Amazon Virtual Private Cloud Reviews

Amazon EKS and a few particular services are used with the help of Amazon Virtual Private Cloud in our company. In our organization, we have a few dedicated services on Amazon Virtual Private Cloud.

The most valuable features of the solution stem from the security groups it provides. Network access control is also a beneficial feature of the product. With the security group as a part of Amazon Virtual Private Cloud, users can access any particular URL or IP address to which access has been assigned. The benefits provided by the product include enhanced security features along with customizable policies that can be adapted or changed whenever required.

From an improvement perspective, the product's initial setup phase should be easy for those who are not experienced in creating VPCs.

I have experience with Amazon Virtual Private Cloud.

Stability-wise, I rate the solution a ten out of ten.

Scalability-wise, I rate the solution a nine to ten out of ten.

The product's initial setup phase is easy if you have a certain amount of experience in creating VPCs.

In our company's cloud architecture, we have two Amazon Virtual Private Clouds used in multiple regions. Amazon Virtual Private Cloud also has multiple subnets, consisting of four public subnets and four private subnets. In public and private subnets, my company has multiple services. Our company's main database is maintained in the private subnet. The normal services are used on the public subnet. An internet gateway is present on a public subnet. If my company needs to access any data from the public subnet, we can use the internet gateway and access any services we want. If my company wants to access any database, then we will have to maintain it on the private subnet. In our company, we have to attach the NAT gateways to the public subnet. Within those NAT gateways, we can access the data in private subnets.

Scaling resources is not a part of Amazon Virtual Private Cloud. Resources would be a part of the services available in subnets.

In subnetting, that is, public subnets and private submits. Public subnets have internet access. Users can access any kind of data from the public subnet with the internet. In private subnets, users don't have any internet access. If you need to access data on the internet from private subnets, you can use NAT gateways.

It is easy to deal with the setup process of network ACLs and security groups in Amazon Virtual Private Cloud.

In terms of the integration of AWS services with Amazon Virtual Private Cloud, most of the services in our company are created inside Amazon Virtual Private Cloud. For any of the services that we use in our company, we select Amazon Virtual Private Cloud. My company has the option to choose the product's default and dedicated version, and we choose the dedicated Amazon Virtual Private Cloud. Whatever we use or create in our company is assigned to the dedicated Amazon Virtual Private Cloud chosen by us.

I recommend the product to others who plan to use it.

My company deals with many Amazon Virtual Private Clouds available in multiple zones. If we need to access data in an Amazon Virtual Private Cloud from a separate Amazon Virtual Private Cloud, the company can use VPC peering to connect them.

I rate the tool a nine out of ten.

Based on processing data, we find VPC is very important. Every network is isolated from the outside and private as well. 

Our plan involves the provisioning of a private network using a VPC. In this process, we will distinctly segregate private and public components. This includes the creation of private subnets and the integration of services such as Amazon RDS. The implementation of databases, be it for work or other purposes, will occur within these private subnets.

This configuration is designed to cater to various stakeholders—clients, the public, users, and applications. This architectural approach extends beyond public communication.   

So communicating could be within applications and via Net Gateway, or we will use some VPC endpoint as well. So this could be an architecture.

Benefits are like easy to implement, and then it could be cost-saving. And then my clients give a lot of features in that VPC. And then they're giving a lot of security as well for the VPC level. So this could be a benefit for the clients and me.

This solution is valuable to me because it gives me some security level, and it easy to implement as well.

There is room for improvement in UI. 

I have been using this solution for six years.

It is a stable solution. I didn't face any downtimes.

It is easy to scale up and scale down. It is a scalable solution. We can scale it according to our requirements. 

We are working on the VPC level, at that time, we can only able to fix that in, like, 30 days of logs, but we need up to 60 days. So, we raised a ticket to the AWS product. So they gave a solution.

Neutral

I have used GCP. Its console is more user-friendly and could be easier to implement.

For GCP, they have a firewall and then a virtual network. So, we can build a virtual network more easily compared to AWS. 

