shared security responsibility in the aws public cloud

SHARED SECURITY RESPONSIBILITY IN THE AWS PUBLIC CLOUDAPRIL 2014

Johnathan Norman, Cloud Solutions Architect and Diane Garey, Product Marketing

2

Alert Logic Secures Datacenters in Any Environment

PUBLIC CLOUD

MANAGED HOSTING

ON-PREM DATA CENTER

In AWS Public Cloud, Security is Shared

3

Customer

Primary Responsibility

Alert Logic Solutions are Engineered for AWS

4

Engineered for AWS

Supports Auto Scaling & role aware Automatable with APIs and scripts Available across multiple regions Manageable at scale IP address & topology independant Usage based utility pricing Marketplace transactable

AMI and agent deployment options Network and system visibility Proven reference architectures

Runs on AWS

5

Available via the AWS Marketplace

6

Alert Logic Solutions

APPLICATIONS

SYSTEMS

NETWORKS

PRODUCTS CONTENT BIG DATA ANALYTICS PEOPLE & PROCESS

WEB SECURITY MANAGERKey Capabilities» Positive & negative security models» Adaptive learning engine» Broad compliance coverage (PCI, OWASP)

Product Categories» Web Application Firewall

LOG MANAGERKey Capabilities» Powerful analysis for security logs» Simple, intuitive search interface» All your data accessible online, all the time

Product Categories» Log Management» SIEM

THREAT MANAGERKey Capabilities» Context aware threat identification» Integrated vulnerability scanning» PCI Approved Scanning Vendor certified

Product Categories» IDS / IPS» Vulnerability assessment

Managed Service» ActiveWatch

Managed Service» LogReview

Managed Service» ActiveWatch

7

Inline protection of web applications from dangerous cyber threats

Secure Web Applications

Alert Logic Web Security Manager WAF

Page 8

Active Protection for Web Applications, Management IncludedPositive & Negative Security Active protection using signatures and leading learning engine

Key Compliance Coverage Supports PCI 6.6 and OWASP Top 10 risks

Management Included 24x7 management by experienced security analysts

AWS Auto Scaling Protection scales dynamically with your web apps

Security Where You Need It Works wherever you have your datacenter

rep

licati

on

AWS Infrastructure

Web Traffic

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

DatabaseRead

Replica

DatabaseRead

Replica

DatabaseMaster

rep

licatio

n

VPC

A

B

Elastic Load

Balancer

Elastic Load

Balancer

Elastic Load

Balancer

rep

licati

on

AWS Infrastructure + Web Security Manager

Amazon S3Configurati

onCloudTrail

MasterAuto

Recover

Elastic Load

Balancer

Web Traffic

Alert Logic

Management

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

DatabaseRead

Replica

DatabaseRead

Replica

DatabaseMaster

rep

licatio

n

VPC

A

B

Worker

Worker

Worker

Elastic Load

Balancer

Elastic Load

Balancer

Elastic Load

Balancer

11

Security monitoring of log data

Manage Log Data

12

Capture & Manage AWS CloudTrail Messages

Include activity log data with other application, system and event logs

13

Alert Logic Log Manager for AWS

Cloud-Based Security Log AnalysisAll Log Data, All Together Collect, archive and analyze log data in real-time all data sources

Quick access to log data Dozens of reports, fast and intuitive search function

Compliance friendly Supports numerous standards such as PCI, HIPAA, FFIEC, SOX

Available as a service Auditable daily log review with integrated case management by dedicated GIAC-certified System Security Analysts

AWS Friendly Designed for AWS workloads and reference architectures

Intrusion Detection System built for AWS

Monitor for Network Threats 24x7

14

15

Alert Logic Threat Manager

Context-Aware Network Threat Detection & ResponseIntrusion Monitoring w/o False Positives Multi-factor analysis enables more accurate detection

Integrated Vulnerability Assessment Delivers context-aware threat detection and mitigation

Automated Security Analysis Out of the box alerts and reports for key use cases

Key Compliance Coverage Supports numerous control objectives including PCI Approved Scanning Vendor (ASV) requirement

24x7 Security Monitoring Security Operations Center staffed by GIAC-certified analysts

rep

licati

on

AWS Infrastructure + Web Security Manager

Amazon S3Configurati

onCloudTrail

MasterAuto

Recover

Elastic Load

Balancer

Web Traffic

Alert Logic

Management

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

Web Server

DatabaseRead

Replica

DatabaseRead

Replica

DatabaseMaster

rep

licatio

n

VPC

A

B

Worker

Worker

Worker

Elastic Load

Balancer

Elastic Load

Balancer

Elastic Load

Balancer

rep

licati

on

AWS Infrastructure + Web Security Manager + Threat Manager

Amazon S3Configurati

onCloudTrail

MasterAuto

Recover

Elastic Load

Balancer

Web Traffic

Alert Logic

Management

Web Server

Web Server

Web Server

Web Server

Auto-scaling

ThreatManager

Appliance

Auto-scaling

ThreatManager

Appliance

Web Server

Web Server

Web Server

Web Server

DatabaseRead

Replica

DatabaseRead

Replica

DatabaseMaster

rep

licatio

nVPC

A

B

Worker

Worker

Worker

Elastic Load

Balancer

Elastic Load

Balancer

Elastic Load

Balancer

18

Next Steps

• More information:https://www.alertlogic.com/products-services/public-cloud-security/cloud-security-for-aws/

• Alert Logic Cloud Defenderhttps://www.alertlogic.com/products-services/alert-logic-cloud-defender/

• Additional product videos:https://www.youtube.com/user/AlertLogicTV

Thank you.