Overview

VPC helps you build an isolated network environment based on Alibaba Cloud including customizing the IP address range, network segment, route table, and gateway. In addition, you can connect VPC and a traditional IDC through a leased line, VPN, or GRE to provide hybrid cloud services.

Benefits

Secure Isolation Builds an isolated network environment based on Alibaba Cloud. Layer-2 logical isolation is achieved between different VPC instances. Flexibility SDN configures the network as required, customizes the IP address range and route table. Scalability Works with multiple products and easily manages Internet portals to provide a hybrid cloud architecture. Free of Charge Achieve a fully isolated VPC environment for free on the Alibaba Cloud platform.

Features

Layer-2 logical isolation

Builds an isolated network environment based on Alibaba Cloud. Layer-2 logical isolation is achieved between different VPC instances. Network virtualization Virtual networks are built on a physical network based on the OverLay technology. Full isolation among VPC instances VPC instances are isolated using Vxlan. Layer-2 logical isolation is achieved between different VPC instances to prevent them from communication.

Custom network environment

You can customize the IP address range, network segment, route table, and gateway. You can also plan and manage the network as needed. Subnet division You can divide the private IP address of VPC into one or several subnets using VSwitches and deploy applications and other services under the corresponding VSwitch as needed. Custom route rules The route rules of VRouters are configured based on business needs to manage the forwarding routes of VPC traffic.

Access control

Flexible access control rules are compliant with the secure isolation regulations for government and financial users Security group With the help of the security group function, product instances in VPC can be classified into different security domains and each security domain can have custom access control rules. RAM RAM can be used to manage network permissions.

Internet portal management

Meets the requirement for VPC resources to actively access the Internet and provide external services. Internet access EIPs can be bound to cloud product instances of the VPC type in the same region as needed to allow the instances to access the Internet. Internet portal management NAT Gateway supports SNAT configuration to meet the needs of VPC resources to actively access the Internet. It also supports DNAT configuration and provides IP address mapping, port mapping, and 10 Gbit/s forwarding capabilities to enable multiple services to share the bandwidth so as to save costs.

Hybrid cloud architecture

VPC can be connected to a traditional IDC through leased lines or VPN to build a hybrid cloud. VPC intranet communication Express Connect can be used to establish an intranet connection between VPC instances in different regions and of different users, to achieve interconnection of user networks on Alibaba Cloud. Hybrid cloud architecture Through leased lines, VPC can communicate with intranets of an IDC with excellent communication quality to easily build a hybrid cloud.