Networking Flashcards
What is VPC?
Virtual Private Cloud - provisioning a logically isolated section of the AWS Cloud, a private network in AWS with a range of IPs.
What are subnets?
they are groups of public or private resources in a VPC
What is a public subnet?
It groups resources which can be accessed from the Internet.
What is a private subnet?
It groups resources that can only be accessed from the VPC, not from the outside. E.g. DBs, application servers, etc.
Two types of gateways
- Internet gateway
- virtual private gateway
What is Virtual Private Gateway used for?
It allows for creating a VPN connection to the VPC from e.g. a data center.
What is AWS Direct Connect?
- a completely private dedicated fiber connection to the VPC from, e.g. a private data center
- it is a physical line
- needs to be set up with a local AWS representative
What are the reasons to use AWS Direct Connect?
- to sidestep bandwidth issues (low latency)
- to meet regulatory requirements
What are network security concerns?
- network hardening
- application security
- user identity
- authentication and authorization
- DDoS protection
- Data integrity
- encryption
What is network ACL
- Access Control List
- checks if packet sender/addressee is allowed to enter/leave the subnet
What level is protected by ACL?
subnet
What is a Security Group?
checks if packet sender/addressee is allowed to enter/leave an instance
What level is protected by a Security Group?
instance
What are the default rules for a Security Group?
- all inboud traffic is blocked
- all outbound traffic is allowed
ACL vs. Security Group
- subnet vs. instance
- stateless vs. stateful
