Software defined networks in the cloud can be a bit daunting when coming from a traditional on-premises environment where you rack/stack equipment and can visibility trace the interconnects. Many of these traditional concepts extend into the cloud and these 2 records take you on a journey demonstrating basic networking and extending to setting up a full VPN tunnel from my router at home.
What I use at home with my Comcast 600MB service is a Protectli embedded PC that is fully capable at doing network intrusion detection/prevention without skipping a beat. On this device, I’ve installed PFSense community edition. This works well to provide options for my local network and to connect to cloud providers from my home network.