Many organizations on their journey into the cloud require consistent and highly secure connectivity between their existing data center and AWS footprints. In this session, we walk through the different architecture options for establishing this connectivity using AWS Direct Connect and VPN. With each option, we evaluate the considerations and discuss risk, performance, encryption, and cost. As we walk through these options, we try to answer some of the most common questions that typically arise from organizations that tackle design and implementation. You'll learn how to make connectivity decisions that are suitable for your workloads, and how to best prepare against business impact in the event of failure.
Serverless for Developers: Event-Driven & Distributed Apps - Pop-up Loft TLV ...Amazon Web Services
Serverless architectures simplify operations and maintenance of production applications, abstracting from the underlining infrastructure and OS. But what about development? In this session you will see some of the key points that can empower a serverless developer: from event-driven design, to simplification (less is more, especially for a small team), extending the functionalities of the platform (per prefix stats for S3, geohash for DynamoDB, API authentication, and so on), integrating new products.
Everything generates logs. Applications, infrastructure, security ... everything. As you use the Cloud, keeping track of the flood of log data is a big challenge, yet critical to your ability to understand your systems and troubleshoot (or prevent) issues. We'll look at using AWS services to get the insights you need quickly and easily.
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017Amazon Web Services
This session demonstrates how customers can leverage hybrid IT as a transitional step on the path to going all-in on AWS. We provide a step-by-step walk-through focusing on seamless migration to the cloud, with consideration given to existing data centers, equipment, and staff retraining. Learn about the suite of capabilities AWS provides to ease and simplify your journey to the cloud.
Getting Started with Managed Services | AWS Public Sector Summit 2016Amazon Web Services
The AWS cloud infrastructure is architected to be one of the most flexible and secure cloud computing environments available today. By leveraging services such as EC2, you are able to build highly scalable and performant architectures. AWS also provides a rich set of services which help to remove much of the potentially undifferentiated heavy lifting associated to managing your EC2 based infrastructure. This session will introduce some of these services in the areas of Application Management, Database, Analytics, Security and Enterprise Applications.
When working in a multi-account AWS environment, or when external or internal security and compliance requirements necessitate the constraining of user identity information to a geography where there isn’t an AWS Region or the use of MFA tokens based on standards other than RFC6238, it is recommended to federate user identity details to a customer-maintained identity provider (IdP). We demonstrate the integration of a customer-based IdP with AWS IAM using a SAML trust relationship at Group level, and discuss multi-account access stretegy and how federation fits into it.
Serverless for Developers: Event-Driven & Distributed Apps - Pop-up Loft TLV ...Amazon Web Services
Serverless architectures simplify operations and maintenance of production applications, abstracting from the underlining infrastructure and OS. But what about development? In this session you will see some of the key points that can empower a serverless developer: from event-driven design, to simplification (less is more, especially for a small team), extending the functionalities of the platform (per prefix stats for S3, geohash for DynamoDB, API authentication, and so on), integrating new products.
Everything generates logs. Applications, infrastructure, security ... everything. As you use the Cloud, keeping track of the flood of log data is a big challenge, yet critical to your ability to understand your systems and troubleshoot (or prevent) issues. We'll look at using AWS services to get the insights you need quickly and easily.
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017Amazon Web Services
This session demonstrates how customers can leverage hybrid IT as a transitional step on the path to going all-in on AWS. We provide a step-by-step walk-through focusing on seamless migration to the cloud, with consideration given to existing data centers, equipment, and staff retraining. Learn about the suite of capabilities AWS provides to ease and simplify your journey to the cloud.
Getting Started with Managed Services | AWS Public Sector Summit 2016Amazon Web Services
The AWS cloud infrastructure is architected to be one of the most flexible and secure cloud computing environments available today. By leveraging services such as EC2, you are able to build highly scalable and performant architectures. AWS also provides a rich set of services which help to remove much of the potentially undifferentiated heavy lifting associated to managing your EC2 based infrastructure. This session will introduce some of these services in the areas of Application Management, Database, Analytics, Security and Enterprise Applications.