Also, they provide a lot of security, GCP. Also, they play an important role in the public cloud. 

But for me, I can go with AWS and GCP, both.

At a basic level, you need one VPC. In that, you need to implement private blocks. And then, based on your criteria, whether you are working in public or private, you need to create a subnet, including private or public. And then, based on your requirement, whether the VPC is appearing between them or you're only working on one VPC event, it could be more than enough to create a subnet. 

And then, based on the client level, you can implement the database in private and then apply it in public.

One person with capable knowledge can implement the solution. The time taken for deployment depends on the requirement. 

For example, at a single application level, it took only one hour. However, at the enterprise level, it can take a week. 

There is no maintenance required. AWS takes care of the maintenance. That's another benefit people go with AWS.

VPC is a free cost, and then subnet also is a free cost. So the only cost could be for the resources we implemented in that. 

That could be a cost for me.

First of all, try to study the CCNA and then try to understand the network flow, then study TCP and UDP protocols, and try to understand the OSI model. So, this could be very basic to understand the network traffic. So whether anything happens at this level, you'll be fully able to know what could be happening.

Overall, I would rate the solution a ten out of ten. 

Our company uses the solution to provide virtual private clouds for customers. It is the heart of AWS because it is the networking part of cloud services that includes a private subnet, public subnet, and private gateway. The solution represents everything from the network perspective. 

Within the solution, you create the network environment that includes provisions, services, the DB, the EKS, and zones. You set inbound and outbound traffic services. You enable security features and firewalls that are used by the solution. 

It is very easy to provision VPCs and build networks. 

The solution could have tighter security for traffic. 

I have been using the solution for four years. 

The stability is very good so is rated a ten out of ten. 

The scalability is good so is rated a ten out of ten. 

Technical support is highly supportive so is rated a nine out of ten. 

Positive

The setup is a little bit difficult. After creating the VPC, you have to create subnets based on your requirements for private or public. Then you have to create everything else including the NAT gateway. The final step is to configure both gateways for private and public subnets. The overall creation process takes about 40 minutes.  

The entire concept is networking. You have to figure out what things are important and create bridges. 

For example, one person with Vodafone services in the UK places a call to another person in India. The country and regional VPCs are in place and it takes permissions to cross them. The call's TCP response goes to the UK servers and the call is dialed using the VPC in the UK. It then hits the VPC in India where it is verified, pushed to the mobile network servers, and is rings through. 

Because the setup has complex steps, it is rated a four out of ten. 

We implement the solution for customers. 

The solution's pricing is on the higher side so is rated a five out of ten.  

The solution is a very, very good product and the heart of everything. I rate the solution a ten out of ten. 

We use the tool for networking purposes. It helps us to establish connections between machines and various components within a company's infrastructure. Specifically, the product serves as our account's core infrastructure component or our applications' cloud infrastructure. Through it, we can facilitate communication between different applications and expose them to external access when needed.

One important tool we use is Transit Gateway, which helps connect different parts of our network. We also use Internet Gateways, NAT Gateways, and Route Tables to ensure our applications run smoothly on AWS. While most people use these basics, some specialized tools, like Transit Gateway, are useful for specific needs.

The tool's most valuable feature is Transit Gateway. Security groups are like basic shields for your EC2 instances or virtual machines. They're the first line of defense, keeping your machines safe. Security groups are like bread for breakfast - a basic necessity for your instances to be secure.

The Amazon VPC subnetting feature allows you to divide your virtual network into different allocations, creating public and private subnets. This enables you to designate which machines belong to the public or private subnets. The crucial factor is the route table associated with each subnet, containing routing rules determining whether the subnet is public. Subnetting is essential for networking and is widely used regardless of whether you use AWS. It's a straightforward concept that requires understanding its usage.

Network ACLs are positioned outside your subnet and control traffic entering or leaving the subnet. They operate at the subnet level and can block specific IP addresses or port numbers from accessing the subnet.

On the other hand, security groups are applied at the instance level within the subnet. They regulate traffic to and from EC2 instances or virtual machines and determine which IP addresses and port numbers can communicate with the instances.

