Aviatrix Answers

What to look for when creating secure, auditable peering within AWS VPCs?

Key Concepts
1 minute read

Why does it matter?

  • There is a need for application segmentation depending on security rules, business units, cost centers and mission criticality. Thus, smaller VPCs are preferred. This leads to a comprehensive connectivity requirement across VPCs.
  • There is a need for central security enforcement that implements firewall policies for cross VPC traffic.
  • There is a need for enterprise grade encryption based on private keys when communicating across VPCs.

What to look for?

  • For maximum cloud infrastructure agility, there is a need for orchestration of connectivity, route table updates, and firewall policies and active monitoring.
  • Should be able to use non-shared keys for encryption.
  • Should be able to visualize and log packet statistics for mission critical application traffic.
  • Should be able to monitor and alert on peering status.
  • Should be easy to troubleshoot with advanced capabilities like packet capture.

How can you implement this using Aviatrix: http://aviatrix.com/solutions/aws/#inter-region-peering