Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Simon ElishaExtending you Data Centre with VPCPrincipal Solution Architect
Agenda Why? What? How Much? Customer Examples “Goodies” in VPC Let’s build one!
WHY?
CapacityPowerElasticityAgility
WHAT?
VPC Overview• Bring your own networkYour network goes here
VPC Overview• Bring your own network• Create your own subnetsSubnet 1 Subnet 2 Subnet „n‟…
VPC Overview• Control instance placementAvailability Zone „A‟ Availability Zone „B‟
VPC Overview• Control instance placement and traffic– Security Groups & NACLsAvailability Zone „A‟ Availability Zone „B‟
VPC Overview• Control instance placement and traffic– Security Groups & NACLs– Routing RulesAvailability Zone „A‟ Availabi...
VPC Overview• VPC Gateways– Virtual Private Gateway– Internet GatewayCustomer Network
VPC Overview• Virtual Private Gateway– IPSEC VPNCustomer Network
VPC Overview• Virtual Private Gateway– Dynamic Routing (Route-based VPN)– Static Routing (Policy-based VPN)Customer Network
VPC Overview• Virtual Private Gateway– IPSEC VPN– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
VPC Overview• Virtual Private Gateway• Internet GatewayCustomer Network
VPC Overview• Connecting to Instances– Private IP– Elastic IP (publically routable)Customer Network
VPC Overview• Connecting to Instances– Load BalancersCustomer Network
VPC Building Blocks SummaryVirtual Private CloudSubnetsRoute Tables, Security Groups, NACLsVirtual Private GatewayAWS Dire...
VPC Connectivity Options
Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Internet VPNCustomer Network
Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Dual RedundancyCustomer Location #2Customer Location #1
Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– AWS VPN CloudHubCustomer Location #2Customer Location #1
Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPNCustomer Network
Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPN– DirectConnectCustomer NetworkDX Loc...
Connectivity Option #3• Integration between VPCs– DirectConnectDX Location
Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Hardware (VGW)
Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Software VPN
Connectivity Option #4• Remote Access Solution– Microsoft RAS– Checkpoint– OpenVPN– Sophos– VyattaCustomer NetworkRemote A...
Non-Standard VPN Requirements• Software VPN Appliance– Overlapping (unknown) customer network addresses– Customer MUST man...
Nonstandard VPN Requirements• ZenOSS SaaS example– Managed monitoring service– Extend AWS into ZenOSS Customer NetworksCus...
Lollipop network or data-center-on-a-stickHybrid integration – Internal & Internet AccessIntegration between Amazon VPCsMo...
HOW MUCH?
VPC $0Hardware VPN $0.05/ HourDirect Connect1 Gbps Port $0.30/ Hour10 Gbps Port $2.25/ HourInbound Data $0.00Outbound Data...
VPC $0Hardware VPN $438Direct Connect1 Gbps Port $2,62810 Gbps Port $19,710*Plus Outgoing data & private connection costsF...
CUSTOMEREXAMPLES
Lionsgate uses AWS To host SharePoint & SAPAmazon VPCAvoided datacenter build outSaved $1Mover 3 years50% lower costthan h...
Nasdaq used AWS to Build a New Line of Business
PRE-BUILTARCHITECTURES
SharePoint - Intranet
SharePoint - Internet
“Goodies” inVPC
Goodies• Control over Ingress & Egress of data – Security Groups• Dynamic allocation of Security Groups to Instances• Elas...
LET‟S BUILDONE!
FlexibleAgileCost EffectiveIntegrated
ARCHITECTURE CENTERhttp://aws.amazon.com/architectureTECHNICAL ARTICLEShttp://aws.amazon.com/articlesPODCASThttp://aws.ama...
AWS Sydney Summit 2013 - Extending Your Data Centre with VPC
AWS Sydney Summit 2013 - Extending Your Data Centre with VPC
Upcoming SlideShare
Loading in …5
×

