This interview transcript is intended as a supplement to our editorial – AWS Outposts – Empowering Innovation & Low Latency Connectivity
AWS recently announced the availability of it’s new AWS Outposts solution in Malaysia, Thailand and many other countries. To find out more about the new service, we recently had an email interviews with Mr. Paul Chen, the Head of Solutions Architect for ASEAN at Amazon Web Services (AWS).
Paul Chen is the head of Architecture for Amazon Web Services ASEAN, Paul is responsible for managing a regional team of Solutions Architects, creating architectural best practices and working with customers on how they use the cloud for business transformation.
He has 30 years of pre-sales leadership and solutions experience in the IT Industry, with 15+ years in technical management across ASEAN and Asia Pacific. His breath
of technology experience includes cloud architectures, application solutions development, database platforms, web-based applications, networking, enterprise mobility solutions, virtualized unified communications and customer experience platforms.
Can you briefly explain AWS Outposts?
AWS Outposts is here to support your applications that have low latency or local data processing requirements on premise. These applications may need to make near real time responses to end user applications or need to communicate with other on-premises systems or control on-site equipment. These can include workloads running on factory floors for automated operations in manufacturing, real time patient diagnosis or medical imaging, and content and media streaming. You can use AWS Outposts to run applications that need to access data stores that will continue to remain on-premises.
Businesses in Malaysia are stuck somewhere in between when it comes to could computing and going digital. Can AWS Outposts help them accelerate their digitisation? How can they benefit from it?
We continue to believe that in the fullness of time, the vast majority of companies will run almost all of their IT workloads in the cloud. It is today and always has been a priority for us to make it easy for customers to run AWS as a seamless extension of their existing on-premises infrastructure. However, we have many customers who are going to be running on-premises data centers alongside AWS for many years to come and at varying paces. These customers are looking to us to help ensure that they have seamless integration between these two environments. That’s why we have been investing so much in hybrid capabilities over the past several years.
AWS offers the broadest and deepest hybrid capabilities including data integration and transport services, integrated and dedicated networking services, and identity and access management solutions fully integrated with the on-premises environment. Today, customers can take the tools they have from VMware and use them to run their workloads on AWS. This partnership makes it easy for customers to run in a hybrid mode between AWS and their VMware-based on-premises deployments using the same VMware tools and skillsets they have today. And with the availability of AWS Outposts, customers can now use the same AWS APIs, control plane, tools, and hardware on-premises and in the AWS cloud to deliver a truly consistent hybrid experience.
Why choose Outposts instead of using the AWS’s pre-existing cloud infrastructure?
AWS Outposts is designed for several different uses cases where workloads need to run on premises due to latency requirements, like:
- Manufacturing automation—operating manufacturing process control systems and automated plant assembly lines
- Health care—delivering real-time medical diagnostics and imaging to physicians
- Telecommunications—building new network services and deploying virtual network functionality
- Media & entertainment—delivering live event streaming, real-time gaming, rendering, and VFX
- Financial services—developing low latency trading platforms in a secure environment
- Retail—delivering real-time interactive retail services and unifying apps across environments
With Outposts, customer can benefit of running low-latency workloads, processing data locally and be able to harness the innovative services available on the AWS cloud. This can mean advanced analytics to monetize data or adding machine learning and artificial intelligence services such as Amazon Rekognition, Amazon Personalize and Amazon Comprehend.
Customers should run AWS Local Zones when they need to run their applications with single-digit millisecond latencies close to end users, but they don’t want to build and operate a datacenter or co-location facility. They can run the parts of their application in the Local Zone that requires ultra-low latency and connect back to the rest of their application and the full range of services running in AWS.
Customers should run AWS Wavelength when they want to build an applications that require single digit millisecond latency to mobile and connected devices over the 5G network. A range of emerging applications like machine learning inference, industrial IoT, and AR/VR require ultra-low latency to serve mobile users and connected devices, ad developers can place the parts of their application that require single-digit millisecond latency at the edge of the 5G network and then connect back to the rest of the application and the full range of services in AWS.
