Sponsored by Aviatrix
February 27, 2019
1 PM ET / 10 AM PT
There are legitimate reasons why AWS VPCs or Azure VNets require Internet access; for example, to receive software updates from vendors or integrate with native AWS services or third-party SaaS services. But this is substantially different from an on-premises use case, where traditional, full-featured firewalls are needed to filter both end-user traffic and application traffic. And while AWS provides a NAT gateway, it can be configured only on a per-VPC basis against a limited number of IP addresses.
In this educational session from Aviatrix, we examine the security and networking requirements for controlling VPC egress traffic –and what capabilities AWS offers natively. We’ll also review and demonstrate a software-defined approaches to egress security that helps avoid the complexity and expense of on-prem firewalls and the limitations and costs of AWS NAT gateways by providing:
- Centralized control that enables policy assignment instantly across one VPC – or hundreds
- Visibility thru discovery tools that shine a light on what is currently happening
- Flexible Layer 7 domain whitelisting that eliminates native AWS IP address limitations
- Methods for policy-based filtering on both HTTP and HTTPS traffic, and other popular protocols
- Integration with standard reporting and event correlation tools
Cloud Solution Architect, Aviatrix
Joseph Conwell is a Cloud Solution Architect at Aviatrix helping customers with infrastructure, networking and security use cases across AWS, Azure and Google Cloud. A seasoned information technology executive spanning two decades of IT, relationship, and technical project management experience, Joseph has successfully delivered complex technology solutions for a number of large-scale infrastructure projects. Clients include Bank United, Monster.com, the Baylor College of Medicine, Department of Homeland Security, Department of Transportation, Georgia Institute of Technology, Georgetown University, K-Swiss and State of Florida.