Blog

Understanding AWS VPC Egress Filtering Methods

khash
By Khash Nakhostin
Head of Growth Marketing, Aviatrix
November 14, 2018

Security in AWS is governed by a shared responsibility model where both vendor and subscriber have various operational responsibilities. AWS assumes responsibility for the underlying infrastructure, hardware, virtualization layer, facilities, and staff while the subscriber organization – that’s you – is responsible for securing and controlling outbound VPC traffic destined for the Internet.  Additionally, many organizations must meet regulatory requirements such as PCI-DSS, which requires organizations to monitor and control outbound traffic to the Internet. Securing egress traffic to the Internet can be tricky because most EC2 instances need outbound access for basic operations such as software patching and accessing…




Implementing a Secure Transit DMZ Architecture with Next-Gen Firewalls

josh
By Josh Hammer
Partner Solutions Architect, Amazon Web Services
October 16, 2018

Security is one of the most important aspects of any customer’s successful AWS implementation. Customers want to maintain similar security and compliance postures in their AWS environments as they have on-premises. Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS Cloud where you can launch AWS resources in a virtual network that you define. You have complete control over your virtual networking environment, including selection of your own IP address range, creation of subnets, and configuration of route tables and network gateways. You can use both IPv4 and IPv6 in your VPC for secure and easy access to resources and applications.




Talking Innovation, Disruption and Software Defined Cloud Routing with Steve Mullaney

frank-cabri
By Frank Cabri
Vice President of Marketing, Aviatrix
September 28, 2018

Steve Mullaney recently joined Aviatrix as a board member and investor.  He’s a winner with a ton of energy. We are excited he is onboard here. Steve was the CEO of Nicira Inc., a network virtualization and software-defined networking company, from 2009 until it was acquired in 2012 by VMware for $1.26 billion. Mullaney became the senior vice president and general manager of VMware’s Networking and Security business unit following Nicira’s acquisition. Previously, Steve served as vice president, marketing, and interim CEO for Palo Alto Networks, a network and enterprise security company known as a global cybersecurity leader. During his tenure there, he…




Why the Economics of Adding a Network Engineer to the Cloud Engineering Team Doesn’t Add Up

neel
By Neel Kamal
Head of Sales, Aviatrix
September 18, 2018

Networking in AWS, Azure or GCP is complicated. (Just take a look at our Day in the Lifelist below.) Many cloud teams naturally assume they’ll need a network engineer with a traditional data center skill set to manage their cloud networking. But from both a skills and cost perspective, that’s just not the case. Let’s examine the business case and the alternatives, including the opportunity that this presents for cloud services consulting companies. Why the Economics of Adding a Network Engineer to a Cloud Team Doesn’t Add Up Skills Gap. Cloud networking is in fact far different from data center networking. Finding…




Navigating the New Networking Landscape In the Era of Public Cloud Computing

frank-cabri
By Frank Cabri
Vice President of Marketing, Aviatrix
September 7, 2018

The cloud is a new and different playground. Every network architect is now a cloud architect, and every network engineer is now a cloud engineer. —Sherry Wei, Founder and CTO, Aviatrix These days, each cloud industry event includes announcements of new cloud networking capabilities. This constant change makes it difficult to keep track of who’s doing what. As the pioneer of a networking architecture purpose-built for the cloud, Aviatrix has a unique perspective on the various solutions and options available for networking to, from, within, and among various cloud and hybrid cloud environments. Here’s our first attempt at laying out…




A Conversation with James Matsumura

sherry
By Sherry Wei
Founder and CTO, Aviatrix
August 27, 2018

Meet James Matsumura, software engineer at Casechek, a startup company automating the implant supply chain. James is a typical startup engineer who does the heavy lifting in building the service. I caught up with James at the recent AWS Summit. Sherry: Tell us what you do at Casechek? James: I’m a back end software engineer, but my work moves to full stack for some projects. We are a growing company and our roles are flexible. No one is pigeon holed into one specific role and we all cover multiple domains. Sherry: What’s your challenge then? James: We tried to build VPN tunnels…




A Conversation with Dennis Estrada

sherry
By Sherry Wei
Founder and CTO, Aviatrix
August 11, 2018

This is my third conversation with cloud architects. Click here for the previous one. Meet Dennis Estrada, enterprise architect at JellyVision, a company with a long history in software for education, entertainment and now employee benefits. In this wave of developer led cloud transformation, traditional IT is often viewed as friction and a dated organization. Dennis is an exception. Not only does he manage the IT department as we know it, he is in the forefront of  with the Ops team and architecting their new IT in the cloud. I caught up with Dennis recently on the busy exhibition floor at AWS Chicago Summit….




