SlideShare uma empresa Scribd logo

Seven Criteria for Building an AWS Global Transit Network

K
Khash Nakhostin

Global Transit Network architecture is critical to the success of your AWS cloud deployment. Implemented correctly, a Global Transit Hub enables traffic to securely flow from on-prem to VPCs, or from VPC to VPC, in a way that minimizes complexity and cost and maximizes agility and availability. Implemented poorly, it becomes a choke point that is time-consuming – and costly – to maintain and troubleshoot.

Tecnologia
1 de 18
Baixar para ler offline
Seven Criteria for Building an AWS Global Transit Network AWS Bootcamp Series – December 2017 Frank Cabri, VP Product Marketing Sherry Wei, Founder & CTO
© 2017 AVIATRIX SYSTEMS, INC . | 2© 2017 AVIATRIX SYSTEMS, INC . | 2 • Agenda - AWS Hybrid Cloud Topologies - 7 Criteria to Consider When Designing a Global Transit Network - Hands on Demonstration - Live Q&A • Ask Questions via the Q&A Window Welcome & Agenda Sherry Wei Founder & CTO
© 2017 AVIATRIX SYSTEMS, INC . | 3© 2017 AVIATRIX SYSTEMS, INC . | 3 Your Cloud Evolution Drives VPC Topology BGP Direct Connect BGP BGP VGW BGP On Premises Data Center BGPBGPBGPBGP Flat Architecture
© 2017 AVIATRIX SYSTEMS, INC . | 4© 2017 AVIATRIX SYSTEMS, INC . | 4 Your Cloud Evolution Drives VPC Topology BGP Direct Connect BGP BGP VGW BGP On Premises Data Center BGPBGPBGPBGP Flat Architecture … BGP BGP BGP BGP BGP BGP On Premises Data Center Transit Architecture Direct Connect
© 2017 AVIATRIX SYSTEMS, INC . | 5© 2017 AVIATRIX SYSTEMS, INC . | 5 Your Cloud Evolution Drives VPC Topology BGP Direct Connect BGP BGP VGW BGP On Premises Data Center BGPBGPBGPBGP Flat Architecture … BGP BGP BGP SDN SDN SDN SDN On Premises Data Center Transit + Services Architecture Direct Connect … BGP BGP BGP BGP BGP BGP On Premises Data Center Transit Architecture Direct Connect
© 2017 AVIATRIX SYSTEMS, INC . | 6© 2017 AVIATRIX SYSTEMS, INC . | 6 Global Transit Network – Key Criteria Explained 1. Agility 2. Scalability 3. Security 4. Visibility 5. High Availability 6. Reliability 7. Cost
© 2017 AVIATRIX SYSTEMS, INC . | 7© 2017 AVIATRIX SYSTEMS, INC . | 7 Networking has always been measured by speeds and feeds, never measured by agility, so why now? - Expectations: Developers spin up EC2s in minutes, no patience for network connectivity that takes days or weeks. What’s your expectation of time to provision a new connection? - VPC Quantity: The number of VPCs is orders of magnitude more than the number of datacenters. - The Buzz: CloudFormation and Terraform are the tools of choice. What to look for? - Central orchestration capability. - Does it support Dry Run before committing to a change? - Is an API readily available for automation? Does a Terraform provider template exist for integration? 1. Agility
© 2017 AVIATRIX SYSTEMS, INC . | 8© 2017 AVIATRIX SYSTEMS, INC . | 8 Why does it matter? - Large-size enterprises should expect to have thousands of VPCs. - Mid-size enterprises should expect to have hundreds of VPCs. - Many teams, business groups, projects and apps => many AWS accounts. Limitations you should be aware of? - 100 non-propagated route limits. - 100 propagated route limits. - 125 PCX per VPC. What to look for? - Your network architecture should sustain long-term growth requirements. - There should be no single point of performance bottleneck. 2. Scalability
© 2017 AVIATRIX SYSTEMS, INC . | 9© 2017 AVIATRIX SYSTEMS, INC . | 9 Why does it matter? - Internal/external compliance policy (eg: encryption everywhere). - In AWS, security is a shared responsibility model and so you must do your part. What to look for? - On-prem to VPC - Does a private link (not encrypted) such as Direct Connect meet your data privacy requirements? - VPC to VPC - Do you allow connectivity between VPCs that belong to different AWS accounts? - Are you aware that many DevOps tools are not encrypted? 3. Security CONTINUED …
