Virtual private clouds (VPCs) are virtual networks that are isolated from each other. VPCs support flexible configurations to meet requirements of different scenarios.

Deploy applications in a safe manner

Applications deployed in a VPC can provide services to the outside. To control access to the applications over the Internet, you can create security group rules and configure whitelists. You can also isolate application servers from databases to implement access control. For example, you can deploy web servers in a subnet that can access the Internet, and deploy databases in another subnet that cannot access the Internet.

Deploy applications

Deploy applications that require access to the Internet

You can deploy applications that require access to the Internet in a subnet of a VPC and use an Internet NAT gateway to route network traffic. You can configure SNAT entries to allow instances in the subnet to access the Internet without the need to expose the private IP addresses. In addition, you can change the elastic IP addresses (EIPs) specified in the SNAT entries to prevent attacks from the Internet.

Deploy applications that require access to the Internet

Implement cross-zone disaster recovery

You can create one or more vSwitches to create one or more subnets for the VPC. vSwitches within the same VPC can communicate with each other. To implement cross-zone disaster recovery, you can deploy resources across vSwitches in different zones.

Implement cross-zone disaster recovery

Isolate business systems

VPCs are logically isolated from each other. You can use multiple VPCs to isolate business systems in different environments such as production and test environments. If you want to enable a VPC to communicate with another one, you can attach the VPCs to a Cloud Enterprise Network (CEN) instance. For more information, see What is CEN?.

Isolate business systems

Build a hybrid cloud

To expand your on-premises network, you can establish a dedicated connection between a VPC and your data center. This allows you to seamlessly migrate the applications in your data center to the cloud. You do not need to change the access method for the applications.

Build a hybrid cloud