Why Software-Defined Cloud Routers Are Replacing vRouters As the Future of Public Cloud Networking

sunil
By Sunil Kishen
Vice President of Partnerships and Strategy, Aviatrix
July 24, 2018

Enterprise IT architectures are evolving rapidly, with the public cloud shifting to center stage. Networking—i.e., connecting resources, data, and users with one another, securely and seamlessly—is an increasingly vital foundational building block of the modern enterprise cloud architecture. The problem is that enterprises have been forced to use networking technology adapted from the datacenter era. In the traditional world of datacenter IT, vendors of networking technologies created a business model that effectively became a ‘conspiracy of complexity,’ in which intentionally hard-to-manage equipment and software kept customers dependent on vendor-certified technology experts who often commanded higher salaries. This approach—vendors creating complexityand…




A Conversation with Roberto Sato

sherry
By Sherry Wei
Founder and CTO, Aviatrix
June 16, 2018

This is my second conversation with cloud architects. Click here for the first conversation. Meet Roberto Sato, EVP of Technologies at Global Electronic Technology, a privately hold credit card processing service company. Roberto is a dream customer, he is collaborative, patient and meticulous. Roberto is a VP, yet he is hands on, knowledgable and personally involved in evaluating new technologies. Sherry: Tell us what you were looking for? Roberto: Our primary motive was security. We are in the payment industry and we must be PCI compliant. We were about to launch a new product in AWS and our external security…




Software Defined Cloud Routing is fundamental to the Virtual Cloud Network

steven
By Steven Mih
CEO, Aviatrix
June 12, 2018

When VMware recently announced its Virtual Cloud Network strategy, it introduced a new and much-needed category to the cloud world—and challenged the networking industry to collectively step up its networking game. The Virtual Cloud Network is about overcoming the infrastructure obstacles that limit companies from embracing the digital era. The VMware announcement recognizes that networking complexity in the cloud is holding companies back from achieving the business outcomes they desire. But… the VMware announcement was short on details around public cloud routing—i.e., networking to and within Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform environments—which is the realm…





Latest Posts


Understanding AWS VPC Egress Filtering Methods
By Khash Nakhostin, November 14, 2018

Implementing a Secure Transit DMZ Architecture with Next-Gen Firewalls
By Josh Hammer, October 16, 2018

Talking Innovation, Disruption and Software Defined Cloud Routing with Steve Mullaney
By Frank Cabri, September 28, 2018

Why the Economics of Adding a Network Engineer to the Cloud Engineering Team Doesn’t Add Up
By Neel Kamal, September 18, 2018

Navigating the New Networking Landscape In the Era of Public Cloud Computing
By Frank Cabri, September 7, 2018


Top Tags


Active Directory (AD)Amazon Partner Network (APN)Amazon Virtual Private Cloud (Amazon VPC)Amazon Web Services (AWS)Amazon WorkSpacesApplication VisibilityAviatrix Cloud InterconnectAviatrix ControllerAviatrix FlightPathAviatrix Hosted ServiceAWS Direct ConnectAWS Egress ControlAWS VPNAzure ExpressRouteCasachekChefCiscoCisco Live 2018Cloud Architectscloud burstingCloud ComputingCloud GatewayCloud MigrationCloud NetworkingCloudOpsCSRDevOpsEgress TrafficElon MuskEnterprise Strategy Group (ESG)GartnerGCP Next 16Google Cloud PlatformHub-and-Spoke NetworkHybrid CloudHyperFlex Multi-Cloud EcosystemInternational Data Corporation (IDC)Intrusion Detection System (IDS)Intrusion Preventions Systems (IPS)IPmotionJenkinsMalware DetectionMesh NetworkMicrosoft AzureMulticloudNetworking as a Servicenetworking infrastructureNiciraNoOpsNutanixNutanix CalmOpenVPN Access ServerPalo Alto NetworksPCI CompliancePci DssPublic CloudPublic Cloud NetworkingPuppetRemote AccessSD Cloud RouterSD-WANSoftware Defined Cloud RoutingSoftware-Defined Cloud RoutersSquidSSL VPN to AWSstorage and computeTransit DMZ Architecturetransit networkTransit VPCURL FilteringVirtual Cloud NetworkVirtual Desktop Infrastructure (VDI)Virtual RoutersVLANVMwareVPCVPC PeeringVPN