© 2017 AVIATRIX SYSTEMS, INC . | 10© 2017 AVIATRIX SYSTEMS, INC . | 10 What to look for? - VPC to Internet (Egress) - Do you allow instances on private subnets in a VPC to access the Internet directly? - What egress controls and policies do you require? - Should egress controls be implemented per region or per VPC? - Are you sure that you are enforcing the policy everywhere you think you are enforcing (audit)? - Internet to VPC (Ingress) - What protection is needed for EC2 instances with a public IP address? - User to VPC - Do you allow Developers and/or the Ops team to directly access the VPC and instances? Do you allow access when they are remote? - How do you manage this access? Who has access to which account? Is this based on job profile? How do you do provisioning, de-provisioning and tracking? 3. Security CONTINUED …
© 2017 AVIATRIX SYSTEMS, INC . | 11© 2017 AVIATRIX SYSTEMS, INC . | 11 Why does it matter? - Visibility is table stakes for any operations team to be successful. - Cloud environments change very fast and visibility is key to being on top of the changes and updates. - At cloud scale with hundreds to thousands of VPCs, the only way to effectively manage is through alerts, dashboards and troubleshooting/forensics tools. What to look for? - Does the product visualize the entire cloud network connectivity? - Can the logs be exported to a centralized services like Splunk, Sumo etc. - What kind of alerts are available when connectivity is down? - Can the product provide traceroutes and packet capture? - Are additional insights available for EC2-to-EC2 connectivity problems? 4. Visibility
© 2017 AVIATRIX SYSTEMS, INC . | 12© 2017 AVIATRIX SYSTEMS, INC . | 12 5. High Availability Why does it matter? - Your production is running in the cloud. The network has to stay up. Good to know - AWS VGW support for DX+DX, DX+Internet. What to look for? - How is the High Availability orchestrated? Is it productized? - Does the solution support single AZ fail over (cost optimized)? - Does the solution support multi AZ fail over (failover time optimized)?
© 2017 AVIATRIX SYSTEMS, INC . | 13© 2017 AVIATRIX SYSTEMS, INC . | 13 6. Simplicity Why does it matter? - Cloud is new; skill sets are scarce and so the cloud ends up being complex. - Complexity leads to mistakes, and networking mistakes can bring down the entire cloud connectivity. (For example: fat fingering a route table update.) - Cloud providers are changing very fast. Are you on top of all the new functionalities and updates? What to look for? - Automation. - Orchestration. - Integration with your Cloud Ops stack of tools.
© 2017 AVIATRIX SYSTEMS, INC . | 14© 2017 AVIATRIX SYSTEMS, INC . | 14 Why does it matter? - A non-optimal architectural choice can lead to exponentially increasing costs. - Cost is often hidden under many line items under many accounts. - Cost was one of the drivers why you went to cloud in the first place. What to look for? - Deployment costs: Compare the initial and at-scale product costs. - Operational costs: - Monitoring and troubleshooting complexity. - Do you have visibility into every network endpoint for troubleshooting? - People cost: - Can a CCNA or CloudOps engineer maintain the network? - Support costs: - Does the product come with tools for troubleshooting? - What kind of support do you get from the vendor when your network has problems? 7. Costs
Introducing Aviatrix for AWS Global Transit Network
© 2017 AVIATRIX SYSTEMS, INC . | 16© 2017 AVIATRIX SYSTEMS, INC . | 16 Aviatrix Solution …. VGW Shared Service VPC(s) Transit VPC Hub Spoke VPC(s) Direct Connect / Internet On Prem 1 Transport Architecture Shared Services Architecture Controller (AWS or Aviatrix Peerings) On Prem 2 GW GW GW GW GW GW GW (Aviatrix Transit Network) BGP
Q & A
© 2017 AVIATRIX SYSTEMS, INC . | 18© 2017 AVIATRIX SYSTEMS, INC . | 18 • You’ll receive email w/ link to replay, slides, and GTN eval checklist • Request meeting or further demo: http://aviatrix.com/contact/ • Download the free trial on AWS Marketplace (search for Aviatrix) Next Steps with Aviatrix

