• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Tom Stickle from Amazon presents - Deploy Securely with Acquia & Amazon Web Services
 

Tom Stickle from Amazon presents - Deploy Securely with Acquia & Amazon Web Services

on

  • 3,076 views

 

Statistics

Views

Total Views
3,076
Views on SlideShare
1,412
Embed Views
1,664

Actions

Likes
0
Downloads
0
Comments
0

5 Embeds 1,664

http://www.acquia.com 1449
https://www.acquia.com 198
http://acquia.com 15
https://acquia.com 1
http://www.google.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Tom Stickle from Amazon presents - Deploy Securely with Acquia & Amazon Web Services Tom Stickle from Amazon presents - Deploy Securely with Acquia & Amazon Web Services Presentation Transcript

    • Deploy Securely with Acquia & Amazon Web Services Tom Stickle [email_address]
    • Online Retail at Scale
    • Amazon Web Services
      • Operate at Arbitratry Scale
      • Self-Service Capacity
      • Warehouse Scale Services
      • DataCenter Economics
      • Elasticity
      • Auto-Scaling
      • Pay for What you Use
      Amazon Simple Queue Service Amazon Elastic Load Balancer Amazon Simple Storage Service Self Service API Self Service API Self Service API Self Service API Self Service API Services At Scale
    • High Availability Flood Plain A Network Provider B Power Utility C Flood Plain X Network Provider Y Power Utility Z www.myAgency.gov Elastic Load Balancer API API API
    • Cloud Platform Philosophy Virtualization Virtualization Root OS Application Infrastructure Generic Application Storage As A Service Database As A Service Queuing As A Service Root OS Application Infrastructure Specific Application Storage As A Service Database As A Service Queuing As A Service Infrastructure As A Service Platform As A Service Customer Controlled Customer Controlled
    • Acquia Hosting
      • Smart Routing Layer
      • High performance cache & routing / load balancing & failover
      • Drupal Engine Layer
      • LAMP stack components are dynamically scaled & optimized for Drupal performance
      • Cloud Services Layer
      • Back-end resources designed to improve scalability, performance and reliability of Drupal applications
    • AWS Federal Customers
    • Physical Security
      • We’ve been building large-scale data centers for many years.
      • Important attributes and features:
        • Non-descript facilities
        • Military-grade perimeter control berms
        • Strictly controlled physical access (perimeter and building)
        • 3 or more levels of two-factor authentication
      • Controlled, need-based access for Amazon and AWS employees.
      • All physical and electronic access is logged.
    • SAS70 Type II
      • Continuously audited control framework to provide customers with third-party assurance
      • ISO 27001 Control Framework
      • Covers access (security), change management, and operations of EC2 & S3
      • Recurring audit by Ernst & Young
    • Amazon EC2 Instance Isolation Physical Interfaces Customer 1 Hypervisor Customer 2 Customer n … … Virtual Interfaces Firewall Customer 1 Security Groups Customer 2 Security Groups Customer n Security Groups
    • Multi-tier Security Architecture Web Tier Application Tier Database Tier EBS Volume Ports 80 and 443 only open to the Internet Engineering staff have ssh access to the App Tier, which acts as Bastion Authorized 3 rd parties can be granted ssh access to select AWS resources, such as the Database Tier Amazon EC2 Security Group Firewall
    • Customer’s Network Amazon Web Services Cloud Secure VPN Connection over the Internet Subnets Customer’s isolated AWS resources Router VPN Gateway Amazon Virtual Private Cloud
    • Opt-in Multi-Factor Access
      • Purchase device ($12.99)
      • Enable AWS MFA
      • Use AWS MFA
        • Sign in to AWS using your password and authentication code
        • Device issues a random, single-use six digit code every 60 seconds
      +
    • AWS Security Whitepaper
      • Available to the public in white paper form
      • Current version is Aug 2010
      • Updated quarterly
      • Feedback is welcome
      • http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf