74. Setting Up a VPN Over a Direct Connect Connection

Steps to setting up Direct Connect:
i. Create a virtual interface in the Direct Connect console. This is a Public Virtual Interface
ii. Go to the VPC console and then to VPN connections. Create a Customer Gateway
iii. Create a Virtual Private Gateway
iv. Attach the Virtual Private Gateway to the desired VPC
v. Select VPN connections and create new VPC connection
vi. Select the Virtual Private Gateway and the Customer Gateway
vii. Once the VPN is available, set up the VPN on the customer gateway or firewall.

Questions:
i. A video analytics organization has been acquired by a leading media company. The analytics organization has 10 independent applications with an on-premises data footprint of about 70TB for each application. The CTO of the media company has set a timeline of two weeks to carry out the data migration from on-premises data center to AWS Cloud and establish connectivity. Which of the following are the MOST cost-effective options for completing the data transfer and establishing connectivity? (Select two)
Answer: a. Setting Site-to-Site VPN to establish connectivity between the on-premises data center and AWS cloud.
b. Order 10 Snowball edge storage optimized devices to complete the one-time data transfer.
Explanation: AWS Site-to-Site VPN enables you to securely connect your on-premises network or branch office site to your Amazon Virtual Private Cloud (Amazon VPC). You can securely extend your data center or branch office network to the cloud with an AWS Site-to-Site VPN connection. A VPC VPN Connection utilizes IPSec to establish encrypted network connectivity between your intranet and Amazon VPC over the Internet. VPN Connections can be configured in minutes and are a good solution if you have an immediate need, have low to modest bandwidth requirements, and can tolerate the inherent variability in Internet-based connectivity.
AWS Direct Connect lets you establish a dedicated network connection between your network and one of the AWS Direct Connect locations. Using industry-standard 802.1q VLANs, this dedicated connection can be partitioned into multiple virtual interfaces. AWS Direct Connect does not involve the Internet; instead, it uses dedicated, private network connections between your intranet and Amazon VPC. Direct Connect involves significant monetary investment and takes at least a month to set up, therefore it’s not the correct fit for this use-case.