Enterprise Plus For Amazon Virtual Private Cloud

Amazon Web Services has extended the reach of its Virtual Private Cloud and has launched dedicated networking and identity-management solutions for its enterprise customers.

Adam Selipsky, vice president at Amazon Web Services (AWS), told eWEEK that Amazon is adding capabilities designed to support the security, network-management, dedicated-connectivity, and identity-management requirements of enterprises when deploying mission-critical applications in the cloud.

“We’re announcing three things, all enterprise-focused around network and identity,” Selipsky said. “We’re seeing continued strong growth and enterprise adoption, and we’re continuing to add features and capabilities that are important to our enterprise customers.”

Available In All AWS Regions

Part one of the three-part announcement is that AWS (Amazon Web Services) has extended Amazon VPC (Virtual Private Cloud) to all AWS Regions, enabling enterprises to launch their Amazon VPC environments in Europe, the US East and West Coasts, Singapore and Tokyo, and in multiple AWS Availability Zones within each region.

Announced in 2009, Amazon VPC enables businesses to provision a private section of AWS, where they can then launch AWS resources in a virtual network that they define and control, including the selection of IP address range, creation of subnets, and configuration of route tables and network gateways. This gives enterprises a simple and seamless way to leverage AWS while using the same security and management controls already familiar to their business. Enterprises can connect to their Amazon VPC via VPN or through an Internet connection. Starting from now, enterprises can now also connect multiple networks, such as branch offices, to each other as well as to their central corporate Amazon VPC environment.

In part two of the news, AWS also announced AWS Direct Connect, a new service that enables enterprises to bypass the Internet and deliver data to and from AWS via a private network connection. With a private connection, enterprises can increase bandwidth throughput, reduce networking latency and costs, and provide a more consistent network experience when moving data between AWS and their data centres.

AWS pay-as-you-go pricing with no minimum commitment means enterprises pay only for the network ports used and the data transferred out from AWS over the connection; data transfer into AWS is free of charge.

Interconnected AWS Cloud

AWS Direct Connect is available today in Virginia and, from this location, customers can connect to services in the AWS US-East (Virginia) Region. Additional AWS Direct Connect locations are planned for London, the San Francisco Bay Area (San Jose), Los Angeles, Tokyo and Singapore in the next several months, Selipsky said.

Selipsky noted that AWS Direct Connect is a feature that might be interesting to customers like media companies who have large media files they want to distribute, among other types of customers. Selipsky added that all three pieces of news were driven by customer demand.

“By constantly releasing new services tailored for the global enterprise, AWS enables us to move more of our business into the cloud,” John Herbert, executive vice president and CIO of Twentieth Century Fox, said in a statement. “For example, we currently use Amazon VPC for data with intellectual property, and the ability to put our Amazon VPC environments closer to both endpoint and origin will give us enormous advantages in how we distribute data and assets worldwide, supporting our global footprint.”

Meanwhile, in the third part of its announcement, AWS has also added new functionality for AWS Identity and Access Management (IAM) which enables “identity federation”, or the ability for enterprises to use their existing corporate identities to grant secure and direct access to AWS resources without creating a new AWS identity for those users. This capability enables enterprises to programmatically request security credentials, with configurable expiration and permissions, which grant their corporate identities access to AWS resources controlled by that enterprise.

Amazon VPC and AWS Identity and Access Management can be accessed via the AWS Management Console which supports for AWS Direct Connect coming later this year.

“As the largest hotel company in the world with hotels in over 100 countries, our business requires us to operate with a global mindset,” Scott Johnson, vice president of Enterprise Engineering at InterContinental Hotel Group, said in a statement. “By making Amazon VPC available in all AWS Regions and in multiple Availability Zones, we gain even more flexibility to deploy our applications in the cloud as we target markets around the world. With AWS Direct Connect, we can quickly migrate data to and from AWS with predictable low latency and high throughput, while avoiding expensive Internet bandwidth charges.”

“AWS IAM has given us the confidence to better manage our risk in these environments with greater granularity,” Twentieth Century Fox’s Herbert added. “Additionally, we look forward to extending our enterprise capabilities with AWS Direct Connect, so that AWS can really be the ‘cost-avoidance, virtual data centre’ in our future.”

Drax Group Cloud Architecture

“As part of our business-continuity planning, Haven Power wanted to consider innovative cloud-based solutions,” said Paul Armstrong, business systems manager at Haven Power, part of the UK-based Drax Group electricity company.

“We engaged Smart421, an AWS solution provider, to propose a cloud architecture that would meet our disaster recovery and back-up requirements, and we adopted their recommendation to use Amazon VPC as part of our overall solution,” he added. “This allows us to mirror and extend our existing internal data centre into the AWS cloud while retaining control of subnets, IP ranges and network security, and at the same time benefit from the inherent scalability, flexibility and consumption-based charging model that AWS provides.”

Moreover, summing the announcements up, in a statement, Selipsky said: “As enterprises make the move to the cloud, many have leveraged Amazon VPC for workloads that they have wanted to manage using their existing management and security policies.

With the launch of Amazon VPC worldwide, AWS Direct Connect and the new IAM federated identity capabilities, enterprises have even more flexibility and control over deploying their workloads to the cloud. These capabilities provide even more privacy, and along with AWS’s existing cloud services, allow enterprises to choose the environment that is best suited to each of their workloads.”