Amazon Bridges Corporate IT with the Cloud via New Virtual Private Cloud (VPC) Service

By Darryl K. Taft  |  Posted 2009-08-26

Amazon Bridges Corporate IT with the Cloud via New Virtual Private Cloud (VPC) Service

Amazon Web Services (AWS), an company, has announced a limited public beta of its new Amazon Virtual Private Cloud (Amazon VPC) service, a secure and seamless bridge between a company's existing IT infrastructure and the AWS cloud.

"This is a secure bridge between existing enterprise IT infrastructure and the AWS cloud, Adam Selipsky, Amazon Web Services' vice president of product management and developer relations told eWEEK in an interview at AWS offices here. "This allows enterprises to bring over IP addressing and bring over VPN and familiar infrastructure to include the cloud," he said.

Indeed, Amazon VPC enables enterprises to connect their existing infrastructure to a set of isolated AWS compute resources via a Virtual Private Network (VPN) connection, and to extend their existing management capabilities such as security services, firewalls, and intrusion detection systems to include their AWS resources, the company said. And Amazon VPC integrates today with Amazon EC2 compute resources, and will integrate with other AWS services in the future, Selipsky said.

Amazon announced the release of Amazon VPC on Aug. 26, along with supporting press material and blog posts.

"One of the most significant barriers to adoption of the cloud has been the need to both maintain existing infrastructure and separately run resources in the cloud," Selipsky said. Amazon's new VPC eliminates this barrier. "Enterprises don't want to have to open up a second front to their internal infrastructure, so Amazon VPC is built to solve that problem. Customers will have all the benefits of their own IT infrastructure along with all the benefits of the cloud, including flexibility, elasticity, reliability, security, etc."

As with all Amazon Web Services, there are no long-term contracts, minimum spend or up-front investments required.  With Amazon VPC, you pay only for the resources you use.  To get started using Amazon VPC, visit

"Pricing is very simple and familiar," Selipsky said. "Like other AWS services, it's pay-as-you-go -- five cents per hour per VPN connection."

"For the last three years, AWS has provided companies of all sizes with on-demand, highly elastic and highly reliable technology resources in the cloud," said Andy Jassy, senior vice president of Amazon Web Services, in a statement. "As more and more enterprises leverage the cloud, they want a simple, seamless way to migrate their large and complex IT infrastructures to AWS, and to use the security and management controls that their IT teams already know. We built Amazon VPC for this purpose-to allow any company to seamlessly connect their existing resources to the AWS cloud as if it were a part of their own datacenter."

With Amazon VPC, AWS customers can create an isolated set of AWS resources that they then access via an industry-standard encrypted IPSec VPN connection, Amazon officials said. Using a few simple API calls, users create their isolated network, specify the IP address range of their own choosing, and then launch Amazon EC2 instances into that network, Selipsky said. Next, users create a secure VPN to bridge those AWS resources to their existing IT infrastructure. Cloud traffic bound for the Internet routes over the VPN where it is examined by the customer's existing security and networking technologies before heading to the public Internet, Amazon said. With Amazon VPC, customers can access their resources running in the AWS cloud as if these assets were running within their existing IT infrastructure, the company said.

Selipsky said initially Amazon VPC will run as a limited public beta -- which follows a private beta that has been in effect for several months now -- but the number of organizations allowed to participate will grow over time. And initially each company will have one VPC, whereas in the future they can have multiple VPCs. However, each company participating in the beta will be able to have 20 subnets under their VPC, Selipsky said.

"The service is fully functional, fully secure and ready to run real and meaningful workloads from day one," Selipsky said. "It's ready for production use."

Security, Convenience


Moreover, from the private beta, Selipsky said Amazon already has begun to see common use cases crop up for applications where there is proprietary data or workloads that need to be able to move in and out of the cloud, "like pharmaceutical companies with a lot of IP [intellectual property], or Wall Street firms with proprietary algorithms, or large media companies."

For instance, Eli Lilly is a global pharmaceuticals company using on-demand resources from Amazon Web Services to support pharmaceuticals research, collaboration, and high performance computing. "Eli Lilly and Company is excited about Amazon VPC, as it gives us the convenience to securely bridge hosts on our private Lilly network with the elastic computing capability of AWS," said Dave Powers, an associate information consultant at Eli Lilly and Company, in a statement. "We can now seamlessly integrate our internal computing environment with computing resources we've deployed on AWS, all without cumbersome configuration or management hassles."

Meanwhile, software vendor Intuit leverages AWS for applications ranging from scalability testing for its online products to cloud-based engineering development and test environments. "Amazon VPC enables Intuit to expand its use of AWS by making it possible to extend parts of our existing on-premise security and networking policies to our cloud infrastructure," said Jerome Labat, vice president of product development at Intuit, in a statement.  "We're looking forward to continuing our work with AWS to deploy qualified applications securely, reliably and cost effectively."

In addition, "Amazon VPC will enable our more than 200,000 enterprise customers to seamlessly expand their Citrix XenApp infrastructures by adding highly secure and reliable on-demand resources from AWS," said Frank Artale, vice president of business development at Citrix Systems, in a statement. "By leveraging Amazon VPC, our mutual customers now have access to resources that appear as a natural extension of their current on-premises Citrix based applications."

"Our enterprise customers are eager to take advantage of the flexibility enabled by Amazon VPC," said Stephen Elliot, vice president of strategy for CA's Infrastructure Management and Automation business unit, also in a statement. "CA's Business-Driven Automation solutions together with Amazon Web Services can help enterprises to provision, configure, monitor and manage computing resources to respond quickly to changing business demands."

In addition, Amazon Web Services also announced AWS Multi-Factor Authentication (AWS MFA), which offers customers additional capabilities to access and control their AWS accounts.  AWS MFA provides an additional layer of security to the administration of a customer's AWS account by requiring a second piece of information to confirm a user's identity, the company said. With AWS MFA enabled, users must provide a six-digit, rotating code from a device in their physical possession in addition to their standard AWS account credentials, before they are allowed to make changes to their AWS account settings. 

Amazon officials said AWS MFA will be offered as an optional feature of AWS accounts and is easy to set up and use via the AWS web site.  AWS MFA will be available in the coming weeks; to learn more and to be notified when it becomes available, visit And later this fall, AWS will also release additional billing features that allow companies to link together a group of AWS accounts with one account acting as the billing entity for the group, providing additional visibility and control of a company's total AWS account usage.

"The flexibility to add additional account security mechanisms via AWS Multi-Factor Authentication has been frequently requested by enterprise customers," Selipsky said. "We will continue to add features to our services that make it even easier for more customers to leverage the benefits of the AWS cloud." 

Rocket Fuel