September 21, 2009, 5:20 AM — Many of you know about Amazon's virtual cloud storage and computing services, S3 and EC2 respectively. But what you probably didn't know is that the company now offers a way to connect to these resources via a virtual private network through secure IP protocols (IPsec VPN).
This is a very big deal. It is probably the first time that anyone has tried to combine these physical and virtual resources in such a manner.
Yes, there are some limitations. On the link above, you can see a long list of requirements if you are going to hook up your cloud network to your VPN gateway. Amazon has tried to get this to work on popular Juniper and Cisco boxes, but VPNs are notoriously difficult to configure and there are dozens of knobs to turn, particularly for IPsec VPNs.
Like the other virtual services, you only pay for what you use when you use it – meaning that there are charges by the hour it is operating and additional data charges for the bits that pass through the VPN. You can drop the instance and re-start the VPN when you re-start the servers behind it, or leave it running continuously.
The service is just in beta for the time being, and only available after your application is approved by Amazon (again, see the link above). All the traffic that leaves the virtual world goes back to your VPN gateway at your office, so if you want to reach the Internet at large you will have to first pass through your own ISP connection at your office. Amazon is working on a way to go directly from their cloud.
By the way, while we are talking about Amazon's Web Services, you might want to browse on over to this link and try to win $50,000 prize for the best new application. You have a couple of days left to enter the contest.