Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

Amazon Web Services Extends Virtual Private Cloud

Amazon Web Services has announced expanded functionality of its Virtual Private Cloud (Amazon VPC) Service, by letting enterprises specify which of their Amazon VPC resources they wish to make directly accessible to the Internet and which they do not.

Amazon Web Services has announced expanded functionality of its Virtual Private Cloud (Amazon VPC) Service, by letting enterprises specify which of their Amazon VPC resources they wish to make directly accessible to the Internet and which they do not.

Amazon Web Services LogoPreviously, AWS EC2 customers could provision a private, isolated section of the AWS cloud (called an Amazon VPC) and launch AWS resources into that VPC that were only accessible via a Virtual Private Network (VPN) connection to an existing enterprise datacenter. Amazon VPC was not directly accessible to the Internet. With today’s announcement enterprises no longer need a VPN or existing infrastructure resources in order to leverage Amazon VPC.

Enterprises can now define a virtual network topology in Amazon VPC that closely resembles a traditional network that they might operate in their own datacenter. Customers have complete control over the virtual networking environment, including selection of IP address range, creation of subnets, and configuration of route tables and network gateways. Users can easily customize the network configuration for Amazon VPC, for example creating a public-facing subnet for web servers that have access to the Internet, and placing backend systems such as databases or application servers in a private-facing subnet with no Internet access. Enterprises can continue to choose to connect Amazon VPC to their own existing IT infrastructure with an encrypted VPN connection, extending enterprises’ existing security and management policies to Amazon VPC instances as if they were running within an existing datacenter.

Amazon VPC enables enterprises to easily customize network configurations as well as leverage multiple layers of security for access to Amazon EC2 instances, including security groups and network access control lists. With Amazon VPC, enterprises can:

• Create an Amazon Virtual Private Cloud on AWS’s scalable infrastructure, and specify its private IP address range from any range they choose.

• Divide Amazon VPC’s private IP address range into one or more public or private subnets to facilitate running applications and services in Amazon VPC.

• Control inbound and outbound access to and from individual subnets using network access control lists.

• Store data in Amazon S3 and set permissions so the data can only be accessed from within Amazon VPC.

• Attach an Amazon Elastic IP Address to any Amazon VPC instance so it can be reached directly from the Internet.

Advertisement. Scroll to continue reading.

• Bridge Amazon VPC and an enterprise’s own IT infrastructure with an encrypted VPN connection, extending enterprises’ existing security and management policies to Amazon VPC instances as if they were running within an existing datacenter.

“We are very excited about this new offering from Amazon Web Services and how it will help with software deployment in the cloud,” said Dr. Wolfram Jost, Chief Technology Officer and member of the Executive Board, Software AG. “Using AWS to deploy software is a trend that we have seen many of our customers looking to adopt. With Amazon’s VPC Internet Gateway, customers will create network configurations that are familiar to what they have in their data center. It gives them the power to support their enterprise software deployments without having to reconfigure or reinvent their networking configuration. With Amazon’s VPC Internet Gateway, customers have the flexibility to adapt their deployed software as their needs change and their implementations grow. As we look to our vision for the cloud, ensuring that our customers can deploy their SOA and BPM based solutions built on webMethods software in an environment that is seamless to their on-premise solutions is a key need.”

In December, Amazon Web Services announced it had achieved Level 1 compliance with the Payment Card Industry (PCI) Data Security Standard (DSS), allowing its customers to run their applications on AWS PCI-compliant technology infrastructure to store, process and transmit credit card information in the cloud. In November 2010, AWS announced it had achieved ISO 27001 certification for its AWS infrastructure, data centers and several services. ISO 27001 (ISO/IEC 27001) is a global security standard that sets out requirements for an Information Security Management System.

Written By

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Conversations

SecurityWeek talks to Billy Spears, CISO at Teradata (a multi-cloud analytics provider), and Lea Kissner, CISO at cloud security firm Lacework.

Cloud Security

Cloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online.

CISO Strategy

Okta is blaming the recent hack of its support system on an employee who logged into a personal Google account on a company-managed laptop.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Cloud Security

Microsoft and Proofpoint are warning organizations that use cloud services about a recent consent phishing attack that abused Microsoft’s ‘verified publisher’ status.