Feeds

Amazon tweaks virtual private clouds

Public and private subnets

Build a business case: developing custom apps

Amazon Web Services has cut the encrypted cord on its Virtual Private Cloud.

When the VPC variant of Amazon's EC2 service was launched way back in August 2009, Amazon allowed customers to carve out a chunk of the Elastic Compute Cloud and isolate those server nodes from other EC2 nodes, creating a virtual private network.

The neat trick of the original Virtual Private Cloud service is that it allowed companies with existing data centers to use the same firewalls, intrusion detection systems, and other security resources Amazon deploys for its internal IT gear. As far as system and network administrators could tell, the virtual machines in the EC2-based Virtual Private Cloud were logically indistinguishable from the other physical and virtual infrastructure they manage internally.

Up until now, the only way to access the resources on the Amazon Virtual Private Cloud was to have your own data center with all that VPN gear and software. But starting today, Amazon Web Services will let you designate portions of you Virtual Private Cloud that can be accessible from the internet while still keeping other portions only available through the VPN link. And if you don't want to link your Amazon EC2 resources to your data center, or better still, EC2 is your data center, then you no longer need all that VPN stuff.

Amazon says that the tweaked Virtual Private Cloud gives users control over IP address ranges, subnets, and configuration of route tables and network gateways, just like they would have in a traditional data center. So they can, for instance, create a subnet for web servers that sit on the intertubes and create another subnet for applications and databases that does not hook into the internet.

If you want to still hook into the Virtual Private Cloud using encrypted VPN links, you can of course still do that.

The updated Virtual Private Cloud service allows you to carve up the private IP address range in any way you please into a number of public and private subnets. You control inbound and outbound access to these subnets with network access control lists, and Amazon is allowing you to link an Elastic IP address to any Virtual Private Cloud so you can get to it through the internet as well as the VPN (if you have one). The flexible networking is also available for the S3 storage cloud, not just for EC2 compute instances, so you can store data in the S3 cloud and set it up so it can only be accessed through the Virtual Private Cloud's private subnet.

With the public and private subnet support, now Amazon can host applications, such as SaaS-style applications that have been put out by traditional ERP, CRM, and SCM providers, which have a mix of web-facing modules where customers or partners can get access as well as private modules that are only geared for internal users. ®

Build a business case: developing custom apps

More from The Register

next story
Sysadmin Day 2014: Quick, there's still time to get the beers in
He walked over the broken glass, killed the thugs... and er... reconnected the cables*
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Microsoft says 'weird things' can happen during Windows Server 2003 migrations
Fix coming for bug that makes Kerberos croak when you run two domain controllers
Cisco says network virtualisation won't pay off everywhere
Another sign of strain in the Borg/VMware relationship?
VVOL update: Are any vendors NOT leaping into bed with VMware?
It's not yet been released but everyone thinks it's the dog's danglies
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Backing up Big Data
Solving backup challenges and “protect everything from everywhere,” as we move into the era of big data management and the adoption of BYOD.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.