AWS beefs up private connections

August 6th, 2011 | by Aaron Tan

Amazon Web Services (AWS) has rolled out its Amazon Virtual Private Cloud (VPC) service to its data centers around the world, including in Singapore, Tokyo and Europe.

Launched in 2009, Amazon VPC lets enterprises privately access a section of AWS, where they can tap computing resources in a virtual network under their control. This includes the selection of IP address range, creation of subnets, and configuration of route tables and network gateways, like they would in their own data centres.

While Amazon VPC gives enterprises a simple and seamless way to leverage AWS using the same security and management controls already familiar to their business, the service is NOT tatamount to a private cloud, as pointed out by some industry observers.

“Amazon VPC is not a private cloud offering,” said Lydia Leong, research vice president at Gartner’s technology and service providers group in a blog post.

“It is a connectivity option for a public cloud. If you have concerns about sharing infrastructure, they’re not going to be solved here. If you have concerns about Amazon’s back-end security, this is one more item you’re going to have to trust them on – all their technology for preventing VM-to-VM and VM-to-public-Internet communication is proprietary,” she added.

Amazon VPC works in a way that’s similar to the way office workers access their corporate e-mail on the move through VPN connections that provide private, secure tunnels over the Internet. At corporate backends, computers that “tunnel in” are assigned corporate IP addresses and would seem as if they are on the same network.

To be clear, what Amazon VPC does is to allow enterprises to access their AWS resources over a VPN connection, rather than isolate resources from Amazon’s shared computing pool for specific customers in the case of a private cloud.

In addition to VPN capabilities, Amazon is allowing enterprises to connect to AWS resources directly through a new service dubbed Direct Connect.

With a private connection, Amazon says, “enterprises can increase bandwidth throughput, reduce networking latency and costs, and provide a more consistent network experience when moving data between AWS and their data centres”.

The pay-as-you-go service, which provides dedicated Gigabit Ethernet or 10 Gigabit Ethernet links from corporate data centres to AWS, will only charge enterprises for network ports used and data transferred out of AWS. Data transfer into AWS is free.

Right now, AWS Direct Connect is available only at Amazon’s Virginia data centre, where companies can connect to services in the AWS US-East (Virginia) Region. Additional AWS Direct Connect locations are planned for San Francisco Bay Area (San Jose), Los Angeles, London, Tokyo and Singapore in the next several months.

Amazon is also making it easier for companies to access AWS resources using their existing identity management systems. This “identity federation” feature, provided through Amazon’s free Identification and Access Management service, will negate the need to create separate AWS credentials for users to access Amazon’s cloud computing resources.

The trio of AWS enhancements may be seen as a bid by Amazon to bring more companies concerned about security and network latency onboard its cloud computing platform.

According to IDC, the adoption of cloud computing is continuing to mature in the Asia-Pacific region, excluding Japan.

Countries in the region have emerged from economic uncertainties over the past two years with increased enthusiasm for cloud computing as a way to deliver existing and new business services, IDC said. Companies will also look beyond Software-as-a-Service (SaaS) and Infrastructure-as-a-Service (IaaS) to source business services that help them take advantage of recovering markets more quickly.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.