When working in a multi-account AWS environment, or when external or internal security and compliance requirements necessitate the constraining of user identity information to a geography where there isn’t an AWS Region or the use of MFA tokens based on standards other than RFC6238, it is recommended to federate user identity details to a customer-maintained identity provider (IdP). We demonstrate the integration of a customer-based IdP with AWS IAM using a SAML trust relationship at Group level, and discuss multi-account access stretegy and how federation fits into it.
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...Amazon Web Services
Attend this session to dive deeper into AWS's content delivery service, Amazon CloudFront. Learn how you can use CloudFront to accelerate the delivery of your APIs or applications, including content that cannot be cached, to global clients. We'll also walk you through how you can use Lambda@Edge, which gives you the ability to execute custom code inline with your CloudFront events to customize applications. With Lambda@Edge, you can now generate custom responses right at the edge, allowing you to leverage CloudFront to reduce end-to-end latency and more efficiently filter traffic to your back-end origin servers. We'll walk you through Lambda@Edge use cases and walk through a demo to show how this works.
AWS re:Invent 2016: Re-imagining Insurance Processes with AWS Mobile Services...Amazon Web Services
Insurance processes are fragmented and manual in nature. For the next generation of digitally savvy consumers, New York Life Labs uses modern technology and analytics to engage with and provide best-in-class customer service. This session will discuss how New York Life Labs is mobilizing key insurance technology components including customer service, underwriting, policy administration, and claims processing. This session will focus on how New York Life Labs is taking a mobile-first approach in redesigning claims processing with responsive design, automated workflows, and AWS mobile services. Some of the services discussed will be Amazon Cognito, Amazon SNS, AWS Lambda, Amazon DynamoDB, and Amazon SWF, and how they all come together.
Database Migration: Simple, Cross-Engine and Cross-Platform Migrations with ...Amazon Web Services
Learn how you can migrate databases with minimal downtime from on-premises and Amazon EC2 environments to Amazon RDS, Amazon Redshift, Amazon Aurora and EC2 databases using AWS Database Migration Service. We'll discuss homogeneous (e.g. Oracle-to-Oracle, PostgreSQL-to-PostgreSQL, etc.) and heterogeneous (e.g. Oracle to Aurora, SQL Server to MariaDB) database migrations. We'll also talk about the new AWS Schema Conversion Tool that saves you development time when migrating your Oracle and SQL Server database schemas, including PL/SQL and T-SQL procedural code, to their MySQL, MariaDB and Aurora equivalents. Best of all, we'll spend most of the time demonstrating the product and showing use cases designed to help your business.
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
Network security, Anti-DDoS and other Internet-side protections: Encryption i...Amazon Web Services
Architecting for resilience doesn’t stop at spreading EC2 and VPC-based environments across multiple Availability Zones. We discuss and demonstrate a number of protective measures which can be put in place between the Internet and your AWS environments to mitigate DDoS and other varieties of attack, and measures that can be deployed on-instance to protect EC2 environments. We also discuss whether encryption in transit is necessary within a VPC, and for customers who consider it to be, how to manage distribution of key material and other secret credentials in autoscaling environments.
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
Identify the main options for deploying and managing Active Directory on AWS, how to extend your on-premises environment to AWS, and what are the best-practices from the field.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
Using Microsoft Active Directory across On-premises and Cloud WorkloadsAmazon Web Services
Learning Objectives:
- Learn how to setup SSO for your .NET applications, Amazon QuickSight, and AWS Enterprise IT Applications such as Amazon Workspaces.
- Learn how to manage your AWS Cloud Windows workloads such as Amazon EC2 for Windows Server and Amazon RDS SQL Server using GPOs.
- Learn how to configure trusts between your on-premises and AWS Cloud Microsoft Active Directory domains securely.
Managing your AWS Cloud Windows workloads using Microsoft Active Directory doesn’t require complex networking or synching your identity data across multiple systems. AWS Directory Service for Microsoft Active Directory offers you actual Microsoft Active Directory as a managed service. Attend this tech talk to become an expert at managing single sign-on (SSO) and Group Policy objects (GPOs) for your AWS Cloud Windows workloads. You will also see a demonstration on how to configure trusts between your on-premises and AWS Cloud Microsoft Active Directory domains securely.
Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances for fault tolerance and load distribution. In this session, we go into detail about Elastic Load Balancing's configuration and day-to-day management, as well as its use in conjunction with Auto Scaling. We explain how to make decisions about the service and share best practices and useful tips for success.
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
Do you have questions on how to best use Microsoft Active Directory with your AWS Windows workloads? Do you need a deep-dive on securely setting up trusts between your on-premises Active Directory and your AWS Directory Services for Microsoft Active Directory? This session will help you understand the differences between AWS Directory Service for Microsoft AD, building your own Microsoft Active Directory on Amazon EC2, or joining your cloud resources to your on-premises Active Directory over a direct network connection. After this session you will be an expert on how to setup single sign-on for your cloud applications and resources, using Group Policy for your EC2 systems, and how to securely configure trusts across your on-premises and AWS Cloud Active Directories.
Learn how to use AWS services to automate manual tasks, help teams manage complex environments at scale, and keep engineers in control of the high velocity that is enabled by DevOps. In this session, we will provide an overview of the various AWS development and deployment services and when best to use them. We will show how to build a fully automated infrastructure and software delivery pipeline with AWS CodePipeline, AWS CodeBuild, AWS CloudFormation and AWS CodeDeploy. At the end of the session, a GitHub repository of AWS CloudFormation templates will be provided so you can quickly deploy the same pipeline to your AWS account(s).
The technical advantages of a microservices architecture pattern are understood by many AWS customers. In this session, the innovation advantages of microservices are explored from a business perspective together with business agility lessons learned during an evolution from a single monolithic application to cloud based microservices.
Speaker: Craig Dickson, Solutions Architect, Amazon Web Services
Level 100: Get Started and Migrate Your Data to AWS
Millions of customers are leveraging AWS for increased flexibility, scalability, and reliability. This "how-to" webinar will cover the basics of getting started with AWS and migrating your data to AWS. this session will also cover core AWS services, such as Amazon EC2 and Amazon S3, and provide demonstrations of how to set up and utilize those services to launch virtual machines in the cloud, backup and restore data. This session will also cover the storage options available today to upload/move your data to AWS.
Reasons to attend:
Learn how to create an AWS account and access its free services, to create and run a virtual machine in the cloud
Understand how to create backup and restore an Amazon EC2 instance
Store and share files online with Amazon S3
Learn how to manage costs and set up billing alerts
Leverage the different storage options to migrate your data
Thinking through how you want to run Microsoft Windows Server and application workloads on AWS is straightforward, when you have a game plan. Understanding which service to leverage– like Amazon EC2, Amazon RDS, and Directory Services to name a few – will accelerate the process further. There are also a number of new enhancements to help make things even easier. In this session we will walk through how to think about mapping to the various AWS services available so you can get your deployment or migration project off to the right start. Think of this session as the decoder ring between your on-premises deployment and what you can expect from the AWS cloud for your Microsoft Windows Server and applications.
AWS re:Invent 2016: Extending Datacenters to the Cloud: Connectivity Options ...Amazon Web Services
Many enterprises on their journey into the cloud require consistent and highly secure connectivity between their existing data center and AWS footprints. In this session, we walk through the different architecture options for establishing this connectivity using AWS Direct Connect and VPN. With each option, we evaluate the considerations and discuss risk, performance, encryption, and cost. As we walk through these options, we try to answer some of the most common questions that typically arise from enterprises that tackle design and implementation. You'll learn how to make connectivity decisions that are suitable for your workloads, and how to best prepare against business impact in the event of failure.
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...Amazon Web Services
Attend this session to dive deeper into AWS's content delivery service, Amazon CloudFront. Learn how you can use CloudFront to accelerate the delivery of your APIs or applications, including content that cannot be cached, to global clients. We'll also walk you through how you can use Lambda@Edge, which gives you the ability to execute custom code inline with your CloudFront events to customize applications. With Lambda@Edge, you can now generate custom responses right at the edge, allowing you to leverage CloudFront to reduce end-to-end latency and more efficiently filter traffic to your back-end origin servers. We'll walk you through Lambda@Edge use cases and walk through a demo to show how this works.
