About Me

My photo
JHC Technology is a Service Disabled, Veteran-Owned, Small Business based in the Washington, DC Metro area. Our primary focus is to offer customized solutions and IT consulting to our Commercial and Government clients. Our experts have a broad experience delivering and managing Microsoft Enterprise applications and Cloud and Virtualization Solutions, as well as mobilizing Enterprise data.

Wednesday, August 7, 2013

Amazon Web Service (AWS) - Trusted Internet Connection (TIC) Architecture

I have decided to deviate from my blog series about Non-Technical Cloud Barriers and talk about some of the solution architecture work JHC is performing for our Federal clients moving to Amazon Web Services.  One of the major design hurdles the Federal Government has to take into consideration when moving into the Cloud is how to implement Trusted Internet Connection (TIC).  What is Trusted Internet Connection?  Department of Homeland Security describes TIC as an initiative to:

“…optimize and standardize the security of individual external network connections currently in use by federal agencies, including connections to the Internet. The initiative will improve the federal government's security posture and incident response capability through the reduction and consolidation of external connections and provide enhanced monitoring and situational awareness of external network connections.” (You may also refer to OMB Memorandum M-08-05).  
My understanding is that currently, no public Cloud offerings have the capability/ability to natively provide TIC for their federal clients.  In most cases, internet traffic is routed back to the federal government datacenter and out a TIC router provided by a vendor through the vendor’s Managed Trusted Internet Provider Service (MTIPS).  Currently the following vendors are the only MTIPS providers available under the Networx contract:
  • AT&T
  • CenturyLink (formerly Qwest)
  • Sprint
  • Verizon Business
For Federal Agencies looking to expand and/or move all infrastructure operations into the Cloud, but still need to maintain a physical datacenter to allow for a TIC vendor provided router, it is not cost effective and from a networking prospective it is inefficient.  Using AWS features, JHC has been able to design a TIC solution that removes the requirement for Agencies to have to maintain physical datacenters for TIC compliance while providing a TIC solution that is High Availability and has built-in Disaster Recovery.  Below is a high level overview and sample architecture of the TIC Solution:
  1. Utilize AWS Regions in US East and/or GovGloud
  2. Deploy Virtual Private Cloud (VPC) within the AWS Region and associate subnets across Availability Zones.
  3. Within your VPC deploy EC2 virtual routers and EC2 web content filters across Availability Zones for high availability and disaster recovery.
  4. Establish VPN connection between your agency and EC2 virtual router.
  5. (Optional) for additional high availability and disaster recovery connect your AWS regions via EC2 virtual router and load balance user internet traffic across the US.
  6. Use AWS Direct Connect feature to route your internet traffic to Equinix facility in either Seattle Washington and/or Ashburn, VA utilizing AWS Virtual Private Gateway.
  7. Drop TIC provider router into Equinix and connect AWS Direct Connect Router to TIC Router


James Hirmas is the CEO for JHC Technology.  He can be reached at jhirmas (at) jhctechnology.com,@JHC_JamesHirmas, or connect with him on LinkedIn.

44 comments:

  1. Amazon introduced a new product development strategy to offer cloud computing to external users and rolled out
    Amazon Web Services(AWS) on a utility computing basis.

    ReplyDelete
  2. Bluehost is definitely one of the best hosting provider with plans for all of your hosting requirments.

    ReplyDelete
  3. Thanks for providing this informative information you may also refer.
    http://www.s4techno.com/blog/2015/12/24/aws-rds-in-sql-server-5-minute-deploy/

    ReplyDelete
  4. it’s really nice and meanful. it’s really cool blog. Linking is very useful thing.you have really helped lots of people who visit blog and provide them usefull information.

    Amazon-AWS Training in Hyderabad

    Hadoop Training in Hyderabad

    ReplyDelete
  5. Thank you so much for sharing this worth able content with us. The concept taken here will be useful for my future programs and i will surely implement them in my study. Keep blogging article like this.
    Aws Online Training

    ReplyDelete
  6. Updating ourselves to the latest technology is the good idea to live in this modern IT world. Reading articles like your blog this will make an encouraging power within me. Thanks for sharing such an informative content. AWS Training in Bangalore | Big Data Hadoop Training in Bangalore

    ReplyDelete
  7. Hi, I have read your blog. Really very informative and excellent post I had ever seen about AWS. Thank you for sharing such a wonderful blog to our vision. Learn Amazon Web Services Training in Bangalore |
    DataScience Training in Bangalore |

    ReplyDelete
  8. Web Design Sydney: It is a great sharing...I am very much pleased with the contents you have mentioned. I wanted to thank you for this great article. .Logo Design Sydney,Logo Design in Coimbatore,Brochure Design in Coimbatore

    ReplyDelete
  9. The information which you have provided is very good. It is very useful who is looking for AWS Online Training

    ReplyDelete
  10. Posting it is very needed because every human being today want this information. Keep it up. Good luck and thanks for posting AWS / Amazon Web Services Training | AWS / Amazon Web Services Training in Bangalore

    ReplyDelete
  11. I have read your blog its very attractive and impressive. I like your blog. AWS Online Training Bangalore

    ReplyDelete
  12. Appreciating the persistence you put into your blog and detailed information you provide.

    It’s great to come across a blog every once in a while that isn’t the same out of date rehashed material. Fantastic read.

    AWS Training in Chennai

    ReplyDelete
  13. Excellent post. This article is really very interesting and effective.
    Aws Training in Hyderabad

    ReplyDelete
  14. Thank you so much for sharing this worth able content with us. The concept taken here will be useful for my future programs and i will surely implement them in my study. for more updates on AWS join AWS Online Course

    ReplyDelete
  15. The information which you have provided is very good. It is very useful who is looking for salesforce Online Course Bangalore

    ReplyDelete

  16. Artificial Intelligence Companies in bangalore is the field of computer science dedicated to solving cognitive problems commonly associated with human intelligence, such as learning, problem solving, and pattern recognition.

    artificial intelligence companies in indiaMany business certainly expect AI to be disruptive Technology in the coming days or Testing the Waters currently, but why wait when the technology is already transforming every aspect of the way an organization operates?

    ReplyDelete
  17. It is really a great work and the way in which you are sharing the knowledge is excellent.
    aws training in omr | aws training in velachery | best aws training center in chennai

    ReplyDelete
  18. Very nice blog, you given useful information, Very great article, Thank you for sharing this wonderful article.
    amazon cloud computing in india

    ReplyDelete
  19. Thank you so much for such valuable information sharing. It’s highly appreciated.Interesting and informative article...very useful to me, please keep on updating..

    AWS Training
    AWS Training in Chennai

    ReplyDelete
  20. this blog shows information with practically with picture thank you very much nice information
    Devops online Training

    ReplyDelete
  21. Nice work, your blog is concept oriented ,kindly share more blogs like this
    AWS Online Training

    ReplyDelete
  22. Selenium is one of the most popular automated testing tool used to automate various types of applications. Selenium is a package of several testing tools designed in a way for to support and encourage automation testing of functional aspects of web-based applications and a wide range of browsers and platforms and for the same reason, it is referred to as a Suite.

    Selenium Interview Questions and Answers
    Javascript Interview Questions
    Human Resource (HR) Interview Questions

    ReplyDelete
  23. This comment has been removed by the author.

    ReplyDelete