AWS Sydney Summit 2013 - Extending Your Data Centre with VPC

899 views

Published on

Session 1, Presentation 2 from the AWS Sydney Summit

Published in: Technology
  • Be the first to comment

AWS Sydney Summit 2013 - Extending Your Data Centre with VPC

  1. 1. Simon ElishaExtending you Data Centre with VPCPrincipal Solution Architect
  2. 2. Agenda Why? What? How Much? Customer Examples “Goodies” in VPC Let’s build one!
  3. 3. WHY?
  4. 4. CapacityPowerElasticityAgility
  5. 5. WHAT?
  6. 6. VPC Overview• Bring your own networkYour network goes here
  7. 7. VPC Overview• Bring your own network• Create your own subnetsSubnet 1 Subnet 2 Subnet „n‟…
  8. 8. VPC Overview• Control instance placementAvailability Zone „A‟ Availability Zone „B‟
  9. 9. VPC Overview• Control instance placement and traffic– Security Groups & NACLsAvailability Zone „A‟ Availability Zone „B‟
  10. 10. VPC Overview• Control instance placement and traffic– Security Groups & NACLs– Routing RulesAvailability Zone „A‟ Availability Zone „B‟
  11. 11. VPC Overview• VPC Gateways– Virtual Private Gateway– Internet GatewayCustomer Network
  12. 12. VPC Overview• Virtual Private Gateway– IPSEC VPNCustomer Network
  13. 13. VPC Overview• Virtual Private Gateway– Dynamic Routing (Route-based VPN)– Static Routing (Policy-based VPN)Customer Network
  14. 14. VPC Overview• Virtual Private Gateway– IPSEC VPN– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
  15. 15. VPC Overview• Virtual Private Gateway• Internet GatewayCustomer Network
  16. 16. VPC Overview• Connecting to Instances– Private IP– Elastic IP (publically routable)Customer Network
  17. 17. VPC Overview• Connecting to Instances– Load BalancersCustomer Network
  18. 18. VPC Building Blocks SummaryVirtual Private CloudSubnetsRoute Tables, Security Groups, NACLsVirtual Private GatewayAWS Direct ConnectInternet GatewayElastic IPs and Load Balancers
  19. 19. VPC Connectivity Options
  20. 20. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Internet VPNCustomer Network
  21. 21. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Dual RedundancyCustomer Location #2Customer Location #1
  22. 22. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– AWS VPN CloudHubCustomer Location #2Customer Location #1
  23. 23. Connectivity Option #1• Lollipop network (“DC-on-a-stick”)– Direct ConnectCustomer NetworkDX LocationCustomer/PartnerWAN
  24. 24. Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPNCustomer Network
  25. 25. Connectivity Option #2• Hybrid Integration – Internal & Internet Access– Internet VPN– DirectConnectCustomer NetworkDX Location
  26. 26. Connectivity Option #3• Integration between VPCs– DirectConnectDX Location
  27. 27. Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Hardware (VGW)
  28. 28. Connectivity Option #3• Integration between VPCs– DirectConnect– Software VPN to Software VPN
  29. 29. Connectivity Option #4• Remote Access Solution– Microsoft RAS– Checkpoint– OpenVPN– Sophos– VyattaCustomer NetworkRemote AccessServer
  30. 30. Non-Standard VPN Requirements• Software VPN Appliance– Overlapping (unknown) customer network addresses– Customer MUST manage both sides of VPN
  31. 31. Nonstandard VPN Requirements• ZenOSS SaaS example– Managed monitoring service– Extend AWS into ZenOSS Customer NetworksCustomer “1”Shared MgmtNetworkCustomer “2”Customer “n”…
  32. 32. Lollipop network or data-center-on-a-stickHybrid integration – Internal & Internet AccessIntegration between Amazon VPCsMobile/Remote access solutionVPC Connectivity Options Summary
  33. 33. HOW MUCH?
  34. 34. VPC $0Hardware VPN $0.05/ HourDirect Connect1 Gbps Port $0.30/ Hour10 Gbps Port $2.25/ HourInbound Data $0.00Outbound Data (SYD) $0.045 per GBInbound Data $0.00Outbound Data (SYD) $0.19 per GB (first GB free)
  35. 35. VPC $0Hardware VPN $438Direct Connect1 Gbps Port $2,62810 Gbps Port $19,710*Plus Outgoing data & private connection costsFor a Year…
  36. 36. CUSTOMEREXAMPLES
  37. 37. Lionsgate uses AWS To host SharePoint & SAPAmazon VPCAvoided datacenter build outSaved $1Mover 3 years50% lower costthan hosting options
  38. 38. Nasdaq used AWS to Build a New Line of Business
  39. 39. PRE-BUILTARCHITECTURES
  40. 40. SharePoint - Intranet
  41. 41. SharePoint - Internet
  42. 42. “Goodies” inVPC
  43. 43. Goodies• Control over Ingress & Egress of data – Security Groups• Dynamic allocation of Security Groups to Instances• Elastic Network Interfaces – up to 8 depending on instance• DNS Resolution – Default or use your own• ElastiCache in VPC (joining RDS, EMR, ElasticBeanstalk,Redshift, OpsWorks, etc)• RDS IP Addresses - option to have RDS publicallyaccessible
  44. 44. LET‟S BUILDONE!
  45. 45. FlexibleAgileCost EffectiveIntegrated
  46. 46. ARCHITECTURE CENTERhttp://aws.amazon.com/architectureTECHNICAL ARTICLEShttp://aws.amazon.com/articlesPODCASThttp://aws.amazon.com/podcastBLOGhttp://aws.typepad.com

×