AWS Site-to-Site VPN introduce las VPN de IP privada para mejorar la seguridad y la privacidad
A partir de Junio de 2022, AWS Site-to-Site VPN admite la capacidad de implementar conexiones VPN IPSec sobre Direct Connect utilizando direcciones IP privadas. Este cambio nos permite cifrar el tráfico DX entre la red on-premise y AWS sin necesidad de direcciones IP públicas, lo que conlleva una mejora en la seguridad y la privacidad de la red al mismo tiempo.
AWS Site-to-Site VPN is a fully managed service that creates a secure connection between a data centre or branch office and AWS resources using IP security (IPSec) tunnels.
Until now, it was necessary to use a public IP address to connect on-premises networks to AWS VPCs. Many of our customers require robust encryption of network traffic through Direct Connect and, at the same time, are not allowed to use public IP addresses for this communication. With this release, we can configure private IP addresses (RFC1918) on their IPSec VPN tunnels over Direct Connect and ensure that traffic between AWS and on-premises networks is encrypted and private.
This feature allows us to improve the overall security posture to better comply with any regulatory or security mandates. Private IP VPN support is available in all AWS regions where AWS Site-to-Site VPN is available. Pricing for the Private IP VPN connection is the same as the regular Site-to-site VPN connection.
Support for Private IP VPNs is available in all AWS regions where AWS Site-to-site VPN is available. Pricing for Private IP VPN connection is the same as regular Site-to-site VPN connection. For additional information, visit the AWS Site-to-site VPN product page, documentation, and pricing page.