Network Security in AWS

AWS Security and Cost Management Concepts

Dev Bhosale

Principal Data & Cloud Architect

Networking basics

  • A subnet contains multiple devices
  • A network consists of multiple subnets
  • A router routes traffic between networks using routing tables

Networking basics showing multiple subnets creating a network. A router links multiple networks together

AWS Security and Cost Management Concepts

Virtual private cloud

Components of a basic VPC

A VPC containing subnets, route tables, a firewall, and a DNS

AWS Security and Cost Management Concepts

VPC security

Five steps to securing networks in AWS

  • Subnet design
  • Network Access Control Lists
  • Firewall and WAF
  • Security software

The five steps of securing a VPC

AWS Security and Cost Management Concepts

NACL, firewall, and WAF

Feature AWS Firewall NACL AWS WAF
Scope Regional or VPC-level Subnet-level Application-level
Statefulness Stateful Stateless Stateful
Default Rules Managed rules available Deny unless allowed Allow, block, or count based on rules
Cost Charged per usage No additional cost Charged per request & rules
Best for High-level security control Broad network control Protecting web applications
AWS Security and Cost Management Concepts

AWS Marketplace

AWS marketplace uses: broad product selection, fast procurement, easy deployment

AWS Security and Cost Management Concepts

Let's practice!

AWS Security and Cost Management Concepts

Preparing Video For Download...