Securing Cloud Deployments S.S.Mulay Sr. V.P. Engineering April 6, 2013
Cloud at a Glance Resource Pooling Essential Features Network On Self Elasticity Metering Access Demand Service IAAS IAAS Service Models PAAS PAAS SAAS SAAS Deployment Models Private Public Hybrid 2 Confidential Netmagic Internal Use Only
Cloud Offerings Pyramid 3 Confidential Netmagic Internal Use Only
Cloud and Multitenancy Confidential Netmagic Internal Use Only
Framework – Cloud Risk – Asset Identification Identify the Asset Data Data Applications / Processes / Functions Confidential Netmagic Internal Use Only
Framework – Cloud Risk – Asset Evaluation What Harm if the Asset becomes widely Public / Distributed What harm if the Employee of the Cloud Provider accessed the Asset What harm if the Process / Function was manipulated by an What harm if the Process / Function was manipulated by an outsider What harm if the information / data were unexpectedly changed What harm if the information / data was unavailable for a period of time Confidential Netmagic Internal Use Only
Multitenancy & Concerns Multi Tenancy Data Security Logical Security Network Security Network Security Physical Security Confidential Netmagic Internal Use Only
Cloud Security – Internal Audit Trail Access layer Security UI / API Access Inter / Intra Customer Setups Isolation Isolation Hypervisor Level Security Security for the Physical Infra Hosting the Cloud Infra Apache Tomcat 8 Confidential Netmagic Internal Use Only
Cloud Security – Areas of Responsibility Integrated Cloud Security Cloud Burst Security Cloud Provider Compliance Cloud Security Defense in Depth Logs & Audit Trail Cloud Consumer Virtual Infrastructure Security Confidential Netmagic Internal Use Only
Cloud Provider - Best Practices Apache Zookeeper 10 Confidential Netmagic Internal Use Only
Cloud Consumer - Best Practices 11 Confidential Netmagic Internal Use Only
Cloud Security – Perimeter Security DDOS Protection Service Provider / Upstream WAF / Other Protection – Layer 7 Service Provider Service Provider IDS / IPS + Firewall – Layer 3 Specific to Customer Setup Zoning / Tiering within Setup Specific to Customer Setup Apache Apache Tomcat Zookeeper 12 Confidential Netmagic Internal Use Only
Cloud Security – Customer Network(s) Isolation Unique VLAN Per Customer Portgroup / Virtual Switch level Isolation at the Hypervisor Level Hypervisor Level Firewall Zoning Hybrid Setups isolated and interconnected via Firewall / L3 switches with an access List / VPN Apache Tomcat 13 Confidential Netmagic Internal Use Only
Contact Details For related queries/ feedback, mail to ssmulay@netmagicsolutions.com Insert your image Insert your image here + 91-9820453568 Confidential Netmagic Internal Use Only
Thank You Thank You Confidential Netmagic Internal Use Only
http://www.youtube.com http://www.linkedin.com/ http://twitter.com/netmagic http://www.facebook.com/ /user/netmagicsolutions companies/netmagic NetmagicSolutions
Recommend
More recommend
