IN28MINUTES

AWS VPN vs AWS Direct Connect vs Software VPN vs CloudHub - AWS Certification Cheat Sheet

Sep 21, 2020
1 minute read

Let’s compare the options to connect AWS network with your corporate network - AWS VPN vs AWS Direct Connect vs Software VPN vs AWS VPN CloudHub from an AWS certification perspective.

You will learn

  • What is AWS VPN?
  • What is AWS Direct Connect?
  • What is Software VPN?
  • Comparison - AWS VPN vs AWS Direct Connect vs Software VPN vs AWS VPN CloudHub
  • When do we use - AWS VPN vs AWS Direct Connect vs Software VPN vs CloudHub?

AWS and On-Premises - Overview

  • AWS Managed VPN
    • IPsec VPN tunnels from VPC to customer network
  • AWS Direct Connect (DX)
    • Private dedicated network connection from on-premises to AWS

AWS Managed VPN

  • IPsec VPN tunnels from VPC to customer network
  • Traffic over internet - encrypted using IPsec protocol
  • VPN gateway to connect one VPC to customer network
  • Customer gateway installed in customer network
    • You need a Internet-routable IP address of customer gateway

AWS Direct Connect (DC)

  • Private dedicated network connection from on-premises to AWS
  • Advantages:
    • Private network
    • Reduce your (ISP) bandwidth costs
    • Consistent Network performance because of private network
  • Connection options:
    • Dedicated: Dedicated 1 Gbps or 10 Gbps network connections
    • Hosted: Shared 50Mbps to 10 Gbps network connections
  • (REMEMBER) Establishing DC connection can take more than a month
  • (REMEMBER) Establish a redundant DC for maximum reliability
  • (REMEMBER) Direct Connect DOES NOT encrypt data (Private Connection ONLY)

AWS Direct Connect Plus VPN

  • IPsec Site-to-Site VPN tunnel from an direct connect location to customer network
  • Traffic is encrypted using IPsec protocol

Software VPN

  • Provides flexibility to fully manage both sides of your Amazon VPC connectivity
  • Run software VPN appliance in your VPC
  • Recommended for compliance - You need to manage both sides of connection
  • Recommended when you use gateway devices which are not supported by Amazon VPN solution
  • You are responsible for patches and updates to Software VPN appliance
  • Software VPN appliance becomes a Single Point of Failure

AWS VPN CloudHub

  • Use either VPN or AWS Direct Connect to setup connectivity between multiple branch offices
  • Operates on a simple hub-and-spoke model
  • Uses Amazon VPC virtual private gateway with multiple gateways

Certification - Recommended Reading

Cloud Certifications - AWS, Azure and Google Cloud - Top 8 FAQ For Me

Google Cloud For Beginners - How to choose a Database Service?

Teaching Cloud Certifications - Top 6 Learnings

Google Cloud For Beginners - How to choose a Compute Service?

Important Kubernetes Concepts Made Easy

Introduction to Google Cloud - For AWS Professionals

Getting Started with Docker - 5 Easy Steps

GCP PubSub - GCP Certification Cheat Sheet

GCP IAM - GCP Certification Cheat Sheet

GCP App Engine - GCP Certification Cheat Sheet

WHAT NEXT?

Congratulations on reading this article!

Wondering what to learn next?

MY RECOMMENDATIONS

Keep Learning Every Day

Check Out Our Amazing ROADMAPS