301 Reading 10 - marsecguy/reading-notes-cyberops GitHub Wiki
VPC
- How can one host within a VPC any services that need to be public?
- By removing them from the private subnets and VPN within the cloud and placing them in the publicly accessible part of the cloud.
- What are examples of services that would live in the publicly-accessible part of the VPC? The privately-accessible part?
- The publicly accessible part would include things like websites and publicly accessible databases. The private side would contain private business files and databases. For example, an insurance company could have their customer websites on the public side where clients can register and search a database of in-network doctors. Once they register, their PII would be passed along to a private database on the private side to protect their info.
- What are the trade-offs of using a VPC vs traditional infrastructure?
- VPC would be significantly cheaper in the short term, but more costly long-term. The tradeoff for the increased long-term costs, though, include:
- Scalability
- Ease of deployment
- Increased performance
- Better security
- VPC would be significantly cheaper in the short term, but more costly long-term. The tradeoff for the increased long-term costs, though, include:
Source: Cloudflare