AWS re:Invent 2016: Re-imagining Insurance Processes with AWS Mobile Services...Amazon Web Services
Insurance processes are fragmented and manual in nature. For the next generation of digitally savvy consumers, New York Life Labs uses modern technology and analytics to engage with and provide best-in-class customer service. This session will discuss how New York Life Labs is mobilizing key insurance technology components including customer service, underwriting, policy administration, and claims processing. This session will focus on how New York Life Labs is taking a mobile-first approach in redesigning claims processing with responsive design, automated workflows, and AWS mobile services. Some of the services discussed will be Amazon Cognito, Amazon SNS, AWS Lambda, Amazon DynamoDB, and Amazon SWF, and how they all come together.
Database Migration: Simple, Cross-Engine and Cross-Platform Migrations with ...Amazon Web Services
Learn how you can migrate databases with minimal downtime from on-premises and Amazon EC2 environments to Amazon RDS, Amazon Redshift, Amazon Aurora and EC2 databases using AWS Database Migration Service. We'll discuss homogeneous (e.g. Oracle-to-Oracle, PostgreSQL-to-PostgreSQL, etc.) and heterogeneous (e.g. Oracle to Aurora, SQL Server to MariaDB) database migrations. We'll also talk about the new AWS Schema Conversion Tool that saves you development time when migrating your Oracle and SQL Server database schemas, including PL/SQL and T-SQL procedural code, to their MySQL, MariaDB and Aurora equivalents. Best of all, we'll spend most of the time demonstrating the product and showing use cases designed to help your business.
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
Network security, Anti-DDoS and other Internet-side protections: Encryption i...Amazon Web Services
Architecting for resilience doesn’t stop at spreading EC2 and VPC-based environments across multiple Availability Zones. We discuss and demonstrate a number of protective measures which can be put in place between the Internet and your AWS environments to mitigate DDoS and other varieties of attack, and measures that can be deployed on-instance to protect EC2 environments. We also discuss whether encryption in transit is necessary within a VPC, and for customers who consider it to be, how to manage distribution of key material and other secret credentials in autoscaling environments.
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
Identify the main options for deploying and managing Active Directory on AWS, how to extend your on-premises environment to AWS, and what are the best-practices from the field.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
Using Microsoft Active Directory across On-premises and Cloud WorkloadsAmazon Web Services
Learning Objectives:
- Learn how to setup SSO for your .NET applications, Amazon QuickSight, and AWS Enterprise IT Applications such as Amazon Workspaces.
- Learn how to manage your AWS Cloud Windows workloads such as Amazon EC2 for Windows Server and Amazon RDS SQL Server using GPOs.
- Learn how to configure trusts between your on-premises and AWS Cloud Microsoft Active Directory domains securely.
Managing your AWS Cloud Windows workloads using Microsoft Active Directory doesn’t require complex networking or synching your identity data across multiple systems. AWS Directory Service for Microsoft Active Directory offers you actual Microsoft Active Directory as a managed service. Attend this tech talk to become an expert at managing single sign-on (SSO) and Group Policy objects (GPOs) for your AWS Cloud Windows workloads. You will also see a demonstration on how to configure trusts between your on-premises and AWS Cloud Microsoft Active Directory domains securely.
Elastic Load Balancing automatically distributes incoming application traffic across multiple Amazon EC2 instances for fault tolerance and load distribution. In this session, we go into detail about Elastic Load Balancing's configuration and day-to-day management, as well as its use in conjunction with Auto Scaling. We explain how to make decisions about the service and share best practices and useful tips for success.
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
Do you have questions on how to best use Microsoft Active Directory with your AWS Windows workloads? Do you need a deep-dive on securely setting up trusts between your on-premises Active Directory and your AWS Directory Services for Microsoft Active Directory? This session will help you understand the differences between AWS Directory Service for Microsoft AD, building your own Microsoft Active Directory on Amazon EC2, or joining your cloud resources to your on-premises Active Directory over a direct network connection. After this session you will be an expert on how to setup single sign-on for your cloud applications and resources, using Group Policy for your EC2 systems, and how to securely configure trusts across your on-premises and AWS Cloud Active Directories.
