Choosing an AWS networking and content delivery service

Consider how the network services you use fit with your migration and integration strategies. A hybrid networking architecture can help you meet this need by integrating your on-premises data center and AWS.

Review the networking and content delivery blogs in the Let’s architect! AWS blog series to see what others are building in the AWS Cloud.

Examine the third-party options available to help you accelerate your networking service adoption. The AWS Marketplace provides a curated digital catalog that you can use to find, buy, and deploy networking solutions.

Decide if working with an AWS Partner that specializes in networking and content delivery would be beneficial. Members of the AWS Partner Network are strategic experts and experienced builders that can help you meet your needs with the AWS Cloud.

Explore taking AWS networking online courses on AWS Skill Builder that cover services such as Amazon VPC, AWS Cloud WAN, and Amazon Route 53.

Networking services each have a particular role. Services such as AWS Cloud WAN and AWS Transit Gateway are suited for connecting workloads that are running in VPCs. Amazon API Gateway creates public APIs so that your customers can connect to your workloads. AWS Global Accelerator can help you improve the reliability, security, and latency of your workloads.

As the internet continues to grow, so does the need for IP addresses for devices. The most common format for IP addresses is IPv4. The latest format for IP addresses is IPv6. IPv6 provides more address space and solves the problem of IPv4 address exhaustion. AWS services support for IPv6 includes support for dual stack configuration (IPv4 or IPv6) or IPv6 only configurations. The number of AWS services that support IPv6 is growing continuously. To view the current services that support IPv6, see AWS services that support IPv6.

Businesses must protect customer data against evolving cyber risks. While Amazon VPC helps you to secure access to the workloads running in VPCs, consider enhanced data protection measures, such as AWS Network Firewall, AWS Shield, AWS WAF, and Amazon Route 53 Resolver DNS Firewall.

It's recommended that you employ application-level encryption (TLS), irrespective of the transport, as a defense in depth measure to help ensure confidentiality end-to-end.

If the workloads in your VPCs need to connect to other AWS services, you can connect to those services programmatically by using API endpoints over the public internet. However, if you want to send data over a private connection, use AWS PrivateLink. Many members of the AWS Partner Network offer their SaaS solutions through AWS PrivateLink.

The AWS global infrastructure is built on AWS Regions and Availability Zones. When you deploy your workloads to your VPCs, you should deploy to multiple Availability Zones to ensure that your workload is still available in the event of a single Availability Zone failure.

To improve the availability, scalability, security, and performance of the workloads running in your VPCs, consider load balancing (Elastic Load Balancing). You can use different types of load balancers depending on the needs of your applications. Each load balancer supports different types of traffic over different protocols and network layers aligned to the Open Systems Interconnection (OSI) model. For more information about the differences between load balancer types, see product comparisons.

If you want to minimize latency to local customers using web applications around the globe, consider using Amazon CloudFront. CloudFront is a content delivery network that delivers content to customers with the lowest latency possible.

If you’re running gaming, Internet of Things (IoT), or Voice over IP (VoIP) workloads, consider using AWS Global Accelerator. This service helps you improve your workloads’ availability and performance.

If the workloads in your VPCs need to connect to other AWS Regions, you can connect to those services programmatically using public API endpoints.

Managing IP addresses of workloads running in multiple VPCs can be difficult. Consider if you need to automate IP address management across your workloads (Amazon VPC IPAM).

If you’re using a microservice architecture, managing the connectivity, security, and monitoring between microservices can be a challenge. Consider if you need to automate microservice interaction (AWS App Mesh and Amazon VPC Lattice).

Consider the following for connecting to the AWS Cloud:

Consider the following for connecting networks:

Review and understand the AWS Shared Responsibility Model and how it applies to security in the AWS Cloud.

AWS security groups and network access control lists (NACLs) can be used together or on their own to secure a network, helping you to create a defense in depth security strategy.

