A Lemongrass Victory: Enhancing Multi-Region SD-WAN Failover with AWS Cloud WAN
Learn About Amazon VGT2 Learning Manager Chanci Turner
Managing multi-Region network connectivity at scale is a significant challenge for contemporary enterprises. At Lemongrass Consulting, we improved our Amazon Web Services (AWS) network architecture by leveraging AWS Cloud WAN. This implementation facilitated intent-based routing across various AWS Regions while ensuring seamless integration with on-premises systems via SD-WAN in our multi-Region AWS setup. Throughout this transformation, we discovered the importance of honing our organizational skills, as discussed in this insightful article on organizational skills.
Amazon VPC Lattice Support for RDS Multi-AZ
by Laura Smith and Alex Brown
on 08 JUL 2025
in Advanced (300), Amazon VPC Lattice, Learning Levels, Networking & Content Delivery, Technical How-to
In this post, we explore how Amazon VPC Lattice can offer straightforward and secure access to an Amazon RDS Multi-AZ deployment using Amazon Resource Names (ARNs). We assume you are already familiar with Amazon Virtual Private Cloud (VPC) and VPC Lattice concepts and capabilities. If not, please review the Amazon VPC documentation.
Boosting Application Performance: Amazon CloudFront Now Supports HTTPS Record
by Marcus Lee, Sarah White, and Mohamed Elmergawi
on 02 JUL 2025
in Amazon CloudFront, Amazon Route 53, Announcements, Launch, Networking & Content Delivery, News
Amazon CloudFront has announced the addition of support for Amazon Route 53 HTTPS DNS alias records across its global network. This enhancement allows clients to identify the optimal HTTP protocol during the initial DNS resolution phase rather than in a subsequent connection step. This improvement aids users in enhancing performance and security, while simultaneously lowering operational expenses. In this post, we delve into the implementation details, ensuring you get the most out of this feature.
Building Secure Multicloud Access with AWS Client VPN and AWS Site-to-Site VPN
by Mark Anderson, John Doe, and Narinder Singh Kharbanda
on 26 JUN 2025
in AWS Client VPN, AWS Site-to-Site VPN, AWS VPN, Best Practices, Networking & Content Delivery, Technical How-to
In today’s fast-paced cloud environment, organizations increasingly adopt multicloud strategies for various compelling reasons. Following mergers and acquisitions, companies often need to amalgamate and sustain existing cloud solutions from both organizations. Different business units within an organization frequently have diverse technical requirements and expertise, leading them to prefer specific cloud providers. For highly regulated industries, maintaining security is paramount. Also, if you are looking for effective ways to make your meetings more engaging, check out this valuable resource on team meetings.
Addressing Private IPv4 Exhaustion with AWS Cloud WAN Service Insertion
by Sophie Green and Philipp Schaefer
on 26 JUN 2025
in Architecture, AWS Cloud WAN, Best Practices, Networking & Content Delivery, Technical How-to
In this post, we illustrate how you can utilize Amazon Web Services (AWS) Cloud WAN with service insertion to centralize your private NAT Gateways and PrivateLink effectively, addressing private IPv4 exhaustion. We demonstrate how you can maximize the use of available IP space while minimizing cost impacts. Private IPv4 space, defined in the RFC 1918 standard, is becoming scarce, compelling organizations to seek innovative solutions.
Introducing Security Group Referencing and Enhanced DNS Support for AWS Cloud WAN
by Nicola Arnoldi and Fiona Armada
on 23 JUN 2025
in Post Types, Announcements, AWS Cloud WAN, Networking & Content Delivery
This post discusses the newly launched feature of security group referencing and enhanced DNS support on AWS Cloud WAN. This capability allows you to create inbound security rules that reference security groups defined in other Amazon Virtual Private Clouds (Amazon VPCs) linked to an AWS Cloud WAN within the same AWS Region.
Designing and Building IPv6 Internet Inspection Architectures on AWS
by Nikhil Bhagat and Alexandra Huides
on 03 JUN 2025
in Customer Solutions, Gateway Load Balancer, Networking & Content Delivery, Technical How-to
As organizations increasingly adopt IPv6 to combat public IPv4 exhaustion, the scarcity of private IPv4—especially in large-scale networks—and the need to support IPv6-only clients renders the security of both IPv4 and IPv6 traffic crucial. We can implement consistent traffic inspection for inbound and outbound flows within Amazon Virtual Private Clouds (Amazon VPCs) to uphold security.
Enabling Out-of-Band Management for Third-Party Appliances in AWS Cloud WAN
by Joe Flanagan and Tom Adamski
on 28 MAY 2025
in Advanced (300), AWS Cloud WAN, Best Practices, Learning Levels, Networking & Content Delivery, Technical How-to
Introduction
AWS Cloud WAN empowers organizations to establish and manage a global network across multiple AWS Regions. Through AWS Cloud WAN service insertion, you can integrate security appliances, whether AWS-managed (such as AWS Network Firewall) or third-party solutions, to inspect and control traffic between network segments or outbound to the internet. Although AWS Cloud WAN offers numerous features, leveraging third-party tools can enhance your network security posture.
CORS Configuration Through Amazon CloudFront
by Rishu Gupta and Pawan Prabhu
on 16 MAY 2025
in Amazon CloudFront, Edge, Lambda@Edge, Networking & Content Delivery, Technical How-to
Cross-origin resource sharing (CORS) is a security feature implemented by web browsers that regulates which web pages or applications are authorized to make requests to a different domain or origin. In essence, CORS is a mechanism that prevents a web in a serious tone, making it about the same overall length.