Amazon introduces Virtual Private Cloud service

On the third anniversary of its Elastic Compute Cloud launch, Amazon Web Services late Tuesday announced a new service, the Virtual Private Cloud.

Targeted at customers with existing IT investments, the Virtual Private Cloud (VPC) service provides a way for companies to create a logically separated set of Elastic Compute Cloud (EC2) instances and a secure VPN connection to their own networks.

Amazon Web Services illustrates how the Virtual Private Cloud functions.

(Credit: Amazon.com)

Jeff Barr, Amazon Web Services strategist, said in a blog that the service requires three elements: a VPC instance, an IPSec VPN gateway, and a block of IP addresses provided by the customer. The VPC's address space can range from 16 addresses (known to network administrators as a /28 address range) to 16,384 addresses (a /18 address range), and the addresses can be divided up into subnets to further partition traffic.

All Internet-bound traffic is routed through the customer's network and outbound security systems before reaching the public network, Barr said.

Amazon.com Chief Technology Officer Werner Vogels described in a blog Amazon's vision for the service:

(CIOs) have bought into the cloud as a target for a significant portion of their services, as the benefits are too obvious to ignore, and most expect that their transition will be a continuous process. They would accelerate the adoption of cloud services if they could access a form of cloud that would give them the best of both worlds: the flexibility and cost-effectiveness of accessing a virtually infinite pool of resources without owning it, while being able to integrate those resources into their existing datacenter environments such that they could continue to leverage existing investments in their management and control infrastructure...

We have developed Amazon Virtual Private Cloud (Amazon VPC) to allow our customers to seamlessly extend their IT infrastructure into the cloud while maintaining the levels of isolation required for their enterprise management tools to do their work.

Not all Amazon Web Services capabilities are supported in Amazon VPC at the start, such as Amazon EC2 security groups, DevPay AMIs, and Internet-facing IP addresses. The VPN service has been tested with equipment from Cisco Systems and Juniper Networks.

VPC pricing is based on a $0.05 hourly charge for VPN access, plus a cost for data transfer into and out of the connection, ranging from $0.10/GB to $0.17/GB. Charges for other Amazon Web Services, including Amazon EC2, are billed separately at Amazon's standard rates.

[Mindstrike]

Somebody help me out, please. I am trying to get a handle on the "cloud" thing. What is a real world application for this? Maybe I need a comprehensive definition or somebody smart enough to dumb it down for me while still remaining true to what it is all about. If anybody feels like being kind for no good reason, I would appreciate it.

[ghostofitpast]

You are probably too young to remember when computing was a matter of using a time-sharing system on a mainframe. In those days what you could do was severely limited by the mainframe itself and the operating system it was running. A few research laboratories supported highly interactive environments; but the "computing experience" in the "real world" of business operations was mind-numbing, to say the least. The good news, however, was that the user did not have to worry about maintaining the computer. The mainframe had its own maintenance team, which was supposed to insure the user reliability of coming in every day and having the computer support the work that needed to be done. That "'cloud' thing" is basically an attempt to restore the one good thing about mainframe environments (which would now be called outsourcing all systems maintenance) while keeping the user's view of computing as "personal" (and interactive) as it has become. You are unlikely to hear much of this talk about clouds, but a culture with no sense of history never recognizes when everything old is new again!

[kawaijen]

@ghostofitpast, and for kiddies enligtment :-)
Amusing, I wrote the comment below some weeks ago about Clouds you are not alone ...

An alternative view (if you look backward cleverly) is that the cloud is nothing more than an OS in the sky, reinventing the IT wheel yet another time.
So all these supposedly new properties can be mapped on zOS (or even a high end UNIX) quite easily. Auto scaling is (more or less) nothing more that zOS resource manager.
All of this becomes possible because Intel x86 has won. So we are back to a uniform computer model.
Even the billing model is very old. Mainframers paid "as you go", just several orders of magnitude more :-(

This historical view of the cloud is not (only :-) an old timer's rambling, but a way to allow to moderate irrational enthousiasm about these "new" properties, and learn from what worked and failed in analogous models.

[deathinc70]

"The VPC's address space can range from 16 addresses (known to network administrators as a /24 address range) "

a /24 has 254 addresses, not 16. Doh!

[LeitM]

Quite likely a typo - Jeff Barr's blog indicates a /28 for 16 IP addresses, so it was probably a transcription error. Will assume that James will fix it shortly.

[LeitM]

Quite likely a typo - Jeff Barr's blog indicates a /28 for 16 IP addresses, so it was probably a transcription error. Will assume that James will fix it shortly.

[jamesurquhart]

Thanks for catching the typo. Corrected.