Integrating the tool with other AWS services was quite easy for me. AWS provides clear documentation on integrating one service with another, so I didn't find it difficult.

I recently worked on Transit Gateway, which connects multiple VPCs in one account and enables communication between them. However, I found the documentation unclear, possibly because few people encounter this situation. I figured it out and implemented it, but it required some research. Most people prefer using infrastructure as code rather than the UI for AWS tasks. However, the documentation may not always be up to date. 

I haven't encountered any issues with the tool's stability. 

Scaling resources isn't a concern for us when using Amazon VPC. With Amazon VPC, managed by AWS, scaling happens automatically. We don't need to stress about CPU or memory, as AWS handles scaling based on our network's needs. So, we do not need to worry about scaling up; it's all taken care of by AWS.

Unlike other services where you might need to consider scaling your application or service, with Amazon VPC, scalability is entirely managed by AWS. It's like creating a network adapter that can scale on its own without you needing to worry about CPU, memory, or utilization. AWS handles scaling automatically, and in my experience over the last ten years, I've never encountered scalability issues. Any issues that arose were typically due to specific account use cases or data center problems rather than scalability issues.

As an AWS account manager in my previous roles, I used to have weekly calls with them to improve our account. My experience with them is good. 

Neutral

Before choosing Amazon VPC, I used Oracle Cloud while working at Oracle for a year. However, while Oracle Cloud may be cheaper, it lacks the variety of options and scalability AWS offers. Therefore, I would recommend sticking with AWS. 

I wouldn't say the initial setup is difficult. I find it more interesting and fulfilling to create things the right way from the start rather than going back to correct something built incorrectly by someone else.

The product is expensive. 

The tool is a basic necessity if you're using AWS. It provides the essential networking infrastructure for any application to be deployed and managed in the AWS environment. I rate the overall solution an eight out of ten. 

Our primary use case for Amazon Virtual Private Cloud involves securely hosting our application and database servers within the private data center.

AWS services are quite convenient and user-friendly. Specifically, Amazon DynamoDB, EKS, and security features are easy to deploy and manage directly through AWS.

It would be beneficial to introduce more managed features and enhance customization options in the product. It could be more versatile and easy to use.

We have been using Amazon Virtual Private Cloud for two to three years.

I rate the platform's stability a nine out of ten.

I rate the platform's scalability an eight out of ten. Compared to Azure and GCP, there's room for improvement, particularly in managing aspects. 70% to 80% of our users have migrated to AWS.

We provide support directly to our customers. VPC's technical support team has been helpful. Their reliability has been particularly noteworthy, as they have effectively addressed any issues we've encountered, ensuring that solutions are implemented correctly. Our experience with customer service has been mainly focused on supporting development and operational aspects, where their assistance has been invaluable.

Positive

The initial setup was challenging but simple enough. It becomes easier to grasp if you approach it with a willingness to learn. It allows for a better understanding of the underlying architecture and how it's utilized.

Our work experience has mainly been with on-premises and cloud deployments, primarily within the AWS environment.

The deployment process for Amazon VPC typically involves initial planning and design discussions to understand the customer's requirements and ensure cost optimization. This planning phase may take some time as it involves coordination with various stakeholders and team members to finalize the architecture. However, once the design is in place, the actual deployment is relatively fast and efficient, depending on the setup's complexity and the project's specific requirements.

VPC tends to offer competitive pricing compared to other services. It's optimized and provides more personalized options, making it cost-effective.

The VPC's subnetting feature has significantly impacted our network design by enhancing security measures. It provides provisions to secure our network, ensuring it is not susceptible to manipulation by external users. Additionally, we leverage other security features such as the Web Application Firewall and AWS Network Firewall to enhance protection further. It is easy to set up security groups for the product.

Integrating it with other AWS services includes configuring VPCs and defining the subnet CIDR ranges. Then, we provision both public and private subnets, with sensitive databases typically placed in the private subnets. Additionally, we utilize features such as transit gateway and security groups to enhance network security. After deploying the servers within these subnets, we host our applications and manage traffic using load balancers and auto-scaling groups. Overall, the integration allows for an isolated network environment that we can efficiently manage via routing.

