Storage & Networking


Virtual Private Cloud


Overview

Alibaba Cloud Virtual Private Cloud (VPC) is an isolated cloud network built for private usage. VPC provides users with the utmost control over data, security and resources, including configuration of route tables, network gateways and selection of IP addresses range.

Users can even augment resources by connecting a private on-premise network to Alibaba Cloud VPC to develop a hybrid cloud solution. This provides users with the ability to conduct external backups and meet regulatory needs.

Benefits

Secure

  • Achieves security standards of traditional VLAN isolation through Alibaba Cloud advanced security features, including tunneling technology.

  • Segregates VPC instances into different security domains using security group features.

  • Compliant with security isolation regulations set by the Chinese Government for financial users.

Easy Access Control

  • Easy and flexible access control solution for each security domain.

  • Quickly create and access Alibaba Cloud VPC services using the console.

Multiple Connectivity Options

  • Easily connect to the Internet by creating public-facing subnets.

  • Securely connect to your corporate data center and route all incoming and outgoing traffic of your instances.

  • Securely share resources across multiple virtual networks by connecting privately to VPCs of other Alibaba Cloud accounts.

Rich Network Connectivity

  • Supports VPN software and dedicated data line connections.

  • Supports multi-line connections which can be connected with private, physical or other proprietary network.

  • Supports VPN gateway customization. Set up your own VPN gateway or access a variety of VPN products offered 

Easy Payment Options

  • Offers flexible billing where you pay only for the resources used such as bandwidth, storage, compute, etc.

 

Product Details

Alibaba Cloud VPC allows the flexibility to build your cloud architecture in a logically isolated and secure environment. This means users can control their virtual networking environment, including the selection of IP address range, the creation of subnets and configuration of route tables and network gateways. Users can also segregate VPC instances into different security domains using security group features.

Alibaba Cloud VPC includes the option to build layers of security into managed private cloud network architecture. For example, users can create a public-facing subnet for web server hosting and place backend systems such as database or application servers in a private-facing subnet with no Internet access.

VPC supports VPN software and dedicated data line connections, as well as multi-line connections which can be connected with private, physical or other proprietary networks.

Features

Ease of Use:

Virtual LAN (VLAN)

Any broadcast domain which is partitioned and isolated in a computer network at the data link layer.

  • Alibaba Cloud uses VLAN to divide the range of private IP address into several VSwitches.

  • Helps easy deployment of applications and other VPC services.

Customize Routing Rules

  • Easily customize and manage VRouter routing rules.

  • Configure forwarding routes of traffic.

  • Define routing rules between source and destination in route tables.

Dedicated Resources:

  • Offers dedicated Elastic IP addresses (EIPs) which you can attach to the ECS instances within the managed private cloud and access them publicly.

  • Offers dedicated line access service which helps you to establish a private and direct connection from your office, local data center or co-hosting location to Alibaba Cloud data center bypassing the public Internet.

  • Dedicated line access reduces network latency and provides you with a more consistent network experience compared to other Internet connections.

Secure:

Security Groups

Security Group is a logical segregation of instances with the same security requirements and mutual trust.

  • Alibaba Cloud VPC divides ECS instances into different security domains with the help of security groups.

  • You can control network access to ECS instances using security groups.

  • Each security domain enables you to customize access-control rules for different ports and IPs.

  • Allows you to specify inbound and outbound network traffic for each ECS instance.

Hassle-free VPC Management:

  • Flexibly allocates IP addresses using CIDR (Classless Inter-Domain Routing) blocks as opposed to original allocation system based on IP address classes.

  • Replaces the old class A, B, C system and enables a single IP address to designate many unique IP addresses.

  • You can easily define traffic in route tables.

Cost-Effective Service:

  • Free components such as VSwitches, VRouter, route tables, and route entries.

  • You only pay for resources used such as ECS, RDS etc.