AWS GWLB and Palo Alto Integration – K8s Egress Inspection
Kubernetes (K8s) egress inspection is performed through AWS GWLB and Palo Alto. This is another example of using metadata to accomplish microsegmentation in cloud-native computing.
Intra-VPC East-West Inspection with AWS GWLB and Palo Alto: Part 2
Another design option is introduced for Intra-VPC East-West inspection when using AWS GWLB
AWS GWLB and Palo Alto Integration – Rethink Zone-Based Security Model on Cloud
In GWLB/Palo integration, AWS tags can be used to digitize security zones. This approach offers flexibility in balancing zone-based and micro-segmentation designs. It also fits well with CI/CD and GitOps practices.
Inter-Region Firewall Inspection with AWS GWLB and Palo Alto
Design options for Inter-Region firewall inspection using AWS GWLB and Palo Alto
Intra-VPC East-West Inspection with AWS GWLB and Palo Alto
Shared VPC is an important AWS network design pattern. I'm sharing my experiments on Intra-VPC East-West Inspection when using AWS GWLB
AWS GWLB and Firewall Integration Explained
AWS GWLB offers a new approach for firewall integration. This blog explains the concepts using visual aid of bump-in-the-wire.
AWS VPC Flow Logs Misses to Capture Certain Traffic
AWS VPC Flow Logs is a valuable tool in network RCA by reporting traffic in/out of ENI. This post describes one exception where it misses certain traffic.
AWS SiteLink – Alternative to Traditional MPLS Vendor
AWS SiteLink is a new Direct Connect service for customer site-to-site connectivity. It provides another option for data center interconnect.
AWS Load Balancer FQDN – Undocumented all.* record for Firewall Rules
If you have a traditional firewall inspecting application traffic to AWS load balancers, you might run into this 8-IP issue when ELB/ALB scale up
GSLB for AWS Private Network – Infoblox DTC
GSLB designs that support Active/Active and Active/Passive private workload deployment patterns in multiple-regions and hybrid clouds