Learn how to use AWS services to automate manual tasks, help teams manage complex environments at scale, and keep engineers in control of the high velocity that is enabled by DevOps. In this session, we will provide an overview of the various AWS development and deployment services and when best to use them. We will show how to build a fully automated infrastructure and software delivery pipeline with AWS CodePipeline, AWS CodeBuild, AWS CloudFormation and AWS CodeDeploy. At the end of the session, a GitHub repository of AWS CloudFormation templates will be provided so you can quickly deploy the same pipeline to your AWS account(s).
The technical advantages of a microservices architecture pattern are understood by many AWS customers. In this session, the innovation advantages of microservices are explored from a business perspective together with business agility lessons learned during an evolution from a single monolithic application to cloud based microservices.
Speaker: Craig Dickson, Solutions Architect, Amazon Web Services
Level 100: Get Started and Migrate Your Data to AWS
Millions of customers are leveraging AWS for increased flexibility, scalability, and reliability. This "how-to" webinar will cover the basics of getting started with AWS and migrating your data to AWS. this session will also cover core AWS services, such as Amazon EC2 and Amazon S3, and provide demonstrations of how to set up and utilize those services to launch virtual machines in the cloud, backup and restore data. This session will also cover the storage options available today to upload/move your data to AWS.
Reasons to attend:
Learn how to create an AWS account and access its free services, to create and run a virtual machine in the cloud
Understand how to create backup and restore an Amazon EC2 instance
Store and share files online with Amazon S3
Learn how to manage costs and set up billing alerts
Leverage the different storage options to migrate your data
Thinking through how you want to run Microsoft Windows Server and application workloads on AWS is straightforward, when you have a game plan. Understanding which service to leverage– like Amazon EC2, Amazon RDS, and Directory Services to name a few – will accelerate the process further. There are also a number of new enhancements to help make things even easier. In this session we will walk through how to think about mapping to the various AWS services available so you can get your deployment or migration project off to the right start. Think of this session as the decoder ring between your on-premises deployment and what you can expect from the AWS cloud for your Microsoft Windows Server and applications.
AWS re:Invent 2016: Extending Datacenters to the Cloud: Connectivity Options ...Amazon Web Services
Many enterprises on their journey into the cloud require consistent and highly secure connectivity between their existing data center and AWS footprints. In this session, we walk through the different architecture options for establishing this connectivity using AWS Direct Connect and VPN. With each option, we evaluate the considerations and discuss risk, performance, encryption, and cost. As we walk through these options, we try to answer some of the most common questions that typically arise from enterprises that tackle design and implementation. You'll learn how to make connectivity decisions that are suitable for your workloads, and how to best prepare against business impact in the event of failure.
AWS re:Invent 2016: Hybrid Architecture Design: Connecting Your On-Premises W...Amazon Web Services
You’re trying to minimize your time to deploy applications, reduce capital expenditure, and take advantage of the economies of scale made possible by using Amazon Web Services; however, you have existing on-premises applications that are not quite ready for complete migration. Hybrid architecture design can help! In this session, we discuss the fundamentals that any architect needs to consider when building a hybrid design from the ground up. Attendees get exposure to Amazon VPC, VPNs, Amazon Direct Connect, on-premises routing and connectivity, application discovery and definition, and how to tie all of these components together into a successful hybrid architecture.
Networking Many VPCs: Transit and Shared Architectures - NET404 - re:Invent 2017Amazon Web Services
This session focuses on best practices for connectivity between many virtual private clouds (VPCs), including the Transit VPC. We review how the Transit VPC works and use cases for centralization, network security, and connectivity. We include best practices for multiple accounts, multiple regions, and designing for scale. In addition, we also review some of the variants and extensions to the Transit VPC, including how to customize your own.
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...Amazon Web Services
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the Amazon Web Services (AWS) cloud where you can launch AWS resources in a virtual data center that you define. In this session you learn how to leverage the VPC networking constructs to configure a highly available and secure virtual data center on AWS for your application. We cover best practices around choosing an IP range for your VPC, creating subnets, configuring routing, securing your VPC, establishing VPN connectivity, and much more. The session culminates in creating a highly available web application stack inside of VPC and testing its availability with Chaos Monkey.