Recomendados

Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?Khash Nakhostin
 
Securely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In MinutesSecurely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In MinutesKhash Nakhostin
 
Getting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysGetting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysKhash Nakhostin
 
Five Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNetsFive Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNetsKhash Nakhostin
 
What You Need to Know About Operationalizing Your AWS Transit Hub
What You Need to Know About Operationalizing Your AWS Transit HubWhat You Need to Know About Operationalizing Your AWS Transit Hub
What You Need to Know About Operationalizing Your AWS Transit HubKhash Nakhostin
 
Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”Khash Nakhostin
 
Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...
Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...
Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...Khash Nakhostin
 
Secure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t Enough
Secure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t EnoughSecure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t Enough
Secure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t EnoughKhash Nakhostin
 

Recomendados

Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?Securing Your AWS Global Transit Network: Are You Asking the Right Questions?
Securing Your AWS Global Transit Network: Are You Asking the Right Questions?Khash Nakhostin
 
Securely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In MinutesSecurely Connecting Your Customers to Their Cloud-Hosted App – In Minutes
Securely Connecting Your Customers to Their Cloud-Hosted App – In MinutesKhash Nakhostin
 
Getting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysGetting the Most Value from Your Aviatrix Controller & Gateways
Getting the Most Value from Your Aviatrix Controller & GatewaysKhash Nakhostin
 
Five Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNetsFive Connectivity and Security Use Cases for Azure VNets
Five Connectivity and Security Use Cases for Azure VNetsKhash Nakhostin
 
What You Need to Know About Operationalizing Your AWS Transit Hub
What You Need to Know About Operationalizing Your AWS Transit HubWhat You Need to Know About Operationalizing Your AWS Transit Hub
What You Need to Know About Operationalizing Your AWS Transit HubKhash Nakhostin
 
Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”Three Innovations that Define a “Next-Generation Global Transit Hub”
Three Innovations that Define a “Next-Generation Global Transit Hub”Khash Nakhostin
 
Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...
Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...
Security Requirements and Tradeoffs for Controlling VPC-to-Internet Egress Tr...Khash Nakhostin
 
Secure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t Enough
Secure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t EnoughSecure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t Enough
Secure Remote Access to AWS: Why OpenVPN & Jump Hosts Aren’t EnoughKhash Nakhostin
 
Network Troubleshooting in the Cloud: Tools, Techniques and Gotchas
Network Troubleshooting in the Cloud: Tools, Techniques and GotchasNetwork Troubleshooting in the Cloud: Tools, Techniques and Gotchas
Network Troubleshooting in the Cloud: Tools, Techniques and GotchasKhash Nakhostin
 
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersUnderstanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersDevOps.com
 
Demystifying Service Mesh
Demystifying Service MeshDemystifying Service Mesh
Demystifying Service MeshMitchell Pronschinske
 
How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS ThousandEyes
 
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectCDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectThousandEyes
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservicesNGINX, Inc.
 
Api Management with Service Mesh
Api Management with Service MeshApi Management with Service Mesh
Api Management with Service MeshLakmal Warusawithana
 
VPC and Datacenter Connectivity Options
VPC and Datacenter Connectivity OptionsVPC and Datacenter Connectivity Options
VPC and Datacenter Connectivity Optionsjohn homer alvero
 
WWT: NFV Solutions Presentation from Cisco Live 2017
WWT: NFV Solutions Presentation from Cisco Live 2017WWT: NFV Solutions Presentation from Cisco Live 2017
WWT: NFV Solutions Presentation from Cisco Live 2017World Wide Technology
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Centurylink - Acceleration and securing modern applications!
Centurylink - Acceleration and securing modern applications!Centurylink - Acceleration and securing modern applications!
Centurylink - Acceleration and securing modern applications!Regis Allen
 
Network monitoring for the modern wan webinar
Network monitoring for the modern wan webinarNetwork monitoring for the modern wan webinar
Network monitoring for the modern wan webinarThousandEyes
 
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...Avi Networks
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshNGINX, Inc.
 
