Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso
AWS re:Postre:Post

Directing traffic from distributed locations through the domain to the specified server

0

Hi. This is a new topic for me and I would be very grateful for any help or advice.

We have a distributed network of video servers transmitting and connecting to our central server. Video servers connect to a specific IP address of the central server. Currently, we want, above all, to ensure redundancy of our central servers, redundancy of communications and redundancy of locations. This means different machines and different IP addresses. Therefore, I am looking for a solution that will allow us to:

  • direct traffic to the domain, not the IP,
  • direct traffic from the domain to the indicated central server, which is the main server at a given time, but in the event of a failure it will automatically switch to redundant servers or locations,
  • ensure the security of the solution and enable only authorized video servers to establish a connection with our server - each video server has up to three WAN addresses (failovers),
  • detect and block any anomalies and attack attempts on the infrastructure.

Thank you in advance for any directions.

Temas
Redes y entrega de contenido
Etiquetas
Amazon Route 53
Idioma
English
Michal
preguntada hace 2 meses113 visualizaciones
1 Respuesta
2

direct traffic to the domain, not the IP, you can use Route53 and create A record your-domain.com -> IP address of the central server

but in the event of a failure it will automatically switch to redundant servers or locations, use Route53 "Failover" routing policy and add another IP address as a failover for your domain

https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-types.html#dns-failover-types-active-passive

ensure the security of the solution and enable only authorized video servers to establish a connection with our server use Security Groups to allow incoming traffic only from specific IP addresses. Associate this Security group with your Central servers

https://docs.aws.amazon.com/vpc/latest/userguide/vpc-security-groups.html

detect and block any anomalies and attack attempts on the infrastructure. this depends on what kind of attacks and which network protocol. You can detect attacks using Amazon GuardDuty as a Threat Detection System, for web traffic you can use AWS WAF. You can also consider AWS Network Firewall or build a custom solution that can analyze VPC Flow Logs and make some preventive actions

profile picture
EXPERTO
Oleksii Bebych
respondido hace 2 meses
profile picture
EXPERTO
Artem
revisado hace un mes

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas

Contenido relevante