AWS re:Invent 2022
Build Your Global Wide Area Network Using Aws Net303

Title

AWS re:Invent 2022 - Build your global wide area network using AWS (NET303)

Summary

  • Presenters: James Devine and Sid, both Principal Solutions Architects at AWS.
  • Topic: Building a global wide area network (WAN) using AWS, focusing on the evolution of WAN and the introduction of AWS Cloud WAN.
  • Evolution of WAN: Traditional WANs connected on-premise locations and remote offices, often using MPLS networks or third-party services, which were slow to provision and inflexible.
  • Cloud WAN: As applications move to the cloud, AWS becomes the network's center, leveraging AWS services to build a global WAN that is flexible, scalable, and secure.
  • AWS Services for Global WAN:
    • VPC Peering: Simplest way to connect VPCs, no additional hardware or costs.
    • Transit Gateway: Connects up to 5,000 networks in a hub-and-spoke model, supports advanced features like multicast and private VPN.
    • Direct Connect: Connects on-premises data centers to AWS global infrastructure, with SiteLink for direct data center-to-data center connectivity.
    • Cloud WAN: A managed service to create global WAN networks, connecting on-premises data centers, branch offices, and cloud resources with a global configuration pane.
  • Cloud WAN Components:
    • Global Network: Container for all network objects.
    • Core Network: Fully managed by AWS, consists of core network edges in each region.
    • Network Policy: JSON document defining global configuration, including regions, segments, and attachment policies.
  • Demo: Showed how to use Cloud WAN for network visualization, isolation of segments, and integration with Transit Gateway, including seamless migration of VPCs from Transit Gateway to Cloud WAN.
  • Best Practices: Use tagging for attachments, deploy Cloud WAN in a dedicated networking account, integrate with RAM and AWS organizations, regionalize shared services, and plan for growth and agility.

Insights

  • Cloud WAN as a Centralized Solution: Cloud WAN simplifies the management of global networks by centralizing configuration and policy management, reducing the complexity of multi-region networking.
  • Security and Segmentation: Cloud WAN's segmentation capabilities provide an additional layer of security by controlling traffic at the network layer, allowing for better compliance with regulatory requirements.
  • Integration with Existing Services: Cloud WAN can be integrated with existing AWS services like Transit Gateway and Direct Connect, facilitating a gradual migration to a more centralized and scalable network architecture.
  • Automation and Scalability: The use of tagging and attachment policies in Cloud WAN enables automation of network configurations and scalability, which is crucial for large enterprises with dynamic networking needs.
  • Cost-Effectiveness: By leveraging AWS's global infrastructure and services like VPC Peering and Direct Connect SiteLink, organizations can reduce costs associated with traditional WAN deployments, such as expensive MPLS circuits.
  • Future-Proofing Networks: Cloud WAN is positioned as the future of AWS networking services for global WAN, indicating that AWS will continue to add features and capabilities to this service, making it a strategic choice for organizations planning their network infrastructure.
Build Your Data Lakehouse with Starburst Galaxy Prt014Build Your Open Data Lakehouse with Dremio and Aws Prt085