The general purpose computing and storage environment of Amazon Web Services integrates perfectly into your existing ecosystem. Join customers who have taken advantage of this environment in parallel to their on-premise infrastructure to hear tales, tips, and tricks of best practices of integrating AWS with existing resources securely using services such as Amazon Virtual Private Cloud, AWS Direct Connect, and AWS Storage Gateway.
10. Request
Approvals
Hardware
acquisition/VM
capacity allocation
Ticket queuing
Provisioning
Configuration
Corporate Data
Center
Availability
Requirements can take a long time to fulfill
15. Project X
Potential impact: LOW
Cost of infrastructure: HIGH Project Z
Denied Potential impact: LOW
Cost of infrastructure: LOW
Approved
Project Y
Potential impact: HIGH
Corporate Data
Cost of infrastructure: HIGH Center
Denied
Cost of infrastructure can inhibit innovation
48. Public EC2 Virtual Private Cloud
Inbound Only Inbound and Outbound
TCP, UDP, ICMP only Any Internet Protocol
Assigned at launch or when
Assigned at launch
stopped
Modify anytime Modify anytime
49. Public EC2 Virtual Private Cloud
Dynamic or Static Private IP
Dynamic Private IP
Address
Dynamic Public IP None by default
Optional Static Public IP
Optional Static Public IP (EIP)
(EIP)
AWS provided public DNS lookup
AWS Provided public &
server & Customer controlled DNS
private DNS names
options
74. Gateway stored Gateway cached
volumes volumes
Data stored locally Data stored in S3
Asynchronous backup Recently read data cached
EBS snapshots Low latency
iSCSI local interface iSCSI local interface
Up to 1TB volumes Up to 32TB volumes
76. “…AWS seemed to be the best solution
available to allow a small, independent
company to rapidly develop and test a
completely new infrastructure, and host
it.
We also loved the flexibility that AWS
allowed us, when spinning up smaller
test environments, for beta trials, QA,
localization, and during development.
The low initial cost was also crucial.”
Alex Evans, CTO
101. EU region DR site for range of business applications
All running in a Virtual Private Cloud (VPC)
DR provision for applications dependent on Oracle and SQL Server
databases
Includes DR for Active Directory and Windows file shares
102. On-premise On-premise
Data Centre A Data Centre B
Internet AWS Direct Connect
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
S3 Buckets
with Objects
103. On-premise On-premise
Data Centre A Data Centre B
Dual route
connectivity
Internet AWS Direct Connect
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
S3 Buckets
with Objects
104. On-premise On-premise
Data Centre A Data Centre B
Active Directory
Replication
Internet AWS Direct Connect
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
S3 Buckets
with Objects
105. On-premise On-premise
Data Centre A Data Centre B
Bastion Internet AWS Direct Connect
Host
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
S3 Buckets
with Objects
106. On-premise On-premise
Data Centre A Data Centre B
Internet AWS Direct Connect
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Database
replication
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
S3 Buckets
with Objects
107. On-premise On-premise
Data Centre A Data Centre B
Internet AWS Direct Connect
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Application images
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
S3 Buckets
with Objects
108. On-premise On-premise
Data Centre A Data Centre B
Internet AWS Direct Connect
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
Desktop
environments
S3 Buckets
with Objects
109. On-premise On-premise
Data Centre A Data Centre B
Internet AWS Direct Connect
Active
Directory
Bastion Host SmartSentinel
Client-to-site VPN Site-to-site VPN Proxy Server
VPC Subnet A VPC Subnet B VPC Subnet C
Remote File
Desktops Applications Databases
Servers
VPC Subnet D VPC Subnet E VPC Subnet F VPC Subnet G
Availability Zone
Region
Durable data
backups
S3 Buckets
with Objects