Best Connectivity for Data Transfer in AWS Cloud
Question
A financial Organization has an on-premises Data Center that holds large volumes of customers' financial transaction data on its legacy mainframe systems.
While accessing transaction data, they have implemented a caching solution in the AWS cloud that will hold the customer's financial data due to performance issues.
The transaction data is extremely confidential & is heavy in bandwidth while transferring to the cloud.
What connectivity would you recommend for this data transfer? Select the best answer.
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.Answer: A.
Option A is CORRECT since Direct Connect provides a dedicated connection to the on-premises data Center bypassing the internet providing a more secure data transfer mechanism.
It also allows you to control the bandwidth to transfer massive amounts of data with the Direct Connect partner which is a prime requirement.
VPN connection ensures that the connection is secure.
Option B is incorrect.
Bandwidth is important for the connection.
So Direct Connect is required.
Option C is incorrect.
AWS Storage Gateway is a means that provides a Backup & Recovery option for data to the AWS cloud that is stored within the on-premises Data Center.
Primarily used with S3, the transfer still happens through the internet after encryption.
Also since the data is backed up asynchronously, the cache may be Eventually Consistent resulting in stale data being retrieved from the cache.
Option D is incorrect.
Snowball is an offline data transfer mechanism used when there is a huge amount of data (100TB) that needs to be transferred to the cloud.
Moving them over a WAN can take years & can be impractical at times.
A physical appliance is shipped to the on-premise Data Center which can be hooked to a network for transferring data.
Once done, it is shipped back to the Cloud Data Center, where it can be copied to storage devices like S3
Since our scenario requires real-time data availability between the On-Premise Data Center & AWS Cloud, it may not suffice the requirements.
References:
https://docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html
The best connectivity option for transferring large volumes of confidential data with heavy bandwidth requirements from an on-premises data center to AWS would be Direct Connect with a VPN connection.
Direct Connect is a dedicated network connection between an organization's on-premises infrastructure and AWS, which provides a reliable, high-bandwidth, low-latency connection that can be used to transfer large volumes of data securely. Direct Connect provides a private, isolated connection between on-premises infrastructure and AWS and is not routed over the public internet, providing enhanced security for confidential data.
A VPN connection would add an additional layer of security to the Direct Connect connection by encrypting the traffic between the on-premises infrastructure and AWS. VPN uses industry-standard encryption protocols to create a secure and encrypted tunnel between the two networks, ensuring that data transferred between the networks is protected from interception and tampering.
AWS Storage Gateway is a hybrid storage service that enables on-premises applications to use AWS storage. While it could be used for data transfer, it is not optimized for heavy bandwidth transfers and may not be the best choice for extremely confidential data.
AWS Snowball is a physical data transport solution that uses secure, ruggedized devices to transfer large amounts of data into and out of AWS. However, it may not be the best choice for data that needs to be transferred quickly, as it may take several days for the device to physically arrive at the on-premises location, be loaded with data, and then shipped back to AWS for upload.