Security and Savings in Amazon VPC

In March 2016, Genability migrated its application servers and databases into Amazon’s Virtual Private Cloud (VPC). We initiated this change anticipating that it would not only provide hard security guarantees, but reduce our infrastructure costs without impacting performance. After a few months of close monitoring, the results are in: mission-critical resources are inaccessible to the public internet and we’ve reduced infrastructure costs by 50%, all while handling a tenfold increase in daily API traffic.

Security

image00
Established as a default in late 2013, AWS VPC allows users to create cloud resources which are “logically isolated from other virtual networks in the AWS cloud”. This has several advantages:

  • General and resource-specific control over incoming and outgoing connections
  • Access control rules which can be changed without stopping/starting servers
  • Persistent private IP addresses
  • Custom network interfaces

For Genability, this means we’re able to segregate our AWS resources into public and private subnets, isolate our production data, and establish fail-safe defaults which allow new resources to access what they need quickly and securely.

For accounts created before 2013, AWS also provides an incentive to make the VPC switch: access to the AWS T2 instance type.

Savings

AWS T2 servers “provide a baseline level of CPU performance with the ability to burst above the baseline”. This is great for most of Genability’s applications which, like most electricity grids, experience peak traffic which is substantively greater than the base load:

API traffic during a typical day

API traffic during a typical day

When traffic is low, T2 servers earn “CPU credits” which can be used when traffic is heavy to dynamically meet demand with the same level of performance. For Amazon, this means a more efficient use of their resources; savings they split with their customers.

Switching to the T2 instances, combined with some overdue AWS housekeeping, reduced our AWS costs to 50% of their 2015 average:

AWS cost breakdown

AWS cost breakdown

At the same time, traffic on Genability’s API increased tenfold:

API throughput March-April 2016

API throughput March-April 2016

What’s next: performance improvements aimed at reducing server-side response times by 30% to help us exceed performance expectations under increasing load.

This entry was posted in News. Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

One Comment

  1. Posted February 15, 2017 at 1:18 am | Permalink

    Hi, I just read through the document. It is well documented. write more articles like this. Thanks in advance.

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

*
*

*

  • Categories

  • Archives