There's a new bridge to Amazon's clouds. Amazon Web Services (AWS) announced Wednesday the availability of its virtual private cloud (VPC), which it said provides "a secure and seamless bridge between a company's existing IT infrastructure and the AWS cloud."
Using the VPC, an enterprise can connect its computing infrastructure to isolated computing resources at Amazon via a virtual private network (VPN) that includes security services, firewalls and intrusion-detection systems.
Pay for Resources Used
Currently, the Amazon VPC integrates with the company's EC2 computing services, and it will migrate to support other AWS services at some point. EC2, the abbreviation for the Amazon Elastic Compute Cloud, provides expandable computing capabilities in the cloud.
As with AWS, users pay only for resources used, with no minimum or start-up charges.
Andy Jassy, AWS senior vice president, said as enterprises increasingly use cloud computing, they want to integrate seamlessly with their existing IT structure and "use the security and management controls that their IT teams already know."
AWS customers can utilize isolated cloud-based computing resources as if they were part of their own data center, using an encrypted IPsec VPN connection. With a few API calls, the IP address range can be chosen, the isolated network created, and EC2 instances launched.
Users can then create a VPN to connect those services to their own computing resources. Any traffic in the cloud heading for the Internet is sent over the VPN, and must traverse the user's own security protections before continuing to the open Net.
Private Cloud 'Still Evolving'
For users inside the enterprise, the AWS cloud resources are transparently available as if they were within their own IT infrastructure.
Amazon pointed to major customers who are currently using AWS securely between internal resources and Amazon resources. They include Intuit, Citrix Systems, and CA. Pharmaceuticals giant Eli Lilly said in a statement accompanying the announcement that it seamlessly integrates with AWS, "all without cumbersome configuration or management hassles."
AWS also announced Wednesday multi-factor authentication (MFA), which provides additional ways for customers to manage AWS accounts. One feature is that MFA requires a second piece of information to validate a user's identity before changes are allowed to an AWS account. This includes a code derived from a six-digit, rotating physical device that the customer has.
Al Hilwa, a program director at industry research firm IDC, said the "concept of a private cloud is still evolving," but he noted that Amazon has "been a leader in this whole area."
They're on the right track, he said, to provide "a higher level of security within a cloud," which makes it an attractive model for many companies. But, he noted, there are still things to work out for these kinds of arrangements, such as portability, standardization of APIs, long-term guarantees of data protection, mechanisms for regulatory compliance, and other areas.