AWS Workspaces Integration with On-Premise Active Directory for Predictable Latency

Integrating AWS Workspaces with On-Premise Active Directory | Predictable Latency

Prev Question Next Question

Question

You work for a company that has around 2,000 employees.

There is a decision from senior management to start using AWS Workspaces.

The data for the employees is already stored in the on-premise Active Directory.

How can you ensure that the network connectivity for authentication works with the on-premises AD and has the most predictable latency ?

Choose 2 answers form the options given below.

Answers

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

Answer - A and C.

The AWS Documentation mentions the following on AD Connectors.

AD Connector is a directory gateway with which you can redirect directory requests to your on-premises Microsoft Active Directory without caching any information in the cloud.

AD Connector comes in two sizes, small and large.

A small AD Connector is designed for smaller organizations of up to 500 users.

A large AD Connector can support larger organizations of up to 5,000 users.

Once set up, AD Connector offers the following benefits:

· Your end users and IT administrators can use their existing corporate credentials to log on to AWS applications such as Amazon WorkSpaces, Amazon WorkDocs, or Amazon WorkMail.

For more information on the AD Connector, please refer to below URL:

http://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_ad_connector.html

For better performance and reliability consider using the Direct Connect Connection between AWS and the on-premise infrastructure.

For more information on Direct Connect, please refer to below URL:

https://aws.amazon.com/directconnect/

To ensure network connectivity for authentication between AWS Workspaces and the on-premises Active Directory with the most predictable latency, you can use two solutions:

  1. Deploy an AD Connector in AWS which will be used to connect to the on-premise AD: An AD Connector is a service offered by AWS that enables you to connect your on-premises Active Directory to AWS. AD Connector is a highly available, managed service that enables you to use your existing on-premises identity infrastructure to authenticate and authorize access to AWS resources. It allows you to use your on-premises credentials to access AWS resources without replicating your Active Directory data to the cloud. The AD Connector maintains a secure connection to your on-premises network using the AWS Direct Connect or VPN. By using an AD Connector, you can authenticate users with your existing Active Directory infrastructure, and also manage access to AWS resources using your existing group policies. The predictable latency is achieved as the AD Connector service maintains a secure, high-speed connection to your on-premises network using either Direct Connect or VPN.

  2. Create a Direct Connect connection between the on-premises datacenter and AWS: AWS Direct Connect is a dedicated network connection that establishes a private, high-bandwidth network connection between your on-premises datacenter and AWS. By creating a Direct Connect connection, you can bypass the public internet and establish a private connection to AWS, which can help to reduce latency, increase security, and ensure a predictable network experience. Once you have established the Direct Connect connection, you can create a virtual private gateway to route traffic to AWS, and create a VPN connection to securely access your resources. By using Direct Connect, you can ensure that your on-premises Active Directory is accessible from AWS with a predictable latency.

In conclusion, to ensure network connectivity for authentication works with the on-premises Active Directory with the most predictable latency, you can deploy an AD Connector in AWS, or create a Direct Connect connection between the on-premises datacenter and AWS.