During the launch at AWS Re:invent last year, AWS announced that it was partnering with Verizon in the US. Why launch with a telco provider?
Amazon is partnering with Verizon to incorporate AWS WaveLength technology into parts of its wireless network. Amazon is also working with other global partners, such as Vodafone, KDDI and SK Telecom to provide this capability. This capability will result in fewer disruptions and shorter lag times when streaming videos, among other applications.
Who are your partners in rolling out Outposts in Malaysia? What are the roles that they are playing in providing the service to customers?
One of the partners in Malaysia is Maxis where they will incorporate Maxis cloud offerings and professional services to incorporate hybrid cloud and technologies to address edge computing.
We also have InfoFabrica who will be working with us to help outfit interested customers with Outposts.
We operate on a few models; customers will come directly to us or work with partners with Malaysia. Marketplace model – direct from us. Reseller model – contact reseller and work with the customers on the Outposts. – NSI model – customer work through NSI.
AWS Partner Network (APN) Partners provide technology and consulting services to help customers migrate, build, and run applications using AWS services.
APN Consulting Partners around the globe can help you with strategy and technology advisory services to migrate your on-premises applications onto Outposts as well as a variety of installation and maintenance options. You can also use Outposts validated technology partner solutions to build and run your applications on Outposts.
More information on AWS Outposts Partners
Does Outpost require a stable internet connection to operate? Can customers use Outpost offline? What happens to workloads if internet connection is lost suddenly?
To provide a consistent user experience, AWS advises customers to have 1GB internet over direct connect or VPN. The rack only needs 10MB to run but AWS recommends a default of 1 GB to be safe.
An AWS Outpost relies on connectivity to the parent AWS Region. AWS Outposts are not designed for disconnected operations or environments with limited to no connectivity. We recommend that customers have highly available networking connections back to their AWS Region. If interested in leveraging AWS services in disconnected environments such as cruise ships or remote mining locations, learn more about AWS services such as Snowball Edge.
If connection is lost suddenly, EC2 instances and EBS volumes on the Outpost will continue to operate normally and can be accessed locally via the local gateway. Similarly, AWS service resources such as ECS worker nodes continue to run locally. However, API availability will be degraded, for instance run/start/stop/terminate APIs may not work. Instance metrics and logs will continue to be cached locally for a few hours and will be pushed to the AWS Region when connectivity returns. Disconnection beyond a few hours however may result in loss of metrics and logs. As Route53 DNS will not resolve when disconnected, an on-premises DNS resolver should be used if network disconnections are expected. If you expect to lose network connectivity, we strongly recommend regularly testing your workload to ensure it behaves properly in this state when an Outpost is disconnected.
AWS Outposts are a managed service according to your website. What does “Fully Managed” mean? What does this entail?
AWS Outposts is the only fully managed offering available to customers today. AWS delivers, installs, and maintains the infrastructure the same way as we do in our data centers. Competitive offerings do not address key customer pain points in a production grade hybrid environment. They require customers to build against a limited set of services and APIs, forcing them to write custom software that quickly becomes inconsistent and incompatible with cloud services. It requires customers to set up and manage different operating environments for each site, resulting in duplicate effort, higher complexity, and increased risk. Customers must also manually manage, upgrade, and patch software themselves, and risk dropping out of compliance if they fail to upgrade. Customers also have to purchase hardware from third party vendors, who are responsible for providing the first line of customer support, making it administratively difficult to debug and resolve their issues.
How secure is AWS Outpost? Are there built-in redundancies when it comes to preventing data loss and data security?
Each AWS Outposts rack has a built-in tamper detection and a lockable door. AWS engineered a capability in a form of security key that looks like a screw specifically made for the chip. To remove the hardware from the rack, you must use the screw and turn it and it will crush the security chip key and once its crushed, the server and the data is protected. It is also encrypted by default.