Handling Secrets in Your Cloud Native Architecture
Handling Secrets in Your Cloud Native ArchitectureHandling Secrets in Your Cloud Native Architecture
Handling Secrets in Your Cloud Native ArchitectureVMware Tanzu
 
Layer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service MeshLayer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service MeshMitchell Pronschinske
 
How ThousandEyes Helps Atlassian Operate in the Public Cloud
How ThousandEyes Helps Atlassian Operate in the Public Cloud How ThousandEyes Helps Atlassian Operate in the Public Cloud
How ThousandEyes Helps Atlassian Operate in the Public Cloud ThousandEyes
 
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Amazon Web Services
 
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...Amazon Web Services
 

Mais conteúdo relacionado

Mais procurados

Network Troubleshooting in the Cloud: Tools, Techniques and Gotchas
Network Troubleshooting in the Cloud: Tools, Techniques and GotchasNetwork Troubleshooting in the Cloud: Tools, Techniques and Gotchas
Network Troubleshooting in the Cloud: Tools, Techniques and GotchasKhash Nakhostin
 
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersUnderstanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersDevOps.com
 
How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS ThousandEyes
 
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectCDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectThousandEyes
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXNGINX, Inc.
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservicesNGINX, Inc.
 
VPC and Datacenter Connectivity Options
VPC and Datacenter Connectivity OptionsVPC and Datacenter Connectivity Options
VPC and Datacenter Connectivity Optionsjohn homer alvero
 
WWT: NFV Solutions Presentation from Cisco Live 2017
WWT: NFV Solutions Presentation from Cisco Live 2017WWT: NFV Solutions Presentation from Cisco Live 2017
WWT: NFV Solutions Presentation from Cisco Live 2017World Wide Technology
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXNGINX, Inc.
 
Centurylink - Acceleration and securing modern applications!
Centurylink - Acceleration and securing modern applications!Centurylink - Acceleration and securing modern applications!
Centurylink - Acceleration and securing modern applications!Regis Allen
 
Network monitoring for the modern wan webinar
Network monitoring for the modern wan webinarNetwork monitoring for the modern wan webinar
Network monitoring for the modern wan webinarThousandEyes
 
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...Avi Networks
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsNGINX, Inc.
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerNGINX, Inc.
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshNGINX, Inc.
 
Handling Secrets in Your Cloud Native Architecture
Handling Secrets in Your Cloud Native ArchitectureHandling Secrets in Your Cloud Native Architecture
Handling Secrets in Your Cloud Native ArchitectureVMware Tanzu
 
Layer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service MeshLayer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service MeshMitchell Pronschinske
 
How ThousandEyes Helps Atlassian Operate in the Public Cloud
How ThousandEyes Helps Atlassian Operate in the Public Cloud How ThousandEyes Helps Atlassian Operate in the Public Cloud
How ThousandEyes Helps Atlassian Operate in the Public Cloud ThousandEyes
 

Mais procurados (20)

Network Troubleshooting in the Cloud: Tools, Techniques and Gotchas
Network Troubleshooting in the Cloud: Tools, Techniques and GotchasNetwork Troubleshooting in the Cloud: Tools, Techniques and Gotchas
Network Troubleshooting in the Cloud: Tools, Techniques and Gotchas
 
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps EngineersUnderstanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
Understanding the New Enterprise Multi-Cloud Backbone for DevOps Engineers
 
Demystifying Service Mesh
Demystifying Service MeshDemystifying Service Mesh
Demystifying Service Mesh
 
How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS How Intuit Monitors Connectivity to AWS
How Intuit Monitors Connectivity to AWS
 
CDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes ConnectCDN Performance at eBay from Thousandeyes Connect
CDN Performance at eBay from Thousandeyes Connect
 
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINXStrengthen Security and Traffic Visibility on Amazon EKS with NGINX
Strengthen Security and Traffic Visibility on Amazon EKS with NGINX
 
Fundamentals of microservices
Fundamentals of microservicesFundamentals of microservices
Fundamentals of microservices
 
Api Management with Service Mesh
Api Management with Service MeshApi Management with Service Mesh
Api Management with Service Mesh
 
VPC and Datacenter Connectivity Options
VPC and Datacenter Connectivity OptionsVPC and Datacenter Connectivity Options
VPC and Datacenter Connectivity Options
 
WWT: NFV Solutions Presentation from Cisco Live 2017
WWT: NFV Solutions Presentation from Cisco Live 2017WWT: NFV Solutions Presentation from Cisco Live 2017
WWT: NFV Solutions Presentation from Cisco Live 2017
 
Control Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINXControl Kubernetes Ingress and Egress Together with NGINX
Control Kubernetes Ingress and Egress Together with NGINX
 
Centurylink - Acceleration and securing modern applications!
Centurylink - Acceleration and securing modern applications!Centurylink - Acceleration and securing modern applications!
Centurylink - Acceleration and securing modern applications!
 