I recommend introducing Amazon VPC to others as it provides an excellent entry-level understanding of cloud computing and its relevance in today's world. Setting up on-premises clusters can be challenging, but its services offer a straightforward and accessible way to begin working with cloud computing. The users can gain a basic understanding of cloud computing concepts and gradually expand their knowledge to more advanced topics.

I rate it a nine out of ten.

The solution can be used to isolate a cloud within a cloud infrastructure. It allows us to have an isolated or air-gapped environment.

The product can be used to isolate environments. It's good for security. It is a very good feature irrespective of which cloud provider we use. It also allows us to connect two VPCs in different zones. We haven’t had any issues with the solution. It satisfies all our requirements.

The tool is not scalable.

I have been using the solution for around three years.

The tool is stable.

The number of users depends on each project. We might have three to four people from DevOps and more than 100 users from the project teams.

The initial setup is very easy and quick.

The solution is worth the money.

The pricing is okay. The solution is not very expensive. Compared to other solutions, it is fine.

The tool is used for the isolation of our environment. It is a set of rules within our cloud environment to separate whatever we have created as a virtual cloud. I highly recommend the solution. Overall, I rate the solution a ten out of ten.

You cannot provision an EC2 server or an EFS instance in AWS without putting them inside a Virtual Private Cloud. If the EFS is connected to a Lambda, then the Lambda also has to be inside the same Virtual Private Cloud. By adding inbound rules to the Virtual Private Cloud's Security Group, you can tighten the security of the resources within it.

Amazon Virtual Private Cloud gives you security. If you put something inside Virtual Private Cloud, then you can add rules to that Virtual Private Cloud, and allow connections from IP addresses and allow connections to an IP address. The inbound and outbound connections can be limited based on IP address. Thereby it adds security. It's a feature of security groups, but that is another AWS service. We put a resource inside a Virtual Private Cloud and then connect a security group to that Virtual Private Cloud, in which we define the traffic rules. In the aforementioned manner, we can limit the IP address that we connect to, so it adds to security.

There is some difference between the route tables of public and private subnets, which is something that is not properly documented. Basically, if you add a route to an Internet Gateway in the private subnet's route table, then it should be able to connect to the Internet. But this doesn't happen. You have to use a NAT gateway instead.

I have been using Amazon Virtual Private Cloud for more than one year.

It is a very stable product.

The solution is used by only two people in my company. It is a very scalable solution.

We never had any issues with this tool.

The initial setup is easy. It is easier now, actually, since they have changed their UI.

There is no way for you to not use it. If you are using EFS or EC2, then you have to use Virtual Private Cloud. There might be other services too, but these are the two I can remember now. Also, it is safer to put things inside of Virtual Private Cloud because it is more secure. I would advise you to do it, but you have to configure it correctly. If it is not needed, then don't use it.

When I tried to modify the route table of a private subnet, it didn't become a public subnet.

I rate the overall solution a nine out of ten.

We use the solution to make network connections between instances, VMs, databases, or other services present in the cloud. We have a connection to both private and public clouds.

The product’s firewall is very good. It is a very strong tool. The solution works without any issues with other AWS services.

The initial setup is complex. We need to configure each link, check that it's connected, and virtualize it. The complexity is in the preparation to implement the configuration inside the cloud. It takes a lot of time to migrate the configuration from the physical to the virtual network.

I have been using the solution for three to four months.

The product is stable.

The product is scalable. The solution is suitable for small, medium, and large companies.

The technical support is very good. The team is responsive and always gives us the optimal solution.

Positive

We use some tests and check configurations to deploy the solution.

We can use the tool for free. However, there is a cost associated with traffic outside the cloud. We do not have to pay for an extra license for the product.

I recommend the solution to our customers. We use the solution because our customer uses AWS, and they want to use a native AWS solution. People who want to implement the tool must implement it in the right way and check with support regarding the recommended actions. Overall, I rate the product an eight out of ten.