Segment in cloud wan

2

Im checking the possibility of using AWS Cloud wan for my organization, When considering the Segment, i have environment like dev, qa, uat, prod. Also im having on prem data centers. So for the segment i thought of having Dev Segment, QA Segment, UAT Segment, Prod Segment, Hybrid Segment and Inspection/Security Segment. Is this the correct approach, and what are the other best practices i have to consider , and is there any other suggestions

asked a month ago268 views
2 Answers
0

I usually recommend customers that want to leverage AWS Cloud WAN is that they need to have a look into the quotas. Today, the max number of segments per core network is 40. Less is more imo! If for example dev, qa, and uat have the simmilar characteristics in terms of routing, maybe consolidate them into one segment?

Hope you also are aware of the isolate-attachments option in a AWS Cloud WAN policy, where you can ensure attachments in the same segment cannot communicate. This is relevant if you are integrating with external vendors or partners.

Also if you are operating in a multi region environment, I recommend having a look at service insertion for AWS Cloud WAN, which will make your inspection life easier (and cheaper) for east/west traffic going from one region to another.

AWS
emned
answered a month ago
  • Thanks emned, is there any ways to make the north south traffic cheaper. otherwise i need to have aws advanced shield in all region which is expensive

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions