How To Use Transit Gateways To Monitor Traffic

Uploaded on 2021-10-12 in FREE TO VIEW, BUSINESS-Services-IT & Telecoms

Amazon Web Services ( AWS) cloud network connectivity is something many businesses have begun using, as it allows them to create run different network architectures. It has made migration of on premises services to the cloud a lot easier overall. 

In the past, businesses would need to use Virtual Private Cloud (VPC)  peering or Transit VPCs to create a system that allowed for connectivity between between on site centers and applications running in the cloud. This wasn't scalable though, and didn't allow for increased connectivity. 

Transit gateways are a new way of managing traffic through different VPCs and AWS accounts, making it a lot easier to use. Here's how the system works. 

What Is A Transit Gateway?

A transit gateway is a hub that connects up VPCs and on premises networks. It can support all kinds of attachments, from VPCs to VPN connections, SD-WAN network appliances, and AWS gateways too. 

There are several features a network gateway can offer you, so they're worth looking into:

Availability zone: A VPC attachment will create a network interface in the Availability Zone. When this has been enabled, you can use any subnet to route traffic through the transit gateway. 

Routing: You can handle complex routing needs with a transit gateway. You can have both dynamic and static routing tables, according to your needs. Static routes and black hole routes are available to uses, when you need to isolate attachments from each other. 

Inter region peering: Using an inter region attachment, you can peer transit gateways in different regions. This allows you to create global networks and take advantage of low latency communication, essential when your business is spread across different regions. 

Cross account connectivity: An AWS resource access manager can be used to share a transit gateway, and control communication between accounts. 

On premises connection: As a user, you can connect to the transit gateway by using a direct connect gateway. That allows you to connect while being on premises. It also allows for the creation of a backup, if needed. 

Multicast communication: A multicast protocol will allow you to deliver a single stream of data to several hosts at the same time. This is something that's highly useful in several fields, such as those working in video transcoding on the financial fields. 

How To Put Together Transit Gateway Topologies

One of the best things about a transit gateway is that there are lots of different ways you can use them, so you can create topologies according to your needs. Here are some examples you can use. 

Centralized router: This is one of the simplest ways to use a transit gateway. The gateway is used as a centralized router, which connects all attached VPCs, direct connects and so on. This allows all attachments to route packets to each other, and support transitive connectivity. 

Isolated VPCs: There are two different ways you can set up this topology. Firstly, you can use an isolated VPC with shared services. This gives you the addition of a shared services VPC. Each VPC can connect to on site services, but not each other. The other way is to use a peering transit gateways topology. The transit gateways used in different regions are peered together, allowing them to route traffic between them. You can also route traffic from an on site location to VPCs in different regions. 

Appliance shared services VPC: You can use this topology to host an appliance in a VPC, and have all your traffic routed through it. This is a good way to monitor traffic that's being used this way. 

Centralized outbound routing: This allows you to set up all outbound routing to go through a centralized VPC with an internet gateway attached. With this, you won't need an internet gateway for any other VPC that you use. This is often used for enterprise grade deployments. 

There are all kinds of ways you can use a transit gateway in your business. They allow you to change up your network in accordance with your needs, and allow for much easier working. They also help increase connectivity between on premises and cloud based systems. With all this information, you are now in a position set up a network that works for you. 

Emily Henry is a professional writer currently working with Dissertation Abstract UK writing service.

You Might Also Read: 

Incident Response In The AWS Cloud:

 

« Google’s DeepMind Faces Legal Action Over Data Misuse
Russian Cyber Security Chief Charged »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Continuity Shop

Continuity Shop

Continuity Shop provides training and consultancy in Business Continuity and Information Security to some of the world's biggest organisations.

Oodrive

Oodrive

Oodrive is the first trusted European collaborative suite allowing users to collaborate, communicate and streamline business with transparent tools that ensure security.

Clearswift

Clearswift

Clearswift is trusted by businesses, governments and defense organizations globally for its Adaptive Cyber Security and Data Loss Prevention solutions.

Guardsquare

Guardsquare

GuardSquare is the global reference in mobile application protection. We develop premium software for the protection of mobile applications against reverse engineering and hacking.

NewGens

NewGens

NewGens is a solution and service provider to banking institutions in the APAC region. Areas of expertise include cybersecurity, AML, fruad prevention, compliance and risk management.

Granted Consultancy

Granted Consultancy

Granted Consultancy is a business consultancy that specialises in securing funding to support companies with the development and commercialisation of new and innovative products and technologies.

LogicHub

LogicHub

LogicHub is built on the principle that every decision process for threat detection and response can and should be automated.

Precursor Security

Precursor Security

Precursor Security are information security specialist, delivering all aspects of Security testing, Cyber Risk Management, and Continuous Security Testing.

Imprivata

Imprivata

Imprivata is the digital identity company for life- and mission-critical industries, redefining how organizations solve complex workflow, security, and compliance challenges.

Zama

Zama

Zama - pioneering homomorphic encryption. We believe people shouldn't care about privacy. Not because it doesn't matter, but because it shouldn't be an issue!

Exodata

Exodata

Exodata is a French digital services company specializing in the outsourcing of IT Systems and solutions.

Pixee

Pixee

Pixee fixes vulnerabilities, hardens code, squashes bugs, and gives engineers more time to focus on the work that counts.

BlackSignal Technologies

BlackSignal Technologies

BlackSignal Technologies provides cybersecurity, digital signal processing and electronic warfare products to help DOD and IC agency customers counter near-peer threats and security challenges.

Terra Security

Terra Security

Terra Security is the first agentic-AI platform built for web application penetration testing.

ALSO Group

ALSO Group

ALSO is one of the leading technology providers for the ICT industry currently active in 31 countries in Europe and in many countries worldwide via PaaS (Platform as a Service) partners.

Enaviya Information Technologies

Enaviya Information Technologies

Enaviya offer a comprehensive set of manual and automated software testing services adhering to standard quality assurance for best practices and processes.