Upload File

ultra secure cloud data center on aws

19
Ultra Secure Data Center on Amazon Cloud Lahav Savir, Architect & CEO Emind systems ltd. [email protected]

Upload: newvewm

Post on 31-Oct-2014

624 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

This presentation is an introduction to Emind Systems' in-house best practice for an ultra-secure application deployment on the AWS cloud. This best practice is based on Emind's experience in performing dozens of infrastructure projects based on the Amazon Web Services’ platform.

TRANSCRIPT

Page 1: Ultra Secure Cloud Data Center on AWS

Ultra Secure Data Centeron Amazon Cloud

Lahav Savir, Architect & CEOEmind systems [email protected]

mailto:[email protected]
Page 2: Ultra Secure Cloud Data Center on AWS

About

Lahav Savir• 15+ years in on-line industry• Architect and CEO @ Emind Systems

Emind Systems (est. 2006)• Boutique system integrator• AWS solution provider• 100+ AWS customers

Page 3: Ultra Secure Cloud Data Center on AWS

Amazon (AWS) Certification

Amazon Solution Provider& Consulting Partner

https://aws.amazon.com/solution-providers/si/emind-systems-ltd

Page 4: Ultra Secure Cloud Data Center on AWS

What is secure data center ?

• Isolated and controlled• Firewalled• Secure access– VPN– SSL

• Audited• Intrusion detection &

prevention• Configuration analysis

• Data encryption• Antivirus• Frequent updates• User management– One time password

• One spot for monitoring– Centralized alerts and

notifications

• Regulatory compliance

Page 5: Ultra Secure Cloud Data Center on AWS

Emind’s best practice

Page 6: Ultra Secure Cloud Data Center on AWS

Access Management

• Control the data flow– AWS VPC– ACL– Routing– Handle all in/out traffic

• Access control– Security groups

• Identity access management– One-time-password– AWS IAM with MFA

Page 7: Ultra Secure Cloud Data Center on AWS

ACL & Routing in the VPC

7

Page 8: Ultra Secure Cloud Data Center on AWS

Emind’s best practice

8

VPC

IAM

Traffic

Page 9: Ultra Secure Cloud Data Center on AWS

Traffic Control

• Log in / out traffic• Terminate encrypted connection• Sanitize in / out packets– Real-time decisions– Accept / reject connections– Rate limiting

9

Page 10: Ultra Secure Cloud Data Center on AWS

Emind’s best practiceVPC

IAM

TrafficEncryption

Sanitize

Page 11: Ultra Secure Cloud Data Center on AWS

Anomalies detection

• Host based IDS– Detect configuration changes– Track running processes– Track file access– Resource access– Detect abnormal behavior !

• OS hardening• App cleanup

Page 12: Ultra Secure Cloud Data Center on AWS

Emind’s best practiceVPC

IAM

TrafficEncryption

Sanitize

Host IDS

Hardening

Page 13: Ultra Secure Cloud Data Center on AWS

Data Protection

• In-flight– SSL encryption– IPSec

• In-rest– Storage level encryption– Data base encryption

Page 14: Ultra Secure Cloud Data Center on AWS

Emind’s best practiceVPC

IAM

TrafficEncryption

Sanitize

Host IDS

Hardening

Data Enc.

Data Enc.

Page 15: Ultra Secure Cloud Data Center on AWS

Data aggregation

• Need to aggregate– VPN access logs– Traffic audit logs– Network IDS logs– Host IDS logs– Anti virus logs

• Detect patterns

15

Page 16: Ultra Secure Cloud Data Center on AWS

Emind’s best practiceVPC

IAM

TrafficEncryption

Sanitize

Host IDS

Hardening

Data Enc.

Data Enc.

Aggregate

Aggregate

Page 17: Ultra Secure Cloud Data Center on AWS

Security lifecycle management

• Ongoing log discovery & analysis– Access – Traffic– IDS– Anti virus– Encryption keys

• Act on analysis result• Revel and solve cloud infrastructure settings• Make them all orchestrate together !

