Connect your on-premises network

If you meet the XProtect VMS prerequisites, you are ready to connect to your on-premises network. There are many AWS and 3rd party network services that connect the deployed VPC to your network topology.

Deployment scenarios depend on the specifics of your organization's network infrastructure. It is highly recommended that you consult your organization's IT department or network topology consultant. For more information, see the XProtect on AWS White Paper.

AWS has services that securely connect your on-premises network or branch office site to your VPC. The most common services are:

• Site-to-Site VPN
• Transit Gateway
• Direct Connect

These services allow full connectivity to on-premises cameras, devices, recording servers, and Active Directory.

Site-to-Site VPN considerations:

• Connectivity to one VPC
• Best suited for simpler deployments
• Requires special configuration of your router

AWS provides a list of tested devices but other devices may be compatible. For more information about compatible gateway devices, see Your customer gateway device on AWS.

Transit Gateway Considerations:

• Acts as a centralized managed connectivity hub between VPCs and VPN connections for advanced routing
• Connectivity to multiple VPCs
• Connectivity to multiple VPNs
• Best suited for advanced XProtect deployments with multiple distributed sites

If you are an existing AWS customer, you likely have a Transit Gateway infrastructure in place. ​For more information about the AWS Transit Gateway service, see AWS Transit Gateway.

Gateway devices that use both the VPN Gateway and the Transit Gateway must support the Internet Key Exchange (IKE) protocol. AWS also requires special configuration of your gateway devices. For more information and a list of tested gateway devices, see the AWS Site-to-Site VPN user guide.

Direct Connect considerations:

• A dedicated network connection between your network and one of the AWS Direct Connect locations
• Private virtual interface from your on-premises network directly to your VPC
• Does not rely on Internet Service Provider (ISP) availability
• Scalable high bandwidth connections for heavy network loads and low latency
• Best suited for large enterprises using AWS infrastructure and services
• Limited availability

For more information on the AWS Direct Connect service, see AWS Direct Connect features.