Businesses must protect their network applications against evolving cyber risks. Consider if you will need to protect your workloads against malicious attacks or malware (with AWS Network Firewall), distributed denial of service (DDoS) attacks (with AWS Shield), or SQL injection and cross-site scripting attacks (with AWS WAF).

Amazon Route 53, AWS Firewall Manager, network access control lists, and security groups are also important to consider in ensuring network security.

What is Amazon CloudFront?

Learn about speeding up content distribution.

Explore the guide

Getting started with Amazon CloudFront

Learn the basic steps to delivering content with CloudFront.

Explore the guide

Hosting on-demand streaming video with Amazon S3, Amazon CloudFront, and Amazon Route 53

Learn how to host videos for on-demand viewing in a secure and scalable way.

Get started with the tutorial

Deliver content faster with Amazon CloudFront

Learn how to decrease the end user latency of your web applications.

Get started with the tutorial

What is AWS Cloud WAN?

Learn how to build, manage, and monitor a unified global network.

Explore the guide

Introducing AWS Cloud WAN

Learn about the main use cases for AWS Cloud WAN and how to get started.

Read the blog

Getting started with AWS Cloud WAN

Create your first global network and attach a VPC.

Get started with the tutorial

What is AWS Direct Connect?

Learn about connecting an on-premises network to AWS.

Explore the guide

Getting started with AWS Direct Connect

Watch a brief introduction to AWS Direct Connect and how to prepare your on-premises network to connect to AWS.

Watch the video

Connect your data center to AWS

Connect your data center to AWS using AWS Direct Connect.

Get started with the tutorial

What is AWS Global Accelerator?

Learn about improving the performance of your workloads.

Explore the guide

Getting started with a standard accelerator

Create an accelerator to improve the network performance of a workload running on an EC2 instance.

Get started with the tutorial

Improve global application availability and performance for your traffic

Watch a brief demonstration on setting up AWS Global Accelerator to improve network performance.

Watch the video

What is AWS PrivateLink?

Learn how to privately connect your VPC to services.

Explore the guide

Get started with AWS PrivateLink

Send a request from an EC2 instance in a private subnet to Amazon CloudWatch using PrivateLink.

Get started with the tutorial

Expedite your IPv6 adoption with PrivateLink services and endpoints

Customers with large internet footprints feel the strain of public IPv4 address exhaustion. Learn how you can increase IPv6 usage within VPCs using PrivateLink.

Read the blog

What is Amazon Route 53?

Learn about highly available and scalable domain name resolution.

Explore the guide

Amazon Route 53 use case tutorials

How to use Route 53 for use cases based on traffic and latency.

Get started with the tutorial

How to register a domain name with Amazon Route 53

This tutorial helps you register a new domain name for a web application.

Get started with the tutorial

Amazon Route 53 introduction

Watch a brief introduction to domain name resolution and Route 53.

Watch the video

What is AWS Data Transfer Terminal?

Learn how you can quickly upload or download large datasets to the AWS Cloud using your own storage devices.

Explore the guide

Introducing AWS Data Transfer Terminal

Learn about the main use cases and how to get started.

Read the blog

What is AWS Site-to-Site VPN?

Learn about connecting remote users to AWS over VPN.

Explore the guide

Getting started with AWS Site-to-Site VPN

Set up a Site-to-Site VPN connection between an on-premises device and AWS.

Get started with the tutorial

AWS Site-to-Site VPN, choosing the right options to optimize performance

Choose the best options when setting up a VPN connection to AWS.

Read the blog

What is a transit gateway?

Learn how to connect VPCs with transit gateways.

Explore the guide

Example transit gateway use cases

View common use cases for transit gateways.

Explore the guide

AWS Transit Gateway workshop

In this hands-on workshop, learn how to deploy Transit Gateway in single Region and single account, multi-account, and multi-Region setups.

Start the workshop

What is Amazon VPC?

Learn about virtual private clouds and the features of Amazon VPC.

Explore the guide

Get started with Amazon VPC

A guide to quickly getting started with Amazon VPC.

