Getting connected to the AWS Cloud
One thing that comes up in every clckwrk engagement is the issue of getting connected to the cloud. It’s a common issue so worth lining up the options and seeing which is going to work for you. We’ve listed below the 3 most common paths for connecting your office or data centre to the AWS cloud and the pro’s and con’s of each. Internet – the simplest and by far the most common way for businesses to start to experiment with the cloud. You interact with AWS through a console in a browser and you can connect to servers and services over the internet too.Pros – it’s simple, cheap, and secure for administrative connections (using encryption and two factor authentication as standard)Cons – the service is only as good as your internet connection and you’ll contend for bandwidth with the rest of the office online activity, any user based access to applications is on the public facing internetVirtual Private Network – a secure tunnel between your office and the cloud so that only the users that can access your corporate network can get to the applications you put in the cloud. Most businesses have some VPN capability already so it’s usually simple to configure an additional connection to the cloud.Pros – still simple and cheap if you already have a VPN in house, secure for both administrative access to servers and for user access to applicationsCons – the service is still over the internet so you may still contend for bandwidthPrivate Circuit & Direct Connect – creates a private connection between your office and the cloud physically separate from internet traffic and directly into the AWS region as if it were your own data centrePros – the highest level of security with complete privacy of infrastructure, guaranteed quality of service as you can specify the bandwidth that will be used for users accessing applications in the cloudCons – likely to be an additional cost as a new line will be needed, this may take some time to get up and running tooWhat we find is that most customers start with internet access to get things going and in parallel implement a VPN solution between the business premises and the cloud. In addition to this for many customers ‘shaping’ the traffic in the VPN so that the AWS traffic is prioritised over the internet traffic is sufficient for there needs, where this isn’t sufficient the private circuit and Amazon Direct Connect is a great option for customers.
Aaron is the Chief Information Security Officer at Navisite and is responsible for security and compliance programs and the delivery of our managed security and advisory services to help customers implement and maintain the highest levels of cybersecurity protection and best practices. Aaron has more than 18 years of experience in the industry, holding various leadership and consulting roles in cloud security, infrastructure security and security operations.