Speaker: Bradley Acar, AWS
Level: 300
In the journey of cloud adoption, Hybrid architectures are commonplace and are often seen as a very important milestone in business enablement. AWS offers customers many options to facilitate connectivity of their Amazon Virtual Private Cloud environments back to their existing on-premises networks.In this session, we will show you how to choose the best option for your business and how each of these options scale. We’ll also show you how you can use a CI/CD pipeline to automate deployment of AWS Accounts and VPCs and connect them to your existing network, on-the-fly, with all your guard rails in-place.
Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS SummitAmazon Web Services
Networking is the foundation supporting many applications and services on AWS. As such, it is one of the first and most important things to consider when architecting with AWS. In this session, we discuss planning for your advanced AWS networking architectures.
GPSTEC322-GPS Creating Your Virtual Data Center VPC Fundamentals Connectivity...Amazon Web Services
In this session, we walk through the fundamentals of Amazon VPC. First, we cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This midlevel architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks that AWS makes available with VPC. Learn how you can connect your VPC with your offices and current data center footprint. This session adds a focus on AWS Partners and where they are relevant in AWS networking.
Planificación de arquitecturas de red de AWS - MXO211 - Mexico City SummitAmazon Web Services
Amazon VPC es un servicio que te ayuda a tener control total sobre tus recursos de red en AWS. Con este control ¿te has preguntado cómo es que las nuevas capacidades liberadas afectan la forma en la que diseñaste tu arquitectura de red o cómo cambiar tus arquitecturas existentes? En esta sesión compartiremos ejemplos reales sobre cómo utilizar Amazon VPC para crear arquitecturas de nube híbridas, conectando tus centros de datos locales con AWS. También exploraremos las capacidades recién agregadas a Amazon VPC y cómo puedes utilizarlas.
Join us to learn about connectivity options to AWS and how they build the infrastructure foundation for hybrid, migration, and DR use cases. In this session, we will shed light on the recent changes with AWS Direct Connect to enable new GovCloud (US) and global regional access. We will also touch on networking integration options with AWS services and partners offering like VMware Cloud on AWS to enrich migration options to AWS cloud.
In this session, we walk through the fundamentals of Amazon VPC. First, we cover build-out and design fundamentals for VPCs, including picking your IP space, subnetting, routing, security, NAT, and much more. We then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks that AWS makes available with Amazon VPC. Learn how you can connect VPCs with your offices and current data center footprint.
In this session, learn how you evaluate, design, build, and manage distributed applications over hybrid infrastructures using Amazon Web Services. This session follows the evolution of a simple legacy data center expansion with basic connectivity into managing complex hybrid applications. Along the way, we investigate best practice designs in use by AWS customers. Topics covered include interconnectivity, availability, security, and hybrid networks with Amazon VPC and AWS Direct Connect, as well as automated provisioning with AWS CloudFormation and configuration management with AWS OpsWorks.
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Amazon Web Services
Organizations use application delivery controllers (ADCs) to ensure that their most important applications receive the best performance across their network. In this session, you learn how and why Salesforce used the F5 BIG-IP platform, an ADC solution from AWS Marketplace, during a migration to AWS. To preserve an existing skillset within their business, Salesforce chose AWS Marketplace to first evaluate the solution on the AWS platform before ultimately selecting it as part of their international rollout. You see how BIG-IP performs application routing and security, and how it works with existing AWS networking solutions to provide a consistent experience for domestic and international rollouts. You also learn how Salesforce successfully used the AWS Marketplace Private Offers program to procure an enterprise license and consolidate the expenditure onto their AWS bill.
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...Amazon Web Services
Organizations use application delivery controllers (ADCs) to ensure that their most important applications receive the best performance across their network. In this session, you learn how and why Salesforce used the F5 BIG-IP platform, an ADC solution from AWS Marketplace, during a migration to AWS. To preserve an existing skillset within their business, Salesforce chose AWS Marketplace to first evaluate the solution on the AWS platform before ultimately selecting it as part of their international rollout. You see how BIG-IP performs application routing and security, and how it works with existing AWS networking solutions to provide a consistent experience for domestic and international rollouts. You also learn how Salesforce successfully used the AWS Marketplace Private Offers program to procure an enterprise license and consolidate the expenditure onto their AWS bill.
