Network & Security Standards
Comprehensive security best practices and network architecture guidelines for cloud platforms
Security is a shared responsibility between cloud providers and customers. Implement defense-in-depth strategies across all layers.
Virtual Network Architecture
Best practices for VPC/VNet design across providers
Network Segmentation
Public Subnet
Load balancers, NAT gateways, bastion hosts
Internet-facingPrivate Subnet
Application servers, container workloads
Internal onlyData Subnet
Databases, caches, sensitive data stores
Highly restrictedProvider-Specific Network Services
AWS
- •VPC: Isolated virtual networks
- •Security Groups: Stateful firewalls
- •Network ACLs: Stateless subnet-level rules
- •AWS PrivateLink: Private connectivity to services
- •Transit Gateway: Connect multiple VPCs
Azure
- •VNet: Virtual networks
- •NSG: Network security groups
- •ASG: Application security groups
- •Private Link: Private service access
- •Virtual WAN: Global network connectivity
GCP
- •VPC: Global virtual networks
- •Firewall Rules: Stateful instance-level rules
- •VPC Service Controls: Perimeter security
- •Private Service Connect: Private connectivity
- •Cloud Interconnect: Dedicated connections