections from a central console. Integrated into popular SD-WAN devices, AWS Transit Gateway Network Manager also allows you to quickly identify issues and react to events across global networks.<strong><\/strong><\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<ul>\n<li><strong>Optimize security<\/strong><br \/>Traffic between AWS Transit Gateway and Amazon VPC remains on the AWS Global Private Network and is not exposed to the public internet.<br \/>AWS Transit Gateway&#8217;s cross-Region peering encrypts all traffic without any vulnerabilities or bandwidth bottlenecks. This provides enhanced security and protects against DDoS attacks and other common exploits.<\/li>\n<\/ul>\n<p>In addition, Transit Gateway allows you <strong>to centralize routing<\/strong> ( <strong>Ingress<\/strong> and <strong>Egress<\/strong> traffic) so you can add components that allow you to inspect all traffic entering and leaving the cloud network, increasing control of network security.<\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_image et_pb_image_327 et_animated et-waypoint\">\n<p>\t\t\t\t<span class=\"et_pb_image_wrap \"><img decoding=\"async\" src=\"http:\/\/temp_new.vmenginelab.com\/wp-content\/uploads\/2021\/08\/network-AWS-transfert-gateway-2.jpg\" alt=\"\" title=\"AWS-transfert gateway network\"  sizes=\"(max-width: 932px) 100vw, 932px\" class=\"wp-image-33849\" \/><\/span>\n\t\t\t<\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1178  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<ul>\n<li><strong>Flexible multicast<\/strong><br \/>AWS Transit Gateway&#8217;s multicast support delivers the same content to multiple specific destinations. Expensive local multicast networks are no longer required, and it reduces the bandwidth required for broadcast-intensive applications, such as video conferencing, media, or teleconferencing.<\/li>\n<\/ul>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1179  et_pb_text_align_center et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\"><H2>  Some use cases  <\/p>\n<h2><\/h2>\n<\/p><\/div>\n<\/p><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1180  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p style=\"text-align: left;\"><strong>Delivering applications worldwide<\/strong><\/p>\n<p>AWS Transit Gateway allows you to build applications that span thousands of<strong> Amazon VPCs<\/strong>. That means deploying new applications without having to make massive updates to route tables to create <strong>peering<\/strong> relationships. Simplified deployment, management, and troubleshooting.<\/p>\n<p style=\"text-align: left;\"><strong>Global reach<\/strong><\/p>\n<p style=\"text-align: left;\">With cross-Region peering relationships, everything connected to AWS Transit Gateway is shared across AWS Regions. This includes VPC, DNS, Microsoft Active Directory, and IPS\/IDS.<\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_text et_pb_text_1181  et_pb_text_align_left et_pb_bg_layout_light\">\n<div class=\"et_pb_text_inner\">\n<p style=\"text-align: left;\"><strong>Optimal response to peak demand<\/strong><\/p>\n<p>With AWS Transit Gateway, you can quickly add Amazon VPC, AWS accounts, VPN capacity, or AWS Direct Connect Gateway to answer unexpected questions, without having to spend time with massive route tables or complex connections.<\/p>\n<p style=\"text-align: left;\"><strong>Provide a host for multicast applications in the cloud<\/strong><\/p>\n<p style=\"text-align: left;\">With AWS Transit Gateway&#8217;s <strong>multicast<\/strong> capability, you can provide a <strong>host<\/strong> for multicast applications without having to redesign your application or make any changes to your on-premises network. Multicast applications scale based on demand, without having to purchase and maintain custom hardware to support application load spikes.<\/p>\n<\/div><\/div>\n<div class=\"et_pb_module et_pb_cta_200 et_pb_promo  et_pb_text_align_center et_pb_bg_layout_dark\">\n<div class=\"et_pb_promo_description\">\n<h2 class=\"et_pb_module_header\">Do you have a complex network architecture and would like to centralize routing on the Cloud?<\/h2>\n<\/div>\n<div class=\"et_pb_button_wrapper\"><a class=\"et_pb_button et_pb_promo_button\" href=\"https:\/\/temp_new.vmenginelab.com\/en\/contacts\/\" target=\"_blank\">Book a call with an expert<\/a><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>AWS enhances security with the Transit Gateway service, which allows you to route all traffic to and from any VPC or VPN and manage everything from one place. AWS Transit Gateway connects to VPC networks through a central hub, and allows you to connect, thanks to VPNs, even to local networks (on-premises), simplifying the network [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":33857,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[97,3574,2297,1374],"tags":[4646,132,133,100,4060,4647,4648,1270,4649],"class_list":["post-39922","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-blog-en","category-in-evidence","category-news-en","category-the-analysis","tag-amazon-connect-en","tag-amazon-web-services-en","tag-aws-en","tag-aws-cloud-security-en","tag-cloud-security-naples","tag-connection-en","tag-network-en","tag-security-en","tag-transit-gateway-en"],"aioseo_notices":[],"jetpack_featured_media_url":"http:\/\/temp_new.vmenginelab.com\/wp-content\/uploads\/2021\/08\/git-connectio-tech-1.gif","amp_enabled":true,"_links":{"self":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts\/39922","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/comments?post=39922"}],"version-history":[{"count":1,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts\/39922\/revisions"}],"predecessor-version":[{"id":41634,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/posts\/39922\/revisions\/41634"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/media\/33857"}],"wp:attachment":[{"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/media?parent=39922"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/categories?post=39922"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/temp_new.vmenginelab.com\/en\/wp-json\/wp\/v2\/tags?post=39922"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}