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
13. Intro to AWS Direct Connect (DX)
• Offered since 2011
• Private connection, separate from Internet
• Consistent network experience
• Connect through one of 51 locations
• Each connection connects into 1 AWS Region
• Multiple options for each AWS Region
14. Frankfurt
AWS Direct Connect (DX) in Europe and Asia Pacific
Digital RealtyEircom Interxion Frankfurt
Sydney
Ireland
Tokyo
Singapore
Equinix OS
Beijing
Equinix TY
Equinix FR
Equinix SY
Global Switch
Equinix SG
CIDS
Sinnet
Eqinix LDInterxion
Interxion Madrid
Interxion Stockholm
Equinix AM
Global Switch
Mumbai
GPXSify Rabale
Seoul
KINX
Telehouse
15. Oregon
N. California
AWS Direct Connect (DX) in the United States
SuperNAP
Equinix SE
CoreSite LA
N. Virginia
CoreSite NY
Equinix DC
CoreSite SV
OhioEquinix CH
QTS Chicago
Equinix DA
CoreSite VA
Equinix LA
Equinix SV
TierPoint
EdgeConneX
Pittock Block
46. AWS managed VPN
Cost
Performance
Flexibility
Resiliency
• Easy install, minutes to setup
• NAT-T, AES-256, SHA-2 and latest
DH groups
• Static (1 prefix) or BGP (<100
prefixes)
• Repeat for every VPC
• $0.05 per VPN connection hour
• Data transfer
• Leverage both VGW endpoints (2
tunnels per VPC)
• Think about CGW redundancy (4
tunnels per VPC)
• Multi Gbps can be achieved per
VPC (limited at VGW)
53. London DX
Seattle DX
Branch
Remote
workforce
Global HQ
Regional HQ
us-west-2 region
Transit VPCVPC
VPC
eu-west-1 region
Transit VPC VPC
VPC
ap-northeast-1
region
Transit VPC VPC
VPC
VPN
VPN
Transit VPC Global VPN
backbone
https://aws.amazon.com/answers/networking/transit-vpc/
54. Software VPN (EC2)
Cost
Performance
Flexibility
Resiliency
• Any open-source or commercial vendor
• Opens up proprietary feature sets
• Customer responsible for HA and scaling
• Advanced solutions can be built using
automation
• Vendor licensing
• EC2 hourly cost
• High availability cost
• Data transfer
• VPC endpoint HA achieved by
additional EC2 instance in 2nd AZ
• Customer-side HA also recommended
• Defined by EC2 instance size & type
• Multi Gbps can be achieved per
VPN instance (for all tunnels)
• Multiple instances for the same VPC
are possible
60. Direct Connect – physical connectivity
1) Customer presence in the same DX location
61. Direct Connect – physical connectivity
1) Customer presence in the same DX location
2) Circuit between customer data center and DX location
62. Direct Connect – physical connectivity
1) Customer presence in the same DX location
2) Circuit between customer datacenter and DX location
3) Service provider network extending to DX location
63. 1) Customer router in colo
CORP
Internet
AWS Direct
Connect
Routers
Customer
Router
Colocation
DX Location
`
VPC
VPC
VPC
64. AWS Direct Connect
Letter of Authorization and Connecting Facility Assignment
Please consider this letter as notification for connecting facility assignment for the purpose of
establishing or augmenting connectivity between the parties identified above. This document authorizes
a connection to the ports indicated above. All charges for the physical connection are the sole
responsibility of company.
For location specific information on requesting a cross-connect, visit the "Requesting Cross-Connects"
section of the user guide:
http://docs.aws.amazon.com/DirectConnect/latest/UserGuide/Colocation.html
The requester(s) use of AWS services will be governed by the terms of the AWS Customer Agreement
(available at http://aws.amazon.com/agreement), or a separate agreement between the requester(s)
and AWS.
EXPIRATION NOTICE The authorized connectivity must be completed within 90 days of this LOA-CFA's
issue date or this LOA-CFA will expire.
* Amazon Corporate LLC is a subsidiary of Amazon.com, Inc.
Issue Date .
Oct 13, 2016
Issued By* .
Amazon Web Services Spain S.L.
Facility - Meet Me Room .
Interxion MAD2 – MAD2.211
Customer Demarcation/ZSide .
Rack: R77B1.R99B09
Patch Panel: PP2:SOUTH
Strands: 40818
Requested By .