Network monitoring for the modern wan webinar
Network monitoring for the modern wan webinarNetwork monitoring for the modern wan webinar
Network monitoring for the modern wan webinar
 
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...
How Multi-Cloud Load Balancing Automates Application Delivery and Drives Oper...
 
What's New with NGINX Application Security Solutions
What's New with NGINX Application Security SolutionsWhat's New with NGINX Application Security Solutions
What's New with NGINX Application Security Solutions
 
Production-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress ControllerProduction-Grade Kubernetes With NGINX Ingress Controller
Production-Grade Kubernetes With NGINX Ingress Controller
 
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service MeshData Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
Data Plane Matters! A Deep Dive and Demo on NGINX Service Mesh
 
Handling Secrets in Your Cloud Native Architecture
Handling Secrets in Your Cloud Native ArchitectureHandling Secrets in Your Cloud Native Architecture
Handling Secrets in Your Cloud Native Architecture
 
Layer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service MeshLayer 7 Observability and Centralized Configuration with Consul Service Mesh
Layer 7 Observability and Centralized Configuration with Consul Service Mesh
 
How ThousandEyes Helps Atlassian Operate in the Public Cloud
How ThousandEyes Helps Atlassian Operate in the Public Cloud How ThousandEyes Helps Atlassian Operate in the Public Cloud
How ThousandEyes Helps Atlassian Operate in the Public Cloud
 

Semelhante a Seven Criteria for Building an AWS Global Transit Network

Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Amazon Web Services
 
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...Amazon Web Services
 
5 Best Practices for Building an AWS Global Transit Network
5 Best Practices for Building an AWS Global Transit Network 5 Best Practices for Building an AWS Global Transit Network
5 Best Practices for Building an AWS Global Transit NetworkAmazon Web Services
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetupcornelia davis
 
Tech Talk - Cloud Transformation in 2017
Tech Talk - Cloud Transformation in 2017Tech Talk - Cloud Transformation in 2017
Tech Talk - Cloud Transformation in 2017Alex Rhea
 
Welcome to the Multi-cloud world
Welcome to the Multi-cloud worldWelcome to the Multi-cloud world
Welcome to the Multi-cloud worldLew Tucker
 
Realise True Business Value With ThousandEyes
Realise True Business Value With ThousandEyesRealise True Business Value With ThousandEyes
Realise True Business Value With ThousandEyesThousandEyes
 
Realize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesRealize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesThousandEyes
 
透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)
透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)
透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)Amazon Web Services
 
How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017
How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017
How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017Amazon Web Services
 
AWS Core Services Overview, Immersion Day Huntsville 2019
AWS Core Services Overview, Immersion Day Huntsville 2019AWS Core Services Overview, Immersion Day Huntsville 2019
AWS Core Services Overview, Immersion Day Huntsville 2019Amazon Web Services
 
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudPSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudRohit Agarwalla
 
Data Center Migration to the AWS Cloud
Data Center Migration to the AWS CloudData Center Migration to the AWS Cloud
Data Center Migration to the AWS CloudTom Laszewski
 
Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...
Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...
Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...Jürgen Ambrosi
 
NET309_Best Practices for Securing an Amazon Virtual Private Cloud
NET309_Best Practices for Securing an Amazon Virtual Private CloudNET309_Best Practices for Securing an Amazon Virtual Private Cloud
NET309_Best Practices for Securing an Amazon Virtual Private CloudAmazon Web Services
 
AWS SysOps Administrator Training | AWS SysOps Tutorial | Edureka
AWS SysOps Administrator Training | AWS SysOps Tutorial | EdurekaAWS SysOps Administrator Training | AWS SysOps Tutorial | Edureka
AWS SysOps Administrator Training | AWS SysOps Tutorial | EdurekaEdureka!
 
