Modernizing Networking on AWS

A lot of times customers immediately lean into wanting to bring legacy data center technologies and forklift them into AWS and use them there, when in fact, a lot of those functions can now be recreated using cloud native services in AWS. For example, Application Load Balancer is a great Layer 7 load balancer, while network load balancer is a very high volume, high powered layer 4 load balancer that can operate across a variety of ports and protocols.

Gateway load balancer is another great option now, that sort of gives you that bump in the wire approach to network inspection where you can send traffic and still use your own type of third party security appliance in AWS. AWS Network Firewall is a great cloud native version of that. 

There’s obviously a fair amount of complexity around the AWS ecosystem as they build out the same kinds of capabilities that we’re used to on premise, allowing us to do interesting things with client specific patterns as they get challenged. That’s the technology aspect of it. Now there’s a people aspect to it as well. 

As we’re working with clients, how do we make sure that the network engineers that are coming from on-premise environments are getting what they need to be effective in the AWS environment?

There’s definitely an educational aspect of it. We really lean into codifying infrastructure with things like HashiCorp Terraform, AWS CloudFormation, & AWS CDK, and helping those customers that maybe aren’t used to Infrastructure as Code in their traditional on-prem world, really understand the power of using code to deploy your network infrastructure in AWS. In reality, you can really almost recreate an entire data center in a matter of minutes using code.

That basically means that now where I’m storing code for my applications, it might be Git or whatever I’m using, I can version my network infrastructure in the same way that I version my application infrastructure which is absolutely transformative. Riskier, breaking changes to networking, don’t necessarily need to happen. At completely off hours, you feel much more safe because you know that you have a known point to roll back to, if your change doesn’t roll out as expected.

Absolutely everything’s version controlled. You can reference back to who made the last change when and really zero in on those details of potential breaking changes and really avoid them going forward.

If you’d like to take advantage of Infrastructure as code and deploy next generation infrastructure on the AWS cloud, or learn about how you can implement networking on the cloud with best practices, get in touch with our team!