A Virtual Private Cloud(VPC) network allows you to configure the network in an isolated environment to support different scenarios.
Host Internet-facing applications
Applications that are hosted in a VPC network can provide external services. To control access to these applications over the Internet, you can create security group rules and access control whitelists. You can also isolate application servers from databases to implement access control. For example, you can deploy web servers in a subnet that can access the Internet. You can also deploy the application databases in a subnet that cannot access the Internet.
Host applications that require access to the Internet
You can host applications that require access to the Internet in a subnet of a VPC network and route network traffic by using a Network Address Translation (NAT) gateway. You can configure SNAT rules to allow outbound connectivity from the subnet to the Internet without exposing the private IP addresses of your instances. In this case, you can change the public IP address that is used in an SNAT mapping as required to prevent against targeted attacks.
Implement zone-disaster recovery
Multiple VSwitches can be created in a VPC network as subnets. VSwitches in a VPC network can communicate with each other. These VSwitches can be used to host your resources in different zones. This allows you to implement zone-disaster recovery.
Isolate business systems
VPCs are logically isolated from each other. You can configure multiple VPCs to isolate different business systems, such as production and test environments. If these business systems are required to communicate with each other, you can create a peering connection between the VPCs to route traffic. For more information, see What is a peering connection?.
Build a hybrid cloud
You can create a dedicated connection to connect your VPC network to an on-premises network and expand your local network. Your local application systems can be seamlessly migrated to the cloud. You do not need to change the access method for these applications.
Network bandwidth fluctuations based on service applications
If you encounter high fluctuations in bandwidth based on your service applications, you can configure DNAT forwarding rules by using a NAT gateway. You can add elastic IP addresses (EIPs) to EIP Bandwidth Plan to allow EIPs to share bandwidth. This can reduce bandwidth fluctuations and save your cost.