AWS Partner Webcast - Data Center Migration to the AWS Cloud
AWS Partner Webcast - Data Center Migration to the AWS CloudAWS Partner Webcast - Data Center Migration to the AWS Cloud
AWS Partner Webcast - Data Center Migration to the AWS CloudAmazon Web Services
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco Canada
 
Wavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowWavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowAnil Gupta (AJ) - vExpert
 

Semelhante a Seven Criteria for Building an AWS Global Transit Network (20)

Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
Learn How Salesforce used ADCs for App Load Balancing for an International Ro...
 
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
MSC202_Learn How Salesforce Used ADCs for App Load Balancing for an Internati...
 
5 Best Practices for Building an AWS Global Transit Network
5 Best Practices for Building an AWS Global Transit Network 5 Best Practices for Building an AWS Global Transit Network
5 Best Practices for Building an AWS Global Transit Network
 
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry MeetupPivotal Container Service (PKS) at SF Cloud Foundry Meetup
Pivotal Container Service (PKS) at SF Cloud Foundry Meetup
 
Upmc tpdev3
Upmc tpdev3Upmc tpdev3
Upmc tpdev3
 
Tech Talk - Cloud Transformation in 2017
Tech Talk - Cloud Transformation in 2017Tech Talk - Cloud Transformation in 2017
Tech Talk - Cloud Transformation in 2017
 
Welcome to the Multi-cloud world
Welcome to the Multi-cloud worldWelcome to the Multi-cloud world
Welcome to the Multi-cloud world
 
Realise True Business Value With ThousandEyes
Realise True Business Value With ThousandEyesRealise True Business Value With ThousandEyes
Realise True Business Value With ThousandEyes
 
Realize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyesRealize True Business Value With ThousandEyes
Realize True Business Value With ThousandEyes
 
透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)
透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)
透過最新的 AWS 服務在 2019 年為您的業務轉型 (Level 200)
 
How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017
How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017
How Do I Build a Global Transit Network on AWS? - MSC302 - re:Invent 2017
 
AWS Core Services Overview, Immersion Day Huntsville 2019
AWS Core Services Overview, Immersion Day Huntsville 2019AWS Core Services Overview, Immersion Day Huntsville 2019
AWS Core Services Overview, Immersion Day Huntsville 2019
 
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google CloudPSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
PSOCLD 1007 Cisco Hybrid Cloud Platform for Google Cloud
 
Data Center Migration to the AWS Cloud
Data Center Migration to the AWS CloudData Center Migration to the AWS Cloud
Data Center Migration to the AWS Cloud
 
Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...
Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...
Proposte ORACLE per la gestione dei contenuti digitali e per la ricerca scien...
 
NET309_Best Practices for Securing an Amazon Virtual Private Cloud
NET309_Best Practices for Securing an Amazon Virtual Private CloudNET309_Best Practices for Securing an Amazon Virtual Private Cloud
NET309_Best Practices for Securing an Amazon Virtual Private Cloud
 
AWS SysOps Administrator Training | AWS SysOps Tutorial | Edureka
AWS SysOps Administrator Training | AWS SysOps Tutorial | EdurekaAWS SysOps Administrator Training | AWS SysOps Tutorial | Edureka
AWS SysOps Administrator Training | AWS SysOps Tutorial | Edureka
 
AWS Partner Webcast - Data Center Migration to the AWS Cloud
AWS Partner Webcast - Data Center Migration to the AWS CloudAWS Partner Webcast - Data Center Migration to the AWS Cloud
AWS Partner Webcast - Data Center Migration to the AWS Cloud
 
Cisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse localeCisco connect montreal 2018 vision mondiale analyse locale
Cisco connect montreal 2018 vision mondiale analyse locale
 
Wavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindowWavefront by vmware june 2019 - legraswindow
Wavefront by vmware june 2019 - legraswindow
 

Último

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Victor Rentea
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...apidays
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024The Digital Insurer
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyKhushali Kathiriya
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...DianaGray10
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsNanddeep Nachan
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 

Último (20)

Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024Manulife - Insurer Transformation Award 2024
Manulife - Insurer Transformation Award 2024
 
Artificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : UncertaintyArtificial Intelligence Chap.5 : Uncertainty
Artificial Intelligence Chap.5 : Uncertainty
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
MS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectorsMS Copilot expands with MS Graph connectors
MS Copilot expands with MS Graph connectors
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 

Seven Criteria for Building an AWS Global Transit Network

  • 1. Seven Criteria for Building an AWS Global Transit Network AWS Bootcamp Series – December 2017 Frank Cabri, VP Product Marketing Sherry Wei, Founder & CTO
  • 2. © 2017 AVIATRIX SYSTEMS, INC . | 2© 2017 AVIATRIX SYSTEMS, INC . | 2 • Agenda - AWS Hybrid Cloud Topologies - 7 Criteria to Consider When Designing a Global Transit Network - Hands on Demonstration - Live Q&A • Ask Questions via the Q&A Window Welcome & Agenda Sherry Wei Founder & CTO
  • 3. © 2017 AVIATRIX SYSTEMS, INC . | 3© 2017 AVIATRIX SYSTEMS, INC . | 3 Your Cloud Evolution Drives VPC Topology BGP Direct Connect BGP BGP VGW BGP On Premises Data Center BGPBGPBGPBGP Flat Architecture
  • 4. © 2017 AVIATRIX SYSTEMS, INC . | 4© 2017 AVIATRIX SYSTEMS, INC . | 4 Your Cloud Evolution Drives VPC Topology BGP Direct Connect BGP BGP VGW BGP On Premises Data Center BGPBGPBGPBGP Flat Architecture … BGP BGP BGP BGP BGP BGP On Premises Data Center Transit Architecture Direct Connect
  • 5. © 2017 AVIATRIX SYSTEMS, INC . | 5© 2017 AVIATRIX SYSTEMS, INC . | 5 Your Cloud Evolution Drives VPC Topology BGP Direct Connect BGP BGP VGW BGP On Premises Data Center BGPBGPBGPBGP Flat Architecture … BGP BGP BGP SDN SDN SDN SDN On Premises Data Center Transit + Services Architecture Direct Connect … BGP BGP BGP BGP BGP BGP On Premises Data Center Transit Architecture Direct Connect
  • 6. © 2017 AVIATRIX SYSTEMS, INC . | 6© 2017 AVIATRIX SYSTEMS, INC . | 6 Global Transit Network – Key Criteria Explained 1. Agility 2. Scalability 3. Security 4. Visibility 5. High Availability 6. Reliability 7. Cost
  • 7. © 2017 AVIATRIX SYSTEMS, INC . | 7© 2017 AVIATRIX SYSTEMS, INC . | 7 Networking has always been measured by speeds and feeds, never measured by agility, so why now? - Expectations: Developers spin up EC2s in minutes, no patience for network connectivity that takes days or weeks. What’s your expectation of time to provision a new connection? - VPC Quantity: The number of VPCs is orders of magnitude more than the number of datacenters. - The Buzz: CloudFormation and Terraform are the tools of choice. What to look for? - Central orchestration capability. - Does it support Dry Run before committing to a change? - Is an API readily available for automation? Does a Terraform provider template exist for integration? 1. Agility
  • 8. © 2017 AVIATRIX SYSTEMS, INC . | 8© 2017 AVIATRIX SYSTEMS, INC . | 8 Why does it matter? - Large-size enterprises should expect to have thousands of VPCs. - Mid-size enterprises should expect to have hundreds of VPCs. - Many teams, business groups, projects and apps => many AWS accounts. Limitations you should be aware of? - 100 non-propagated route limits. - 100 propagated route limits. - 125 PCX per VPC. What to look for? - Your network architecture should sustain long-term growth requirements. - There should be no single point of performance bottleneck. 2. Scalability
  • 9. © 2017 AVIATRIX SYSTEMS, INC . | 9© 2017 AVIATRIX SYSTEMS, INC . | 9 Why does it matter? - Internal/external compliance policy (eg: encryption everywhere). - In AWS, security is a shared responsibility model and so you must do your part. What to look for? - On-prem to VPC - Does a private link (not encrypted) such as Direct Connect meet your data privacy requirements? - VPC to VPC - Do you allow connectivity between VPCs that belong to different AWS accounts? - Are you aware that many DevOps tools are not encrypted? 3. Security CONTINUED …