17

Page 18: Ultra Secure Cloud Data Center on AWS

• goCloud – Emind’s optimal road to the cloud– Secure cloud architecture– Scalable & high-availability design– Customized system deployment– Orchestrating cloud and software– Cloud operation team– Monitoring and alerting– 24x7 SLA

18

Page 19: Ultra Secure Cloud Data Center on AWS

19

Contact me, [email protected] 054-4321688

mailto:[email protected]

Secure Remote Worker for AWS Design Guide

Apex Assembly - How ULTRA Secure Browsing …...How ULTRA Secure Browsing delivers high security for mainstream commercial organisations The weak underbelly for most enterprises’

WEBINAR Deploy Ultra-secure Remote Desktops with Teradici

Ultra High Bandwidth Secure Wireless Interface

Deploying Secure Backup Over AWS Cloud

AWS 101 - Meetupfiles.meetup.com/19805711/AWS 101.pdf · AWS 101 Patrick Pierson, IonChannel. What is AWS? Amazon Web Services (AWS) is a secure cloud services platform, offering

From the Trenches: Building Comprehensive and Secure Solutions in AWS

Ultra-Fast Homomorphic Encryption Models enable Secure ......2020/07/02  · Ultra-Fast Homomorphic Encryption Models enable Secure Outsourcing of Genotype Imputation Miran Kim1,+,

Secure Content Delivery Using Amazon CloudFront and AWS WAF

A Secure And Scalable Telemonitoring System Using Ultra

Consuming The DataLake€¦ · AWS KMS AWS CloudTrail Manage & Secure AWS IAM Amazon CloudWatch AWS Snowball AWS Storage Gateway Amazon Kinesis Data Firehose AWS Direct Connect AWS

(MED303) Secure Media Streaming and Delivery | AWS re:Invent 2014

Running Secure Drupal Websites with Acquia and AWS

ULTRA LONG RANGE SECURE WIRELESS ......ULTRA LONG RANGE SECURE WIRELESS MICROPHONE MOBILE SYSTEMS SOLUTION MICHAEL HUNT Competitive Analysis Director – Global Markets Public Safety

AWS re:Invent 2016: Use AWS to Secure Your DevOps Pipeline Like a Bank (FIN303 )

Secure Real-Time Customer Communications with AWS

AWS Cautionary Tales - Palerra, Inc.info.palerra.com/rs/396-GWE-660/images/Palerra-AWS-CautionaryTal… · CAN’T secure AWS? Unfortunately, many organizations lack sufficient cloud

How ULTRA Secure Browsing delivers high security for mainstream commercial organisations · 2020-04-30 · How ULTRA Secure Browsing delivers high security for mainstream commercial

AWS .NET SDK · AWS .NET SDK AWS Guide for .NET Developers We Want Your Feedback AWS Guide for .NET Developers Amazon Web Services is a secure cloud services platform

How ULTRA Secure Browsing delivers high security …...How ULTRA Secure Browsing delivers high security for mainstream commercial organizations The weak underbelly for most enterprises’

Ultra Secure

Ultra-Wideband Joint Spatial Coding for Secure ...ab28/papers/UWBJointSpatialCoding_Himanshu... · 1 Ultra-Wideband Joint Spatial Coding for Secure Communication and High-Resolution

How To Secure Your Data In AWS Cloud?

Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AWS re:Invent 2013

Secure Amazon EC2 Environment with AWS IAM & Resource-Based Permissions (CPN205) | AWS re:Invent 2013

Ultra Low Power, High Sensitivity Secure Wake-up

AWS APAC Webinar Week - Top 5 ways to Secure Your Business on AWS

(STG311) AWS Storage Gateway: Secure, Cost-Effective Backup & Archive

(SEC406) NEW LAUNCH: Building Secure Applications with AWS Key Management Service | AWS re:Invent 2014

AWS re:Invent 2016: Enterprise Fundamentals: Use AWS to Secure Your DevOps Pipeline Like a Bank Would (ENT318)

AWS re:Invent 2016: FINRA: Building a Secure Data Science Platform on AWS (BDM203)

Ultra-wideband and Impulse Radio for Secure Wireless Communications

Module 4: Secure your cloud applications...AWS Certificate Manager Amazon Cloud Directory AWS CloudHSM Amazon Cognito AWS Directory Service AWS Firewall Manager Amazon GuardDuty AWS

AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Amazon CloudFront (SAC202)

(DEV203) Amazon API Gateway & AWS Lambda to Build Secure APIs