Amazon has launched a new endeavor that integrates traditional IT infrastructure with its EC2 cloud service. Amazon Virtual Private Cloud allows IT to connect to an isolated set of AWS resources to a data center using a VPN connection. Minus all the acronyms, that means that Amazon has created a hybrid cloud that can work securely for the enterprise, balancing the need for encryption with the low cost and scaling power that the cloud provides.
Amazon VPC provides an avenue for enterprises to more comfortably link up their infrastructure with the cloud. For Amazon, it’s an endorsement of the hybrid approach, but it’s also meant to combat the growing interest in private clouds. VPC is currently in limited beta (you can apply here) and doesn’t work with the S3 cloud storage service or any other parts of AWS.
The Specs
In a blog post about VPC, Amazon CTO Werner Vogels admitted the problems the company has faced when it comes to enterprise adoption of their cloud services. VPC is clearly an attempt to dispel the very legitimate fears that exist when it comes to the cloud. Here’s how it works in practice:
First a VPC is created and assigned an IP block, one which allows only those addresses that your enterprise wants to use to access. The VPC is divided up into subnets, with the maximum being 20 unless you request more.
Next a VPN connection is made between the gateway and an IPSec-based router you host. Traffic is then configured to flow so that the IP block is applied to the VPN connection. Once you’ve got a VPN with an IP block up and running, any AWS resources assigned will be subject to regular enterprise firewall and routing policies.
Attacking the Private Cloud Head-on
Vogels spent more than little effort in his post attacking the idea of the private cloud. Before he even got into how VPC worked, he paused to assert that private clouds lack the elasticity of Amazon’s services, bluntly declaring, “I don’t think of them as true clouds.”
Amazon would surely have worries without the idea of private clouds being shopped about, but it definitely doesn’t help for enterprises to throw up their hands in vain and try to create their own miniature versions of public cloud computing services. VPC is really a compromise for Amazon that acknowledges the attraction that private clouds have for the enterprise.
A Hybrid Cloud
Amazon is basically creating a hybrid cloud, one that uses some of the standard enterprise encryption methods. It seems they’re not alone either. Recently many companies have been testing the waters when it comes to this approach, with Microsoft and EMC partnering as well as IBM with Juniper Networks.
There have even been companies that have attempted to beat Amazon to the punch by offering VPN overlays to EC2, such as Cohesive’s VPN-Cubed. It seems that Amazon has seen the light when it comes to enticing enterprises to the cloud. VPC is recognition that a mixed strategy that improves security, not a miraculous shift in enterprise IT culture, is the way forward.