Learn how CBT Nuggets, a provider of interactive learning experiences for IT professionals, adopted the Juniper Networks Transit VPC solution to simplify network management and improve developer productivity as their trainings evolved.
2. Scalability Security Global Footprint Cost-effectiveness
Network agility bolsters cloud agility
The benefits of cloud computing are well-proven
But your networking agility can enhance the degree at which you derive those benefits
3. Amazon
Virtual Private
Cloud
(Amazon VPC)
AWS Direct
Connect
Amazon Elastic
Load Balancing
Amazon
Route 53
Core networking offerings
AWS offers a wide variety of networking services, with four at the center:
53
4. Connect Amazon VPCs using a transit VPC
If you’re running multiple Amazon VPCs,
a transit VPC can simplify connectivity:
Connect multiple geographically dispersed and
cross-account Amazon VPCs and remote networks
Reduce on-premises configuration delays and
accelerate data transfers
6. Transit VPC capabilities on AWS
Leverage Virtual Gateway capabilities to maintain network
connections to the transit VPC network appliances
Connect remote networks to the transit Virtual Private
Network (VPN) appliances using dynamically routed VPN
connections
Implement more complex routing rules based on the
transit VPC design
Support any IP-based connectivity requirements with
minimal on-premises network changes required
7. Extend corporate
network to AWS
Shared
connectivity
Monitoring
and visibility
Private
networking
Move corporate applications
to the cloud, launch
additional web servers,
and/or add more compute
capacity to networks
Multiple Amazon VPCs can
share connections to data
centers, partner networks,
and other clouds
Transit VPCs help to
increase transparency
and enable the rapid
visualization of data
being transferred
Build a private network
that spans two or more
AWS Regions
Common transit VPC use cases on AWS
A data-driven rationale for cloud adoption
8. Build a transit VPC with AWS Marketplace offerings
ISVs in AWS Marketplace can help you design and implement a
transit VPC:
Find and deploy
the solution you
need in minutes
Save money with
pay-as-you-go
pricing
Scale globally
across all
AWS Regions
11. Feature-rich router and virtual firewall
Seamless L3 extension to AWS
Integrated VPN / advanced security
Consistent security across hybrid environments
Unified management and visibility
Simple, scalable, flexible licensing
Juniper Networks vSRX Next Generation Firewall
12. Key Capabilities
Hub-and-spoke topology securely
connects distributed environments
vSRX serves as a data flow hub
Inter-VPC traffic is secured with IDS,
IPS, and NGFW
Highly automated operations
Transit VPC
13. AWS CloudFormation template
Simplifies resource
provisioning and
management of the
transit VPC deployment
Makes deploying
new transit VPCs
quick, easy, and
repeatable
Allows you to
treat network
infrastructure
as code
14. Use case: enterprise global expansion
Unified policy and management
Unified threat and intrusion prevention
Advanced threat prevention
Secure connectivity
16. Supporting agile workloads with
security policies
Complying with regulatory requirements
Lateral threat propagation inside Amazon
VPC
SDSN adaptive security for AWS workloads
Challenges:
Instantiates and manages Amazon VPC specific vSRX
instances
Policy Enforcer supports meta-data based policies to
support agile workloads
vSRX access control (L3, L7 FW), IPS and threat
policies based on meta-data
AWS workload inventory and meta-data sync up with
Security Director
Threat remediation: infected AWS VMs quarantined
by placing them in specified AWS security group
Solution:
17. Better together
Unified
management
Lower
TCO
Carrier-class
routing
Extensive
programmability
Simple, intuitive
management for
enforcing and
monitoring security
across AWS and
hybrid networks
vSRX reduces your
resource
requirements, directly
translating
to lower
infrastructure costs
Single JUNOS® across
all platforms with
carrier-class routing
built in
Extensive
programming
capabilities are
critical to DevOps
deployment
Combined
security
Bolster security with
the combination of
native AWS services
and Juniper Networks
security and
enhanced routing
19. Founded in 1999
Based in Eugene, OR
Provider of innovative, online learning
experiences for IT professionals:
On-demand training videos, quizzes and
practice certification exams, virtual labs, online
Learner Community, and more
About CBT Nuggets
20. Rapid expansion of learning materials drove CBT
Nuggets to modernize its cloud architecture:
Before: Handful of local developers using a
monolithic setup
Now: 75+ global developers leveraging
CICD pipelines
This growth resulted in numerous developer
environments operating in their own Amazon VPC
CBT Nuggets evolution
21. New architecture leads to complex management
Manual processes depleted network agility
Lack of automation increased the risk of human error
CBT Nuggets’ new, modern architecture streamlined development,
but legacy routing solutions complicated network management
22. CBT Nuggets implemented a Juniper Networks
Transit VPC to simplify network management
and drive agility
With this solution, CBT Nuggets gained:
Dynamic routing
Next-generation firewall capabilities
Secure connectivity between resources
AWS + Juniper Networks solution