  • 10. © 2017 AVIATRIX SYSTEMS, INC . | 10© 2017 AVIATRIX SYSTEMS, INC . | 10 What to look for? - VPC to Internet (Egress) - Do you allow instances on private subnets in a VPC to access the Internet directly? - What egress controls and policies do you require? - Should egress controls be implemented per region or per VPC? - Are you sure that you are enforcing the policy everywhere you think you are enforcing (audit)? - Internet to VPC (Ingress) - What protection is needed for EC2 instances with a public IP address? - User to VPC - Do you allow Developers and/or the Ops team to directly access the VPC and instances? Do you allow access when they are remote? - How do you manage this access? Who has access to which account? Is this based on job profile? How do you do provisioning, de-provisioning and tracking? 3. Security CONTINUED …
  • 11. © 2017 AVIATRIX SYSTEMS, INC . | 11© 2017 AVIATRIX SYSTEMS, INC . | 11 Why does it matter? - Visibility is table stakes for any operations team to be successful. - Cloud environments change very fast and visibility is key to being on top of the changes and updates. - At cloud scale with hundreds to thousands of VPCs, the only way to effectively manage is through alerts, dashboards and troubleshooting/forensics tools. What to look for? - Does the product visualize the entire cloud network connectivity? - Can the logs be exported to a centralized services like Splunk, Sumo etc. - What kind of alerts are available when connectivity is down? - Can the product provide traceroutes and packet capture? - Are additional insights available for EC2-to-EC2 connectivity problems? 4. Visibility
  • 12. © 2017 AVIATRIX SYSTEMS, INC . | 12© 2017 AVIATRIX SYSTEMS, INC . | 12 5. High Availability Why does it matter? - Your production is running in the cloud. The network has to stay up. Good to know - AWS VGW support for DX+DX, DX+Internet. What to look for? - How is the High Availability orchestrated? Is it productized? - Does the solution support single AZ fail over (cost optimized)? - Does the solution support multi AZ fail over (failover time optimized)?
  • 13. © 2017 AVIATRIX SYSTEMS, INC . | 13© 2017 AVIATRIX SYSTEMS, INC . | 13 6. Simplicity Why does it matter? - Cloud is new; skill sets are scarce and so the cloud ends up being complex. - Complexity leads to mistakes, and networking mistakes can bring down the entire cloud connectivity. (For example: fat fingering a route table update.) - Cloud providers are changing very fast. Are you on top of all the new functionalities and updates? What to look for? - Automation. - Orchestration. - Integration with your Cloud Ops stack of tools.
  • 14. © 2017 AVIATRIX SYSTEMS, INC . | 14© 2017 AVIATRIX SYSTEMS, INC . | 14 Why does it matter? - A non-optimal architectural choice can lead to exponentially increasing costs. - Cost is often hidden under many line items under many accounts. - Cost was one of the drivers why you went to cloud in the first place. What to look for? - Deployment costs: Compare the initial and at-scale product costs. - Operational costs: - Monitoring and troubleshooting complexity. - Do you have visibility into every network endpoint for troubleshooting? - People cost: - Can a CCNA or CloudOps engineer maintain the network? - Support costs: - Does the product come with tools for troubleshooting? - What kind of support do you get from the vendor when your network has problems? 7. Costs
  • 15. Introducing Aviatrix for AWS Global Transit Network
  • 16. © 2017 AVIATRIX SYSTEMS, INC . | 16© 2017 AVIATRIX SYSTEMS, INC . | 16 Aviatrix Solution …. VGW Shared Service VPC(s) Transit VPC Hub Spoke VPC(s) Direct Connect / Internet On Prem 1 Transport Architecture Shared Services Architecture Controller (AWS or Aviatrix Peerings) On Prem 2 GW GW GW GW GW GW GW (Aviatrix Transit Network) BGP
  • 17. Q & A
  • 18. © 2017 AVIATRIX SYSTEMS, INC . | 18© 2017 AVIATRIX SYSTEMS, INC . | 18 • You’ll receive email w/ link to replay, slides, and GTN eval checklist • Request meeting or further demo: http://aviatrix.com/contact/ • Download the free trial on AWS Marketplace (search for Aviatrix) Next Steps with Aviatrix