By launching your instances into a VPC instead of EC2-Classic, you gain the ability to: Assign static private IP addresses to your instances that persist across starts andstops Assign multipleIP addresses to your instances. Define network interfaces, and attach one or more network interfaces to your instances Changesecurity group membership for your instances while they're running Control the outbound trafficfrom your instances (egress filtering) in addition to controlling the inbound traffic to them (ingressfiltering). Add an additional layer of access control to your instances in the form of network access control lists(ACL). Run your instances on single-tenant hardware Reference: http://media.amazonwebservices.com/AWS_Cloud_Best_Practices.pdf