VNS3 NAT Gateway

VNS3 NATe provides Network Address Translation (NAT) functions at a significantly cheaper price than AWS NAT Gateways. NATe allows instances in a private AWS subnet to connect to services outside your VPC but prevents external services/devices from initiating a connection with your instances. Replace your existing NAT Gateways to save money, increase control, and have access to better support.

NATe Network Diagram

Be a FinOps Hero and Reduce Your AWS Cloud Bill

Each cloud vendor charges for every GB of data processed by your NAT Gateway. If your network sees a lot of data, this can get expensive. With VNS3, you only pay for the virtual machine runtime.

Using Cloud’s NAT

$ 4.5

/ 100 GB processed

Using Cloud’s NAT

$ 45

/ 1000 GB processed

Using Cloud’s NAT

$ 450

/ 10,000 GB processed

Using VNS3 NATe

$ 0


Not Sure Where to Start?

NATe is available to launch and configure for free in the AWS marketplace. If you need more than 25mbps of throughput you can easily upgrade to our enterprise NATe license.

Questions about your unique use-case? Contact one of our experts to learn how NATe can help you reduce your cloud spend without sacrificing functionality.

Ask an Expert

Same NAT, Reduced Cost

If you use AWS NAT Gateways, you are overpaying. AWS charges a Data Processing fee (typically $0.045 / GB) on top of the already expensive runtime cost for the AWS NAT Gateway. It’s a cloud tax that you don’t have to pay with VNS3 NATe.

VNS3 NATe Free

Zero Premium - Limited Throughput (25mbps)
$0/hour + runtime


Enterprise NAT Gateway
$0.005/hour + runtime

Multiple Areas of Improvement with NATe

Stop paying extra for a “well architected” application.



VNS3 NATe is build on the VNS3 application security controller platform and includes a fully featured firewall, log access, network security plug-in system to add L4-L7 network services, and more.


Stop overpaying for AWS NAT Gateway runtime fees and completely eliminate the AWS progressive DATA TAX.  Reduce your AWS NAT Gateway costs by 70%.



Cohesive Networks support team is based in the US and UK and are available to provide the best support experience you’ve ever experienced in the cloud.  Knowledgeable interactions and quick resolutions are their specialty.

Functional Highlights

  • Performance – run on the smallest AWS instance sizes to maximize value or larger instances for greater total throughput
  • Secure – built on the VNS3 Application Security Controller platform to include access to the VNS3 firewall for additional and orthogonal policy enforcement for traffic flows
  • Control – access logs, network tools like tcpdump, status information
  • Customize – leverage the Cohesive Networks Plugin system to add L4-L7 network services to the NATe instance like NIDs, WAF, Proxy, LB, etc.
  • Automate – fully automate the deployment of VNS3 NATe instances as part of your existing AWS deployment framework leveraging the RESTful API to reduce implementation costs
  • Failover – NATe can be configured in a number of AWS HA architectures to provide the same level of insurance needed for critical infrastructure via instance auto recovery, auto scale groups, and Cohesive Networks’ own Peering and HA Container functionality
  • Upgrade – NATe is fully upgrade-able to fully licensed VNS3 controllers deployed as a single application security controller or part of secure network edge mesh

Deploying NATe to a new or existing AWS environment is easy.