In today's modern digital world, more and more employees work from a location that is remote from where
Each of these employees connects to
Amazon CloudFront resolves this problem by providing a direct connection between two Amazon points: one that is close to
Figure: Comparison between a typical Internet connection running via multiple servers versus a direct connection offered by Amazon CloudFront.
Amazon local caching
Amazon CloudFront can make use of local caching at each Amazon connection point (known as 'Edge locations'). However,
The following scenarios were tested using the following setup:
- Location of the server: AWS Singapore (ap-southeast-1) region
- Location of the user: Amsterdam, the Netherlands
- Connection speed: a 60/20 Mbit consumer Internet connection
Scenario 1 - file check-out
In this scenario, a Photoshop file of 254Mb was checked-out.
The results were as follows:
|Without CloudFront||With CloudFront|
|2 minutes 49 seconds||54 seconds|
Scenario 2 - uploading and downloading files
Using a variety of files, the following performance increase was observed:
|325% performance increase1||190% performance increase1|
1 The connection was capped to 50Mbit; the improvement could potentially be higher.
Some of the benefits of connecting to
- Faster interaction with the complete system
- Reduced waiting times for end users
- Option to take full advantage of a global workforce for producing content
- Sharing files (more) easily within a global team
When not to use CloudFront
Not all locations will see a performance improvement when using CloudFront. Typically, the speed improvement will be most noticeable for those users that are furthest away.
If the distance to connect to
Because the performance improvement is provided by making use of a different connection, no software changes in
Amazon CloudFront is a service that needs to be paid for. The costs depend on the amount of data traffic and the location of your server and workforce.
For a detailed calculation of the monthly costs use the Amazon cost calculator.
It is assumed here that the following is in place:
- A running instance of
EnterpriseServer (preferably hosted on Amazon AWS)
- A Load Balancer that is accessible over the Internet and by CloudFront1
- An Amazon account (this can be created for free on aws.amazon.com)
1 Either allow public access to your Load Balancer in the Security Group (HTTPS, 0.0.0.0/0), or see the note under Additional configuration about restricting the Security Group of the ELB to only be accessible from CloudFront.
Setup and implementation
The implementation involves performing the following steps:
- Setting up an Amazon CloudFront instance in which the instance of
EnterpriseServer that CloudFront should communicate with is defined.
- Making sure that users log in to
EnterpriseServer through CloudFront.
Each is explained in detail below.
1. Setting up CloudFront
Step 1. Log in to your Amazon AWS account (create one if you do not have one).
Step 2. Open the CloudFront page.
Step 3. Click Create Distribution.
The Select delivery method page appears.
Step 4. In the Web section, click Get Started.
The Create Distribution page appears.
Step 5. Configure the following settings:
Note: The settings in bold are crucial to making this feature work correctly.
|Origin Domain Name||
The domain name of the
Example: If your current URL for connecting to Enterprise is:
|Origin ID||An optional description for this distribution.|
|Origin SSL Protocols||(If applicable) Choose the SSL protocols supported by the server instance.|
|Origin Protocol Policy||Choose whether to connect from CloudFront to the server instance over HTTP only, HTTPS only, or by letting the end user decide.|
|Viewer Protocol Policy||Select the SSL mode to use.|
|Allowed HTTP Methods||Select GET, HEAD, OPTIONS, PUT, POST, PATCH, DELETE.|
|Forward Headers||Select All.|
|Forward Cookies||Select All.|
|Query String Forwarding and Caching||Select Forward all, cache based on all.|
|Compress Objects Automatically||(Optional) Set to Yes for smaller file transfers.|
|Price Class||Depends on your usage (we chose to Use All Edge Locations)|
|Alternate Domain Names (CNAMEs)||
Enter the CNAME when linking a DNS CNAME to the distribution. This allows you to hide the default CloudFront URL.
Example: If your current DNS entry for
Step 6. Click Create Distribution.
the distribution is created. The status for it will appear as 'In Progress' and is ready when the status appears as 'Deployed'.
Note: Setting up the distribution or making changes to it takes can take more than half an hour.
2. Letting users connect through CloudFront
For those users who need to connect through CloudFront, make sure that they do so via the new URL.
This can be easily done by changing the DNS record for your server to the CloudFront distribution; this way users do not have to change the URLs they use.
Example: Assuming your existing
the new URL to be used through CloudFront will be:
Note: For users of Smart Connection and Content Station 9, make sure to update the WWSettings.xml file on the user's system.
Mac OS X
- /Library/Application Support/WoodWing
Note: This folder is hidden by default. To display this folder, change the folder options. (See the Windows Help file.)
Important: Make sure to validate the WWSettings.xml file for correct content. See Validating the WWSettings.xml file.
Please take note of the following information for configuring the environment.
- Elastic Load Balancing (ELB). It is possible to restrict the Security Group of the ELB to only be accessible from CloudFront. Although this is not easy to achieve, it is possible. For more information see the Cloudfront Security Group blogpost on 24hoursmedia.com.
- Using an Amazon Web Application Firewall (WAF). The use of AWS WAF to secure both ends of the connection (origin and end user) has not been tested by us.
Enterprise Server configuration
- RabbitMQ setup. Note that a RabbitMQ integration for Enterprise Server cannot be run over CloudFront. Define the normal/origin URL for this in Enterprise therefore. (Because the messages are small the user will typically will not notice any effect in performance in receiving these messages.)