Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cloud Security AWS as an example.

Published byEeva-Liisa Nurmi Modified over 5 years ago

Similar presentations

Presentation on theme: "Cloud Security AWS as an example."— Presentation transcript:

1 Cloud Security AWS as an example

2 Cloud Security Security of the Cloud Security in the Cloud
Implemented by the cloud service provider. (i.e. Them: AWS, IBM, Microsoft Security in the Cloud Implemented and operated by the customer (i.e. You) Related to security of customer content Applications that make of use of the cloud providers services.

3 Cloud Security – AWS vs. You
Of the Cloud vs. in the Cloud

4 You Decide Which ports are open (Firewall)
Which IP address may access your resources What patches are applied to the Operating System Do you have encryption enabled Account access User Access lists

5 They Decide Global Security of the cloud Hardware Data centers
Networks Anti virus software

6 AWS Compliance

7 IaaS Infrastructure as a service
EC2, VPC, S3 security are all controlled by you. Elastic Compute Cloud (EC2) Servers (small and big based on need) Virtual Private Cloud (VPC) You join Amazon’s private cloud and run services networked. Simple Storage Service (S3) Upload and share files.

8 Storage Decommission Blocks unauthorized users to see customer data. When storage is taken back from a customer, it must go though the data scrubber called the hypervisor before is can be used by another customer.

9 On the Network AWS protects against Denial of service
Security groups, access control lists Man in the middle IP spoofing Host based firewall infrastructure. Will not accepts if IP address is not it’s own Port scanning Packet sniffing

10 Security ELB (Elastic load balancing)
Security groups with inbound and outbound security restrictions. EC2 Firewall is configures by default in a Deny All but… mode You can used https encryption and encrypted tunnel access around VPN’s

11 Databases and non-Internet facing
You can use subnets to place databases and non-internet facing subnets to avoid direct internet access to servers.

12 AWS firewall

13 Amazon CloudWatch You can used CloudWatch to track logs and metrics and alert you via and text messages Basic monitoring (free) Polls every 5 minutes 5GB for ingestion 5GB storage Detailed monitoring Polls every minute Cost more money

14 AWS CloudWatch dashboard

15 UEBA-User & entity behavior analytics
Examples) A user is doing an unusual amount of salesforce downloads A userid logging in from different places in the world at the same time.

Download ppt "Cloud Security AWS as an example."

Similar presentations

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.

Creating HIPAA-Compliant Medical Data Applications with Amazon Web Services Presented by, Tulika Srivastava Purdue University.
Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.

Cloud computing is used to describe a variety of computing concepts that involve a large number of computers connected through a real-time communication.
Ivan Pleština Amazon Simple Storage Service (S3) Amazon Elastic Block Storage (EBS) Amazon Elastic Compute Cloud (EC2)

Ivan Pleština Amazon Simple Storage Service (S3) Amazon Elastic Block Storage (EBS) Amazon Elastic Compute Cloud (EC2)
Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
1 NETE4631 Cloud deployment models and migration Lecture Notes #4.

1 NETE4631 Cloud deployment models and migration Lecture Notes #4.
An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.

An Approach to Secure Cloud Computing Architectures By Y. Serge Joseph FAU security Group February 24th, 2011.
1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.

1 Objectives Configure Network Access Services in Windows Server 2008 RADIUS 1.
Cloud Computing 1100101 (101).

Cloud Computing (101).
Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard
Chapter 6 Configuring, Monitoring & Troubleshooting IPsec

Chapter 6 Configuring, Monitoring & Troubleshooting IPsec
1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.

1 Intrusion Detection Systems. 2 Intrusion Detection Intrusion is any use or attempted use of a system that exceeds authentication limits Intrusions are.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Responsibility Working at a Small-to-Medium Business or ISP – Chapter 8.
Cloud Computing using AWS C. Edward Chow. Advanced Internet & Web Systems chow2 Outline of the Talk Introduction to Cloud Computing AWS EC2 EC2 API A.

Cloud Computing using AWS C. Edward Chow. Advanced Internet & Web Systems chow2 Outline of the Talk Introduction to Cloud Computing AWS EC2 EC2 API A.
A Brief Overview by Aditya Dutt March 18 th ’ 2014 1Aditya Inc.

A Brief Overview by Aditya Dutt March 18 th ’ Aditya Inc.
1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.

1 Objectives Windows Firewalls with Advanced Security Bit-Lock Update and maintain your clients using Windows Server Update Service Microsoft Baseline.
Lecture 15 – Amazon Network as a Service. Recall IaaS Server as a Service Storage as a Service Network as a Service.

Lecture 15 – Amazon Network as a Service. Recall IaaS Server as a Service Storage as a Service Network as a Service.
1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.

1 Infrastructure Hardening. 2 Objectives Why hardening infrastructure is important? Hardening Operating Systems, Network and Applications.
Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.

Cloud computing is the use of computing resources (hardware and software) that are delivered as a service over the Internet. Cloud is the metaphor for.
CLOUD COMPUTING  IT is a service provider which provides information.  IT allows the employees to work remotely  IT is a on demand network access.

CLOUD COMPUTING  IT is a service provider which provides information.  IT allows the employees to work remotely  IT is a on demand network access.
Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Microsoft Internet Security and Acceleration (ISA) Server 2004 is an advanced packet checking and application-layer firewall, virtual private network.

Similar presentations

Ads by Google