3.12. Direct Connect (DX) - Public VIF + VPN (Encryption)

0.0(0)

Studied by 0 people

Learn

Practice Test

Spaced Repetition

Match

Flashcards

Card Sorting

1/16

There's no tags or description

Looks like no tags are added yet.

Study Analytics

Name	Mastery	Learn	Test	Matching	Spaced

No study sessions yet.

17 Terms

New cards

What does using a VPN over Direct Connect provide?

Encrypted and authenticated tunnel with low and consistent latency.

New cards

Why use a Public VIF for VPN access to private VPC networks?

Because VPN endpoints (Virtual Private Gateway or Transit Gateway) use public IPs, which require a Public VIF.

New cards

What is the key difference between a Public VIF and a Private VIF?

Public VIF gives access to AWS public IP addresses; Private VIF gives access to private IPs in a VPC.

New cards

How is a VPN over Public VIF architecturally different from a VPN over the internet?

The VPN configuration is the same; only the transit path (Public VIF vs. internet) changes.

New cards

What is the difference between VPN and MACsec in terms of encryption scope?

VPN provides end-to-end encryption between Customer Gateway and AWS Gateway; MACsec encrypts a single hop on Layer 2.

New cards

Which is more widely supported: IPsec VPN or MACsec?

IPsec VPN, as it is supported by a wider range of vendors and devices.

New cards

Why is MACsec faster than VPN?

MACsec has lower cryptographic overhead and supports higher network speeds.

New cards

What is a common pattern for initial connectivity to AWS before Direct Connect is provisioned?

Start with a VPN over the internet, then add Direct Connect later.

New cards

How can VPN and Direct Connect be used together for resilience?

Use Direct Connect with an IPsec VPN as primary, and an internet-based IPsec VPN as backup.

New cards

Where are AWS VPN endpoints (for Virtual Private Gateway) located?

In the AWS Public Zone, across two Availability Zones, with public IP addresses.

New cards

Can a Public VIF be used to connect to AWS VPN endpoints in other regions?

Yes, over the AWS Global Network, enabling global encrypted transit.

New cards

Why isn't VPN over Direct Connect a competitor to MACsec?

They serve different purposes—VPN is for end-to-end encryption, MACsec is for local link encryption.

New cards

When connecting to public IPs of AWS VPN endpoints, which type of VIF must be used?

Public VIF.

New cards

What should guide your choice between Public and Private VIF?

The type of IPs you are trying to access—public IPs require a Public VIF, private IPs require a Private VIF.

New cards

What benefit does Direct Connect bring when used with VPN?

Improved latency and consistency compared to VPN over the public internet.

New cards

What is VIF + VPN?

New cards

What does the public VIF + VPN architecture look like?

Explore top notes

COURT CASE: Engel v. Vitale

Updated 871d ago

Note

Physical Science - Chapter 1

Updated 745d ago

Note

Chap 4: States of Consciousness

Updated 883d ago

Note

Src Protein Kinase Regulation Shows How Proteins Can Be Microprocessors

Updated 906d ago

Note

Nomenclature

Updated 972d ago

Note

The American Yawp Chapter 19: American Empire

Updated 134d ago

Note

Economics 2: Money

Updated 598d ago

Note

Factorising Non-monic Trinomials

Updated 18d ago

Note

Explore top flashcards

A.1 - Theater Groups

Updated 795d ago

Flashcards (21)

AP Human Chapter 4 Vocab

Updated 876d ago

Flashcards (48)

nurs 1003 midterm

Updated 241d ago

Flashcards (102)

Solutions - Chapter 12

Updated 779d ago

Flashcards (40)

ap lit jserra 100 terms to know

Updated 673d ago

Flashcards (101)

50’s Cold War Test

Updated 476d ago

Flashcards (44)

Bio - evolutieleer - Deel 1

Updated 750d ago

Flashcards (36)

Spanish Final

Updated 916d ago

Flashcards (188)