Balancing security and the flexibility of remote work can be a challenge. Fortunately, AWS Virtual Private Network (VPN) establishes a secure connection between your on-premises network or remote devices, and the AWS global network. AWS offers two types of VPN services ‒ AWS Client and AWS Site-to-Site ‒ that are affordable, highly available, and suitable for various use cases.
AWS Client VPN allows users to connect securely to the AWS global network and on-premises networks with a single VPN connection. The user connects to a specified client VPN endpoint within a target network. The endpoint will be configured inside a subnet in your VPC. Unlike traditional on-premises VPN services, AWS Client VPN is not limited by hardware restraints. It is a pay-as-you-go service that scales elastically, based on user demand. This reduces costs and maintains consistent performance, regardless of production spikes.
Client VPN use cases
With remote work becoming ubiquitous, securing connections and ensuring availability has become a prominent issue. This spike in remote users can hinder performance and decrease productivity. AWS Client VPN is elastic, which automatically scales to handle a constantly changing demand. This eliminates the need for additional VPCs during peak production hours while reducing unused capacity to optimize costs. To learn more about VPCs, check out our 'What is a VPC?' blog post.
During cloud migrations, AWS Client VPN can ease the transition of moving on-premises applications into the AWS cloud. Users are not affected during the transition, meaning their application is always accessible, and they don't have to change the way they access it.
How much does Client VPN cost?
AWS Client VPN charges for the number of active client connections per hour and the number of subnets that are associated with the Client VPN per hour. Endpoint associations are $0.10 per hour while client connections are $0.05 per hour.
For example, an AWS Client VPN endpoint is created in US East and associated with one subnet. Ten VPN connections are necessary to connect your entire remote team. For this region, you will pay $0.10 per hour for an endpoint fee, and ten VPN connections collectively cost $0.50 per hour. The cost of ten VPN connections to a single endpoint will be $0.60 per hour.
AWS Site-to-Site VPN creates a secure connection with encrypted tunnels between your on-premises network and AWS services, such as virtual private clouds (VPC) and transit gateways. AWS Site-to-Site delivers high availability by using two tunnels across multiple Availability Zones (AZ) within the AWS global network. The secondary tunnel is available for traffic if the primary tunnel goes down. This service allows for a fixed connection between your on-premises datacenters, office buildings, and your AWS network.
Site-to-site VPN use cases
AWS Site-to-Site VPN securely connects remote sites to the AWS cloud, making it easier to migrate your network to the cloud. VPCs can be used to move resources seamlessly, without affecting how the application is accessed.
AWS Client VPN allows remote users to connect to your AWS VPC, giving secure access to all AWS resources. If used in tandem with AWS Site-to-Site VPN, your data center can be securely connected to the AWS cloud, with high availability across multiple AZs and improved performance when connected to the AWS Global Accelerator. This simple architecture would facilitate private and remote access to your data center.
How much does Site-to-Site VPN cost?
Site-to-Site VPN costs $0.05 per hour, with an additional charge when transferring data out of the cloud. The first 100GB of data transferred out is free, while any data transferred in is also free. Data transferred out of AWS Site-to-Site VPN will incur data transfer charges of $0.09 per GB.
For example, an AWS Site-to-Site VPN is connected to your AWS VPC in US East. The connection is active for 30 days, 24 hours a day. The hourly connection fee is $0.05 per hour, totaling $36.00 per month. During this month, 1,000GB is transferred in, and 500GB is transferred out through this connection. The data transfer out fee is waived for the first 100GB, and $0.09 per GB for the remaining 400GB. The data transfer fee would total $36.00. Overall, the monthly total would be $72.00 to have a fixed connection, data transferred in, and 500GB of data transferred out.
Note that prices are changing and vary from region to region. Refer to the AWS pricing guide for accurate pricing.
AWS Virtual Private Network is available to make your on-premises networks accessible in the cloud, while providing secure access from anywhere within the extensive global infrastructure of AWS. With different services and a variety of use cases, AWS VPN connections can make any business globally accessible.
Contact us for more for more information.