image
Amazon VPC IPSec VPNs - Review

Contents

Understanding Direct Connect, Implementation and Configuration
2
Why Direct Connect?
PREVIEW4m 19s
5
Summary
5m 25s
Understanding AWS Direct Connect - Connectivity Options
10
Summary
7m 3s
Securing Network Connectivity with Encryption
Examining AWS Routing
19
AWS Default Routing
PREVIEW3m 42s
AWS Transit Gateway
Start course
Difficulty
Advanced
Duration
2h 40m
Students
313
Ratings
4.7/5
starstarstarstarstar-half
Description

In this section of the AWS Certified Advanced Networking - Specialty learning path, we introduce you to the various tools, technologies, and services used to connect on-premises environments to the AWS Cloud, including Direct Connect and VPNs.

Learning Objectives

  • Identify and describe how Direct Connect and VPNs are used to connect on-premises environments to the AWS Cloud
  • Describe advanced AWS Direct Connect connectivity scenarios, including when to leverage Public, Private, and Transit Virtual Interfaces (VIFs)
  • Understand routing fundamentals for static and dynamic routing in AWS along with industry-standard routing protocols such as Border Gateway Protocol (BGP)
  • Describe how to use encryption to secure traffic as it travels across VPNs and Direct Connect connections

Prerequisites

The AWS Certified Advanced Networking - Specialty certification has been designed for anyone with experience designing, implementing, and operating complex AWS and hybrid networking architectures. Ideally, you’ll also have some exposure to the nuances of AWS networking, particularly regarding the integration of AWS services and AWS security best practices. Many exam questions will require advanced level knowledge of many AWS services, including AWS networking services. The AWS Cloud concepts introduced in this course will be explained and reinforced from the ground up.

Transcript

Before we finish, let's do a quick review of what we've learned. We gained an understanding of core IPsec security and networking concepts. We learned about IPsec protocol suite. We learned about Authentication Header and the Encapsulating Security Payload. We learned about Transport Mode versus Tunnel Mode. We provisioned and created an IPsec VPN between two VPCs using Static Routing. We provisioned and created an IPsec VPN between two VPCs using Dynamic Routing leveraging BGP and Route Advertisements. As a reminder, cloud formation templates used within the demonstrations are hosted online at CloudAcademy's public GitHub repository. Thank you for your participation. I do hope you enjoyed this course on VPC VPNs and the IPsec. Feel free to send any feedback and/or questions to support@cloudacademy.com, or alternatively you can always get in touch with us here at CloudAcademy using the Community Forum, where one of our Cloud Experts will reply to your question.

About the Author
Students
134015
Labs
69
Courses
111
Learning Paths
191

Jeremy is a Content Lead Architect and DevOps SME here at Cloud Academy where he specializes in developing DevOps technical training documentation.

He has a strong background in software engineering, and has been coding with various languages, frameworks, and systems for the past 25+ years. In recent times, Jeremy has been focused on DevOps, Cloud (AWS, Azure, GCP), Security, Kubernetes, and Machine Learning.

Jeremy holds professional certifications for AWS, Azure, GCP, Terraform, Kubernetes (CKA, CKAD, CKS).