Ingress filtering from an external cloud service to the internal network
Yan Filyurin
yanf787 at gmail.com
Fri May 5 14:11:23 UTC 2017
Since you can't change the design you may not be able to put some kind of
overlay solution in place, which is just a fancy way of saying a VPN
solution. What if you look at it in a different way and put some kind of
endpoint security cloud solution like Illumio.
But if you at least had the freedom to put something like this:
http://www.sproute.com/span
in place or 20 other similar solutions. As in you do VPN, but right from
the cloud instance itself or another instance. There is also a set of
various solutions that do specialized metadata like Cilium, but they get
into container networking and that is definitely application redesign.
On Thu, May 4, 2017 at 1:08 PM, Torres, Matt <matt.torres at state.or.us>
wrote:
> Unfortunately, a private connection or VPN to the cloud service provider
> is not available right now, but I can see how that could help solve my
> problem. :-)
> ~Matt
>
> > Is it possible for you to get a private/direct connect service from your
> network perimeter to the cloud provider and eliminate using the public
> connectivity?
> >
> >Or because its Internet-based you have to use public connectivity?
>
More information about the NANOG
mailing list