A new Amazon Virtual Private Cloud service is now open for limited beta testing.
The Amazon VPC will allow users to set up access to a private network via an IPsec virtual private network (VPN) and launch and control EC2 instances inside that network without having them available via a public IP address, which is standard for normal EC2 launches.
AWS evangelist Jeff Barr detailed the service in a blog post on Tuesday. He said the created networks will use standard CIDR notation and allow up to 16,384 unique IP addresses. Barr wrote that the beta is limited in functionality compared to standard VPN offerings, forcing current EC2 users to use a new Amazon VPC connection for all traffic without full control over how IP addresses are assigned to new clients. Some types of EC2 instances cannot be launched within the Amazon VPC and traffic cannot be filtered by subnet.
"We're already working on these items and on other additions to the core functionality we're releasing today," he wrote. The price for Amazon VPC starts at $0.05 per network hour while the service is connected.
Amazon is making this move as interest in private cloud, cloud computing set up within an existing IT organization's data center, and hybrid cloud, cloud computing that is split between an organization's infrastructure and hosted cloud, grows by leaps and bounds. Competitors like Rackspace and Terremark already offer virtual private cloud implementations that promise security, but costs are much higher.
"They had to address the market demand…security is still concern number one, it is not performance," said Dr. Stefan Ried, senior analyst for Forrester Research on Vendor Strategy. Amazon's release of the new service was a response to market pressure for security practices that are standard elsewhere in the hosting industry, like VPN access and full network integration for hosted resources, so that IT organizations can meet security benchmarks, Ried said.
Security is still concern number one, it is not performance.
Dr. Stefan Ried, senior analyst for Forrester Research on Vendor Strategy
VPN is the default method of connection hosting companies targeting enterprise users, said Ried, and Amazon's announcement clearly targets gun-shy enterprises, but Amazon isn't moving away from its core target segment of test and development users. "It's a specific set of use cases they are looking for," he said.
"Take an average large bank; they have three to four hundred developers," said Ried. Each developer might use AWS to begin work on a project, but they can't test their applications on real bank data or transactions without removing it from AWS's public cloud, thus losing the benefits of easy access. The Amazon VPC service, when it measures up to standard VPN uses, will allow those test and dev users to use EC2 in a way that doesn't violate basic security needs, he said.
Recent surveys show interest in cloud computing among enterprises has reached "critical mass", with a recent F5 Networks study reporting an astonishing 89% of IT managers and developers in large enterprises were actively discussing or planning how to implement or use cloud computing.
"There was a lot higher adoption rate than we'd expected to see, especially on the private cloud," said F5 Technical Marketing Manager Lorie MacVittie. She cautioned that study respondents counted discussions and trial uses or services like EC2 as adoption, but said that awareness had clearly reached the point of no return for the companies surveyed, which had between 2,500 and 75,000 employees.
"I still doubt that Amazon will get a significant amount of real mission-critical applications in their cloud," Ried said, saying that large enterprises chose hosting based on security and reliability, rather than price, and would choose cloud computing resources accordingly. Still, he doesn't fault Amazon for the effort.
"They are clever to extend step by step" as market awareness changes, he said.
Dig Deeper on AWS security