AWS Cloud WAN Intro and Fortinet Use Cases

AWS Cloud WAN Integration and Use Cases Yitao Cen Head of Product Marketing, APAC AWS Ambassador

Agenda AWS VPC Connectivity Options AWS Cloud WAN Intro AWS Cloud WAN Components Use Cases

VPC - Regional Construct AWS VPC Network Connectivity Options Key design considerations: Inter and Intra Region support Jumbo MTU support – Only Intra-region Selective vs Mesh (Compulsion) No Transit VPC peering Routing Control Lack of Centralised routing control Scalability and complexity. Default 25 and max 125 peering connections per VPC Cost 0.098 USD per GB (intra region, higher for inter-region) Mesh Selective Inter or Intra-Region Region

TGW - Regional Construct AWS VPC Network Connectivity Options Key design considerations: Inter and Intra Region support Jumbo MTU support Selective vs Mesh design Transit Routing support Routing Control. Centralised at TGW layer per region Scalable and complexity Tiered Hub and Spoke Topology Default 5 TGW adjustable. Default 5000 attachment Default 50 Peering attachment. Cost 0.02 USD per GB per region. Additional TGW+Attachment per hour cost. Inter or Intra-Region Connectivity Region Can we simplify multi region network further?

Cloud WAN – Global Construct AWS Cloud WAN Global WAN Network AWS backbone at Core Inter and Intra Region support Jumbo MTU support Bus Topology Transit Routing support Routing Control. Centralised at Cloud WAN. Scalable and complexity Tiered Hub and Spoke with Bus Topology Default 5+ Global WAN. Default 40 Segments Default 5000+ attachment. Default 50+ TGW Cost 0.02 USD per GB per region Additional Attachment and CNE per hour cost.

Cloud WAN AWS Cloud WAN Key Components: AWS Network Manager Global Network Container Inventory Topology view Topology Graph AWS Cloud WAN Core Network (Global Network list) Network as a Policy Segmentation Visualization Deploy at scale

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Core N/W Edge Per Region

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Segments – Global Regulatory Compliance spread Isolated Specific permissions Static Routes Allow All Allow Selected Regulatory Compliance Deny Selected Segment 1 Segment 2 Shared Segment Cloud WAN Network Manager Region 1 Region 2 Core N/W Edge Core N/W Edge TGW Segment

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Segments – Global Regulatory Compliance spread Isolated Specific permissions Static Routes Allow All Allow Selected Regulatory Compliance Deny Selected

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Attachment Types VPC Connect TGW Route Table Peering dependent VPN Peerings TGW Direct Connect through TGW Segment 1 Segment 2 Shared Segment Cloud WAN Network Manager Region 1 Region 2 Core N/W Edge Core N/W Edge TGW Segment

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Attachment Types VPC Connect TGW Route Table Peering dependent VPN Peerings TGW Direct Connect through TGW

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Core Network Policy IaaC based Version Control Policy Types Core Network (region/ASN) Segment Intra Segment Segment Action Sharing Attachment Automation Policy id prioritization Tagging/Meta-data Routing Simplification Per region per TGW per attachment route tables vs Per Segment Segment 1 Segment 2 Shared Segment Cloud WAN Network Manager Region 1 Region 2 Core Network Policy Core N/W Edge Core N/W Edge TGW Segment

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Core Network Policy IaaC based Version Control Policy Types Core Network (region/ASN) Segment Intra Segment Segment Action Sharing

Cloud WAN AWS VPC Network Connectivity Options Key Components: Global Network Container Attachment Automation Policy id prioritization Tagging/Meta-data Routing Simplification Per region per TGW per attachment route tables vs Per Segment

Use Cases

Consistent Security & Network posture Use Case 1: Globally Distributed App Security Consistent Security and Network Posture Network Control CM Network Team ownership Simplified routing control Per Segment globally Automation of attachment Use CI/CD or AWS landing Zone to force compliance Security Control Segment/Isolate environments Cross region consistency AWS Well Architected framework Security Pillar FOS Infra modelling approach Cross Region Failover simplification Ingress/Egress/E-W

Improved Business Continuity and User Experience Use Case 2: Optimised App Access with Fortinet SDWAN & AWS Cloud WAN Faster App Access with Cross Region App deployment Cross Region App Access Lower latency More resilient Fortinet SDWAN fabric cross region Centralised Routing cross region

AWS Cloud WAN Intro and Fortinet Use Cases

About This Presentation

Slide Content

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

AWS Cloud WAN Intro and Fortinet Use Cases

About This Presentation

Slide Content

Slide 1

Slide 2

Slide 3

Slide 4

Slide 5

Slide 6

Slide 7

Slide 8

Slide 9

Slide 10

Slide 11

Slide 12

Slide 13

Slide 14

Slide 15

Slide 16

Slide 17

Slide 18

Tags

Categories

Download

Quick Actions

Statistics

Related Slideshows

Pray For The Peace Of Jerusalem and You Will Prosper

Don_t_Waste_Your_Life_God.....powerpoint

VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf

Fertility awareness methods for women in the society

Chapter 5 Arithmetic Functions Computer Organisation and Architecture

syakira bhasa inggris (1) (1).pptx.......