Virtual Private Cloud (VPC) is the best move from Amazon Web Services announced to address the enterprise customer’s security requirements and to provide a missing link for hybrid deployments.
The VPC cloud design consists of a public subnet and a private subnet with a NAT (Network Address Translation) in the public subnet’s occurrences. The private subnet’s instances enable cases to initiate internet’s outbound traffic. It is usually used to run a web application and is a public-facing one, maintains a back-end server, which cannot be accessible publicly.
For instance, let’s consider a multi-tier website, in the public subnet with the web servers and the private network’s database servers. You can enable routing and security to communicate web servers with the database servers. The private subnet’s instances can access the Internet via the public subnet’s NAT.
Using the list of network access control, you can increment the security of the network. This Optional External protection acts as a security layer as a firewall to control traffic in and out of the subnet. Although there are some requirements where VPC falls short, it is the first and essential step towards IaaS security and will help customers move towards the cloud confidently. It lays a ground on which customers can build upon and extend their security architecture into the public cloud.