Company requesting name
Issued To .
Interxion, Madrid, ESP
Connection ID ..
MAD50_Test
Optic and Connector Types ..
1000BASE-LX Single Mode Fiber (SMF)
Lucent Connector (LC)
Letter of Authorization
and Connecting
Facility Assignment
65. 1) Customer router in colo
CORP
Internet
AWS Direct
Connect
Routers
Customer
Router
Colocation
DX Location
`
VPC
VPC
VPC
69. 3) Service provider network
CORP
Internet
AWS Direct
Connect
Routers
DX Location
VPC
VPC
VPC
70. 3) Service provider network
CORP
Internet
AWS Direct
Connect
Routers
DX Location
Service Provider
Network
VPC
VPC
VPC
71. 3) Service provider network
CORP
Internet
AWS Direct
Connect
Routers
DX Location
Service Provider
Network
VPC
VPC
VPC
72. DX physical connectivity considerations
AWS account that owns the DX port?
Adding/removing virtual interfaces?
Routing ownership?
End-to-end costs?
73. Direct Connect – physical connectivity
1) Customer presence in the same DX location
2) Circuit between customer data center and DX location
3) Service provider network extending to DX location
74. Direct Connect – physical connectivity
1) Customer presence in the same DX location
2) Circuit between customer data center and DX location
3) Service provider network extending to DX location
Customer’s AWS account, interface control, routing. Cost: port + data transfer
75. Direct Connect – physical connectivity
1) Customer presence in the same DX location
2) Circuit between customer data center and DX location
3) Service provider network extending to DX location
Customer’s AWS account, interface control, routing. Cost: port + data transfer
Same as #1; add circuit cost. Sub 1-Gig can create only 1 virtual interface
76. Direct Connect – physical connectivity
1) Customer presence in the same DX location
2) Circuit between customer data center and DX location
3) Service provider network extending to DX location
Customer’s AWS account, interface control, routing. Cost: port + data transfer
Same as #1; add circuit cost. Sub 1-Gig can create only 1 virtual interface
Depends on provider’s offering
77. Direct Connect – physical connectivity
1) Customer presence in the same DX location
2) Circuit between customer data center and DX location
3) Service provider network extending to DX location
Customer’s AWS account, interface control, routing. Cost: port + data transfer
Same as #1; add circuit cost. Sub 1-Gig can create only 1 virtual interface
Depends on provider’s offering
78. Direct Connect cost considerations
Port hour + data transfer
Data in $0; data out differs by region
Factor in circuit costs
Calculate data center Internet costs (VPN)
94. Direct Connect (DX)
Cost
Performance
Flexibility
Resiliency
• 14 AWS regions, 42 POPs worldwide
• LOA provided within up to 72 hours
• Lead time of circuit build-out could take
weeks
• Port hours
• Data out transfer
• Service provider circuit / MPLS
• Colo cage (if applicable)
2 x DX in 2 locations + VPN
2 x DX in 2 separate locations
2 x DX in 1 DX location
DX + VPN
DX
• 1 Gbps or 10 Gbps ports
• 100, 200, 300, 400 or 500 Mbps
ports available through partners
• Equal-cost multipath via BGP means
2x10 G = 20 Gbps
95. Adapting the architecture
• Start with 1 AWS managed VPN
• Use VPN while DX is being built out
• Port hour charges begin when DX is up or 90 days
• DX is favored over VPN when both exist
• Add additional DX ports for resiliency / bandwidth
• Plan for failure, including facility failure
• Control traffic flow both ways using BGP and routing
• Raise support cases with AWS with any questions
130. AWS Direct Connect in the United States
Equinix SV
us-west-1
us-west-2
us-east-1
AWS Private Network
VPN to VGW
131. What are the options for connecting into AWS?
What is appropriate for my workloads?
How can I start small and grow with time?
Review
132. What are the options for connecting into AWS?
Review
• AWS-managed VPN
• Software VPN (EC2)
• Private virtual interface
• Public virtual interface
VPN Direct Connect
134. How can I start small and grow with time?
Review
• Connect using VPN in parallel to DX build out
• More DX locations = more resiliency
• Plan and test for resiliency, and repeat
periodically
• Talk to your AWS team