Amazon Extends Virtual Private Cloud, Adds New Enterprise Capabilities

Amazon Web Services launches its Virtual Private Cloud globally and announces new Direct Connect and identity-management capabilities for enterprises.

Amazon Web Services has extended the reach of its Amazon Virtual Private Cloud solution and has launched new dedicated networking and identity-management solutions for its enterprise customers.

Adam Selipsky, vice president at AWS (Amazon Web Services), told eWEEK Amazon is announcing new capabilities for customers designed to support the security, network-management, dedicated-connectivity, and identity-management requirements of enterprises when deploying mission-critical applications in the cloud.

"We're announcing three things, all enterprise-focused around network and identity," Selipsky said. "We're seeing continued strong growth and enterprise adoption, and we're continuing to add features and capabilities that are important to our enterprise customers."

Part one of the three-part announcement is that AWS (Amazon Web Services) has extended Amazon VPC (Virtual Private Cloud) to all AWS Regions, enabling enterprises to launch their Amazon VPC environments in the U.S. East and West Coasts, Europe, Singapore and Tokyo, and in multiple AWS Availability Zones within each Region.

Announced in 2009, Amazon VPC enables businesses to provision a private section of AWS, where they can then launch AWS resources in a virtual network that they define and control, including the selection of IP address range, creation of subnets, and configuration of route tables and network gateways. This gives enterprises a simple and seamless way to leverage AWS while using the same security and management controls already familiar to their business. Enterprises can connect to their Amazon VPC via VPN or through an Internet connection. Starting Aug. 4, enterprises can now also connect multiple networks, such as branch offices, to each other as well as to their central corporate Amazon VPC environment. To get started using Amazon VPC, click here.

In part two of the news, AWS also announced AWS Direct Connect, a new service that enables enterprises to bypass the Internet and deliver data to and from AWS via a private network connection. With a private connection, enterprises can increase bandwidth throughput, reduce networking latency and costs, and provide a more consistent network experience when moving data between AWS and their data centers. AWS's pay-as-you-go pricing with no minimum commitment means enterprises pay only for the network ports used and the data transferred out from AWS over the connection; data transfer into AWS is free of charge. AWS Direct Connect is available today in Virginia, and from this location, customers can connect to services in the AWS U.S.-East (Virginia) Region. Additional AWS Direct Connect locations are planned for the San Francisco Bay Area (San Jose), Los Angeles, London, Tokyo and Singapore in the next several months, Selipsky said. To get started using AWS Direct Connect, visit here.

Selipsky noted that AWS Direct Connect is a feature that might be interesting to customers like media companies who have large media files they want to distribute, among other types of customers. Selipsky added that all three pieces of the news announced Aug. 4 were driven by customer demand.

"By constantly releasing new services tailored for the global enterprise, AWS enables us to move more of our business into the cloud," John Herbert, executive vice president and CIO of Twentieth Century Fox, said in a statement. "For example, we currently use Amazon VPC for data with intellectual property, and the ability to put our Amazon VPC environments closer to both endpoint and origin will give us enormous advantages in how we distribute data and assets worldwide, supporting our global footprint."

Meanwhile, in the third part of its announcement, AWS has also added new functionality for AWS Identity and Access Management, or AWS IAM that enables "identity federation," or the ability for enterprises to use their existing corporate identities to grant secure and direct access to AWS resources without creating a new AWS identity for those users. This capability enables enterprises to programmatically request security credentials, with configurable expiration and permissions, which grant their corporate identities access to AWS resources controlled by that enterprise. To get started using identity federation in AWS IAM, click here.

Amazon VPC and AWS Identity and Access Management can be accessed via the AWS Management Console with console support for AWS Direct Connect coming later this year. To learn more about AWS resources for the enterprise, visit here.

"As the largest hotel company in the world with hotels in over 100 countries, our business requires us to operate with a global mindset," Scott Johnson, vice president of Enterprise Engineering at InterContinental Hotel Group, said in a statement. "By making Amazon VPC available in all AWS Regions and in multiple Availability Zones, we gain even more flexibility to deploy our applications in the cloud as we target markets around the world. With AWS Direct Connect, we can quickly migrate data to and from AWS with predictable low latency and high throughput, while avoiding expensive Internet bandwidth charges."

"AWS IAM has given us the confidence to better manage our risk in these environments with greater granularity," Twentieth Century Fox's Herbert added. "Additionally, we look forward to extending our enterprise capabilities with AWS Direct Connect, so that AWS can really be the -cost-avoidance, virtual data center' in our future."

"As part of our business-continuity planning, Haven Power wanted to consider innovative cloud-based solutions," said Paul Armstrong, business systems manager at Haven Power Ltd., which is part of the Drax Group, a U.K.-based electricity retailer. "We engaged Smart421, an AWS solution provider, to propose a cloud architecture that would meet our disaster recovery and back-up requirements, and we adopted their recommendation to use Amazon VPC as part of our overall solution. This allows us to mirror and extend our existing internal datacenter into the AWS cloud while retaining control of subnets, IP ranges and network security, and at the same time benefit from the inherent scalability, flexibility and consumption-based charging model that AWS provides."

Moreover, summing the announcements up, in a statement, Selipsky said: "As enterprises make the move to the cloud, many have leveraged Amazon VPC for workloads that they've wanted to manage using their existing management and security policies. With today's launch of Amazon VPC worldwide, AWS Direct Connect and the new IAM federated identity capabilities, enterprises have even more flexibility and control over deploying their workloads to the cloud. These capabilities provide even more privacy, and along with AWS's existing cloud services, allow enterprises to choose the environment that is best suited to each of their workloads."