AWS Outposts builds on the AWS Nitro system technologies that enables AWS to provide enhanced security that continuously monitors, protects, and verifies your Outpost’s instance hardware and firmware. With AWS Nitro, virtualization resources are offloaded to dedicated hardware and software minimizing the attack surface. Finally, Nitro System’s security model is locked down and prohibits administrative access, eliminating the possibility of human error and tampering.
AWS Outposts have an updated shared responsibility model underlying security. AWS is responsible for protecting Outposts’ infrastructure similar to how it secures infrastructure in the cloud today. Customers are responsible for securing their applications running on Outposts as they do in the Region today. With Outposts, customers are also responsible for the physical security of their Outpost racks, and for ensuring consistent networking to the Outpost.
Securing data
- Data-at-rest: Data is encrypted at rest by default on EBS volumes on Outposts.
- Data-in-transit: Data is encrypted in transit between Outposts and the AWS Region.
- Deleting data: All data is deleted when instances are terminated in the same way as in the AWS Region.
- AWS Outposts have been out for more than half a year now. How many countries is the service available in?
Outposts can be shipped to and installed in the following countries
- NA – US, Canada, Mexico
- EMEA – All EU countries, Switzerland, Norway, Bahrain, United Arab Emirates (UAE), and Kingdom of Saudi Arabia (KSA), Israel, South Africa
- APAC – Australia, New Zealand, Japan, South Korea, Hong Kong Special Administrative Region, Taiwan, Singapore, Indonesia, Malaysia, Thailand, India
- SA – Brazil
Support for more countries is coming soon.
Have there been any particular segment of customers that have adopted Outposts more than others? Do you see an opportunity for other segments to take advantage of Outpost?
There has been broad interest in AWS Outposts from both enterprise and start up customers, across a range of industries including financial services, e-commerce, healthcare and manufacturing.
With AWS Outposts infrastructure, customers in manufacturing can AWS services to run manufacturing process control systems such as MES and SCADA systems and applications that need to run close to factory floor equipment. These on-premises applications can integrate with services running in the AWS Region for centralized operations.
Healthcare customers can apply analytics and machine learning AWS services to health management systems that need to remain on premises due to low latency processing requirements. This will enable rapid retrieval of medical information by storing data locally on Outposts.
At the launch, Andy Jassy mentioned that the launch of AWS Outposts is step in providing services for edge computing. How does Outposts do this?
One common scenario for AWS Outposts is running applications that need single-digit millisecond latency to end-users or onsite equipment. Customer may want to run graphics-intensive applications such as image analysis that need low-latency access to end-users or storage-intensive workloads that collect and process hundreds of TBs daily. Others may need to run compute-intensive workloads on their manufacturing factory floors with precision and quality. Customers want to integrate their cloud deployments with their on-premises environments and use AWS services for a consistent hybrid experience. Outposts is both a way to deploy an AWS-centric hybrid-cloud and an edge computing approach.
How do you see the landscape changing with the introduction of AWS Outposts?
With the introduction of AWS Outposts, customer from a broad array of industries can bring the benefits of cloud computing right to their business door-steps. Business solutions requiring low latency performance can seamlessly be integrated to the cloud and deployed to provide a truly hybrid experience. Customers that have large amount of on-premise data can also process these sets of data in more meaningful ways to monetize the data assets. In this AWS hybrid-cloud approach, you use the same AWS application programming interfaces (API), tools and infrastructure both on your premises and the AWS cloud. Outposts bring native AWS services, infrastructure, and operating models to virtually any data center, co-location space, or on-premises facility.
With Malaysia’s big move into supporting and growing its tech space, particularly its animation and game development segment, where do you see AWS Outposts fitting in?
In the gaming industry, the applications tend to be very sensitive to latency and require considerable processing resources to provide rich animation and customer experience.
With AWS Outposts, gaming developers will have access to the latest GPU innovations on premises for graphics processing, audio and video rendering, and for running other media applications. Support live and real-time event streaming applications that require low latency by running those applications in on-premises locations close to end users.
