Extending Enterprise Networking and Security to AWS

Posted: April 4, 2017 by sullivg2

I’m living in a new world now, having moved to Juniper networks a few months back. Though I now work for a networking company, my mind still tends to think like a cloud guy. My new role has also opened up my eyes to some specific challenges that network teams now face as their companies are moving more and more workloads to the public clouds.

I’ve witnessed the following scenario multiple times in my career as a cloud consultant:

Imagine you are a networking professional proficient in Juniper or Cisco technologies. You or your company has spent thousands of dollars and countless hours on certifications and training on the aforementioned vendor’s training to ensure that you can can confidently manage your company’s network. New software projects are now being pitched and funded by new business units like Marketing. Marketing works with ops to determine that AWS is the best candidate to host this new application which has to interact with existing back end systems that reside in your corporate data centre. You are now brought into the mix, and you need to figure out how to stitch together the network to deliver the required functionality of the app.

Now, AWS has done a pretty good job of simplifying how to build and manage virtual private cloud’s (VPCs) – but there is still a learning curve, and new technologies for you to manage.

You could starting digging into the Amazon VPC documentation to learn this new style of networking from scratch – or you could explore the availability of your networking vendor of choice’s technology in the AWS Marketplace. This could be a way to reduce time to production, avoiding the learning curve of AWS networking and a way to extend your enterprise grade networking functionality from your own data centre into the public cloud

In the example of Juniper Networks – they allow AWS customers to spin up their vSRX and vMX as an Amazon Machine Image (AMI) right into your Amazon VPC. The vSRX can be deployed and used as:

  • A firewall between other EC2 instances on your VPC and the Internet
  • A VPN endpoint between your corporate network and your VPC
  • A firewall between EC2 instances on different subnets

If you’ve been the networking person mentioned above, please feel free to comment below. I’d love to hear your perspective.

For more information check out Juniper’s documentation on “Understanding vSRX with AWS.”

Additional resources:

AWS Marketplace: vSRX Services Gateway (BYOL)

AWS Marketplace: vMX Virtual Router (BYOL)

No Comments

Leave a Reply