Explore the guide

Example VPC configurations

View example VPC configurations based on different use cases.

Explore the guide

Modular and scalable VPC architecture

Build a virtual networking foundation based on AWS best practices for your AWS Cloud infrastructure.

Get started with the tutorial

What is IPAM?

Learn how to track and manage IP address usage.

Explore the guide

Amazon VPC IP Address Manager (IPAM) best practices

Learn how to create a scalable IP address management plan.

Read the blog

Creating pools to manage your IP space

Watch a brief video introduction to VPC IPAM.

Watch the video

What is Amazon API Gateway?

Learn about creating APIs for your workloads.

Explore the guide

Building APIs with Amazon API Gateway

Learn how to get started building APIs in AWS.

Watch the video

Configuring private integrations with Amazon API Gateway HTTP APIs

Learn how to create an API to control private access to resources in a VPC.

Read the blog

What is AWS Client VPN?

Learn about connecting networks to AWS over VPN.

Explore the guide

Getting started with AWS Client VPN

Download the AWS Client VPN application and connect to AWS over VPN.

Explore the guide

Scenarios and examples for AWS Client VPN

See examples for creating and configuring Client VPN access for your clients.

Explore the examples

What is Elastic Load Balancing?

Learn about distributing incoming traffic across your workloads.

Explore the guide

Getting started with Elastic Load Balancing

Learn the difference between the different types of load balancers and create a load balancer.

Explore the guide

How to choose the right load balancer for your AWS workloads

Choose the right option to load balance traffic to your workloads.

Watch the video

Getting started with AWS Firewall Manager policies

Learn how to use AWS Firewall Manager to enable a number of different types of security policies.

Explore the guide

How to continuously audit and limit security groups with AWS Firewall Manager

This blog post demonstrates how to use AWS Firewall Manager to limit security groups to help ensure that only required ports are open.

Explore the guide

Use AWS Firewall Manager to deploy protection at scale in AWS Organizations

This post provides step-by-step instructions to deploy and manage security policies across your AWS Organizations implementation by using AWS Firewall Manager.

Explore the guide

What is AWS Network Firewall?

Learn about network firewall and intrusion detection.

Explore the guide

Getting started with AWS Network Firewall

Quickly create and manage a network firewall for a VPC.

Get started with the tutorial

AWS Network Firewall animated explainer video

Watch a brief video introduction to AWS Network Firewall.

Watch the video

What is AWS Shield?

Learn about DDoS protection.

Explore the guide

Examples of basic DDoS resilient architectures

Learn about some common DDoS-resilient architectures.

Explore the guide

AWS Shield animated explainer video

Watch a brief video introduction to AWS Shield.

Watch the video

Tutorial: Getting started with Verified Access

In this tutorial, you will learn how to create and configure Verified Access resources.

Explore the guide

AWS Verified Access Integration with third party identity providers

This blog post shows you how to integrate Verified Access (AVA) with the third party Okta identity provider.

Explore the guide

Integrating AWS Verified Access with device trust providers

This blog post discusses how to architect Zero Trust based remote connectivity on AWS.

Explore the examples

What is Amazon VPC Lattice?

Learn about connecting, securing, and monitoring the microservices in your workloads.

Explore the guide

Setting up Amazon VPC Lattice

Set up and launch VPC Lattice for the first time.

Explore the guide

Build secure multi-account multi-VPC connectivity for your applications with Amazon VPC Lattice

An introduction to how you can use VPC Lattice to solve VPC connectivity challenges.

Read the blog

Amazon VPC Lattice animated explainer

Watch a brief animated video about VPC Lattice.

Watch the video

What is AWS WAF?

Learn about controlling access to your workloads.

Explore the guide

Getting started with AWS WAF

Watch a brief video on how you can use AWS WAF to protect your workloads against web exploits and bots.

Watch the video

Video introduction to AWS WAF

Watch a brief video introduction to AWS WAF.

Watch the video