Al usar AWS re:Post, aceptas las AWS re:Post Términos de uso

AWS Client VPN over Direct Connect

0

IHAC who is looking to implement below architecture -

Customer Office ---(Connected via their own network)———> Customer Data Center ——(Connected via Direct Connect)——> AWS

Customer have some applications in their office which use legacy protocols. They want to connect these applications securely with AWS and would like to leverage AWS Client VPN for end-to-end encryption.

Is this a right architecture pattern or customer should consider other solution?

AWS
preguntada hace un año1,2 mil visualizaciones
1 Respuesta
0

Hello.

There is a way to encrypt DirectConnect communication using Site to Site VPN.
With this setting, no settings are required on the client application side.
https://aws.amazon.com/jp/blogs/networking-and-content-delivery/introducing-aws-site-to-site-vpn-private-ip-vpns/
https://docs.aws.amazon.com/whitepapers/latest/aws-vpc-connectivity-options/aws-direct-connect-site-to-site-vpn.html

This solution combines the benefits of the end-to-end secure IPsec connection with low latency and increased bandwidth of the AWS Direct Connect to provide a more consistent network experience than internet-based VPN connections. A BGP connection session is established between AWS Direct Connect and your router on the public VIF. Another BGP session or a static route will be established between the virtual private gateway and your router on the IPsec VPN tunnels.

profile picture
EXPERTO
respondido hace un año

No has iniciado sesión. Iniciar sesión para publicar una respuesta.

Una buena respuesta responde claramente a la pregunta, proporciona comentarios constructivos y fomenta el crecimiento profesional en la persona que hace la pregunta.

Pautas para responder preguntas