Tracking Activity Data in AWS
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Tracking Activity Data in AWS

on

  • 446 views

Alert Logic Log Manager CloudTrail Integration

Alert Logic Log Manager CloudTrail Integration

Statistics

Views

Total Views
446
Views on SlideShare
446
Embed Views
0

Actions

Likes
0
Downloads
9
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • With the release of the AWS CloudTrail, Amazon Web Services is making activity log data available to AWS users. This new service gives AWS users access to useful information on who makes changes within an account, what they are and when and where they happen. Alert Logic has added support for CloudTrail in the Log Manager service.
  • Tracking activity data is a good practice for security purposes and also a requirement if you need to comply with PCI, HIPAA, GLBA, Sarbanes-Oxley and other regulations. And it’s not just a matter of collecting the data; to show compliance, auditors also need detailed documentation and reports.
  • In AWS environments, the responsibility for this data is shared. AWS makes the data available and it’s your responsibility to manage it.
  • he quickest way to get started with CloudTrail is to use the AWS Management Console. You can turn on CloudTrail in two clicks. There is no additional charge for CloudTrail, but standard rates for Amazon S3 and Amazon Simple Notification Service (SNS) usage apply.
  • CloudTrail is simply another data source for Log Manager. Instead of telling Log Manager to access logs for an application or device, you tell Log Manager to look for CloudTrail logs in a S3 data store and those logs are pulled into Log Manager like any other log files.
  • Once you access the CloudTrail log, you’ll have access to activity information like:Starting, stopping, terminating, rebooting of instancesCreating or deleting of security groupsCreating and deleting of usersUpdating of user profilesAdding and removing of groupsUpdating of role and password policiesSigning certificate upload or deletion
  • Log Manager manages more than just CloudTrail data … it collects and normalizes log data from your entire infrastructure.
  • If you’d like to learn more about Log Manager and request a free trial so you can try it yourself, visit www.alertlogic.com/amazon-solutions.

Tracking Activity Data in AWS Presentation Transcript

  • 1. Tracking Activity Data in AWS Alert Logic Log Manager CloudTrail Integration > www.alertlogic.com
  • 2. Why Track Activity Data? Lots of reasons, including… Compliance Documentation > www.alertlogic.com To comply with PCI, HIPAA, GLBA, Sarbanes-Oxley and other regulations, you need to answer questions like “who gave that user access” and “who viewed this data” It’s not just a matter of collecting the data, auditors also need detailed documentation for this user activity data. 2
  • 3. Who’s Responsible in AWS? It’s shared… • Secure coding and best practices • Software and virtual patching • Configuration management • Access management • Application level attack monitoring Apps Hosts VPC Networks • • • • Hardened hypervisor Promiscuous mode prevented Deny-all default in security group Root access provided to customer • • • • • Access management Patch management Configuration hardening Security monitoring Log analysis AWS provides the data. Customer needs to manage it. • Network threat detection • Security monitoring • VPC provides Logically isolated environments • Security groups filter inbound/outbound • External DDoS, spoofing and scanning prevented Foundation Services Primary Responsibility Compute Storage DB Network Customer AWS Global Infrastructure Multiple Availability Zones Globally Distributed Regions 3
  • 4. Enabling AWS CloudTrail Logs You can turn on AWS CloudTrail with just a few clicks from your AWS Management Console. http://aws.amazon.com/cloudtrail/ > www.alertlogic.com 4
  • 5. Accessing AWS CloudTrail Logs in Log Manager > www.alertlogic.com 5
  • 6. View Activity in Log Manager When > www.alertlogic.com Where What 6 Who How
  • 7. Why Log Manager for AWS? Cloud-Based Security Log Analysis All Log Data, All Together Collect, archive and analyze log and machine data in real-time from AWS CloudTrail and all your other data sources Fast & Intuitive Search Query builder to uncover insight without learning new language Automated Security Analysis Out of the box parsers, alerts and reports for key use cases Key Compliance Coverage Support for numerous compliance standards including 10.6 AWS Friendly Designed for AWS workloads and reference architectures > www.alertlogic.com 7
  • 8. For more information on Log Manager or other Alert Logic security solutions for AWS www.alertlogic.com/amazonsolutions > www.alertlogic.com