A cloud service is only as good as the team of network engineers who keep it up and running. In this episode, AWS Vice President and Distinguished Engineer Tom Scholl breaks down the importance of security and legwork needed to support the company’s massive infrastructure. Corey picks Tom’s brain while singing the praises of the AWS DDoS Protection Team, marveling at the scale of the modern internet, and looking ahead to the next generation of network engineers that could land at AWS. If you’ve ever wondered about the inner workings of the AWS cloud, then this is the discussion for you.
Show Highlights:
- (0:00) Intro
- (1:09) The Duckbill Group sponsor read
- (1:42) The importance of a good network for AWS
- (3:38) Evolution of networking
- (6:03) Efficiency of the AWS DDoS Protection Team
- (7:29) AWS Cloud and weathering DDoS attacks
- (10:03) Policing network abuse
- (12:08) Walking the SES tightrope and network attacks
- (15:00) Ensuring the security of the internet
- (17:53) The Duckbill Group sponsor read
- (18:37) Scale of the modern internet
- (20:47) Migrating the AWS network firewall
- (21:54) Internal network scaling
- (24:27) Preparing for DDoS disruption
- (29:14) Finding the next generation of network engineers
- (32:15) Where to learn more about AWS cloud security
About Tom Scholl:
Tom Scholl is a VP and Distinguished Engineer at Amazon Web Services (AWS) in the infrastructure organization. His role includes working on AWS’s global network backbone, as well as focusing on denial of service detection and mitigation systems. He has been with AWS for over 13 years.
Prior to AWS, Tom was a Principal Network Engineer at nLayer and AT&T Labs (formerly SBC Telecom). He also previously held network engineering roles at OptimalPATH Digital Network and ANET Internet Services.
Links Referenced:
- AWS Security Blog: https://aws.amazon.com/blogs/security/
- How AWS threat intelligence deters threat actors: https://aws.amazon.com/blogs/security/how-aws-threat-intelligence-deters-threat-actors/
- Using AWS Shield Advanced protection groups to improve DDoS detection and mitigation: https://aws.amazon.com/blogs/security/using-aws-shield-advanced-protection-groups-to-improve-ddos-detection-and-mitigation/
- AWS re:Inforce 2024 presentation on Sonaris and MadPot: https://www.youtube.com/watch?v=38Z9csvyFDg
- NANOG 2023 presentation on AWS networking infrastructure: https://www.youtube.com/watch?v=0tcR-iQce7s
- AWS re:Invent 2022 presentation on AWS networking infrastructure: https://www.youtube.com/watch?v=HJNR_dX8g8c
- AWS re:Invent 2022 presentation on Scaling network performance on next-gen Amazon EC2 instances: https://www.youtube.com/watch?v=jNYpWa7gf1A&t=1373s
- IEEE paper on Scalable Relatable Diagram (SRD): https://ieeexplore.ieee.org/document/9167399
Sponsor
The Duckbill Group: https://www.duckbillgroup.com/
Więcej odcinków z kanału "Screaming in the Cloud"
Nie przegap odcinka z kanału “Screaming in the Cloud”! Subskrybuj bezpłatnie w aplikacji GetPodcast.