Shared Security Responsibility in the AWS Public Cloud

1,033 views

Published on

In the Amazon Web Services Public Cloud, security is shared

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,033
On SlideShare
0
From Embeds
0
Number of Embeds
8
Actions
Shares
0
Downloads
20
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Shared Security Responsibility in the AWS Public Cloud

  1. 1. SHARED SECURITY RESPONSIBILITY IN THE AWS PUBLIC CLOUD APRIL 2014 Johnathan Norman, Cloud Solutions Architect and Diane Garey, Product Marketing
  2. 2. Alert Logic Secures Datacenters in Any Environment 2 PUBLIC CLOUD MANAGED HOSTING ON-PREM DATA CENTER
  3. 3. In AWS Public Cloud, Security is Shared 3 Customer Primary Responsibility
  4. 4. Alert Logic Solutions are Engineered for AWS 4 Engineered for AWS  Supports Auto Scaling & role aware  Automatable with APIs and scripts  Available across multiple regions  Manageable at scale  IP address & topology independant  Usage based utility pricing  Marketplace transactable  AMI and agent deployment options  Network and system visibility  Proven reference architectures Runs on AWS
  5. 5. Available via the AWS Marketplace 5
  6. 6. Alert Logic Solutions 6 APPLICATIONS SYSTEMS NETWORKS PRODUCTS CONTENT BIG DATA ANALYTICS PEOPLE & PROCESS WEB SECURITY MANAGER Key Capabilities » Positive & negative security models » Adaptive learning engine » Broad compliance coverage (PCI, OWASP) Product Categories » Web Application Firewall LOG MANAGER Key Capabilities » Powerful analysis for security logs » Simple, intuitive search interface » All your data accessible online, all the time Product Categories » Log Management » SIEM THREAT MANAGER Key Capabilities » Context aware threat identification » Integrated vulnerability scanning » PCI Approved Scanning Vendor certified Product Categories » IDS / IPS » Vulnerability assessment Managed Service » ActiveWatch Managed Service » LogReview Managed Service » ActiveWatch
  7. 7. Inline protection of web applications from dangerous cyber threats Secure Web Applications 7
  8. 8. Alert Logic Web Security Manager WAF Page 8 Active Protection for Web Applications, Management Included Positive & Negative Security Active protection using signatures and leading learning engine Key Compliance Coverage Supports PCI 6.6 and OWASP Top 10 risks Management Included 24x7 management by experienced security analysts AWS Auto Scaling Protection scales dynamically with your web apps Security Where You Need It Works wherever you have your datacenter
  9. 9. replicatio n AWS Infrastructure Web Traffic Web Server Web Server Web Server Web Server Web Server Web Server Web Server Web Server Database Read Replica Database Read Replica Database Master replica tion VPC A B Elastic Load Balancer Elastic Load Balancer Elastic Load Balancer
  10. 10. replicatio n AWS Infrastructure + Web Security Manager Amazon S3 Configuration CloudTrail Master Auto Recover Elastic Load Balancer Web Traffic Alert Logic Managemen t Web Server Web Server Web Server Web Server Web Server Web Server Web Server Web Server Database Read Replica Database Read Replica Database Master replica tion VPC A B Worker Worker Worker Elastic Load Balancer Elastic Load Balancer Elastic Load Balancer
  11. 11. Security monitoring of log data Manage Log Data 11
  12. 12. Capture & Manage AWS CloudTrail Messages Include activity log data with other application, system and event logs 12
  13. 13. Alert Logic Log Manager for AWS 13 Cloud-Based Security Log Analysis All Log Data, All Together Collect, archive and analyze log data in real-time all data sources Quick access to log data Dozens of reports, fast and intuitive search function Compliance friendly Supports numerous standards such as PCI, HIPAA, FFIEC, SOX Available as a service Auditable daily log review with integrated case management by dedicated GIAC-certified System Security Analysts AWS Friendly Designed for AWS workloads and reference architectures
  14. 14. Intrusion Detection System built for AWS Monitor for Network Threats 24x7 14
  15. 15. Alert Logic Threat Manager 15 Context-Aware Network Threat Detection & Response Intrusion Monitoring w/o False Positives Multi-factor analysis enables more accurate detection Integrated Vulnerability Assessment Delivers context-aware threat detection and mitigation Automated Security Analysis Out of the box alerts and reports for key use cases Key Compliance Coverage Supports numerous control objectives including PCI Approved Scanning Vendor (ASV) requirement 24x7 Security Monitoring Security Operations Center staffed by GIAC-certified analysts
  16. 16. replicatio n AWS Infrastructure + Web Security Manager Amazon S3 Configuration CloudTrail Master Auto Recover Elastic Load Balancer Web Traffic Alert Logic Managemen t Web Server Web Server Web Server Web Server Web Server Web Server Web Server Web Server Database Read Replica Database Read Replica Database Master replica tion VPC A B Worker Worker Worker Elastic Load Balancer Elastic Load Balancer Elastic Load Balancer
  17. 17. replicatio n AWS Infrastructure + Web Security Manager + Threat Manager Amazon S3 Configuration CloudTrail Master Auto Recover Elastic Load Balancer Web Traffic Alert Logic Managemen t Web Server Web Server Web Server Web Server Auto-scaling ThreatManag er Appliance Auto-scaling ThreatManag er Appliance Web Server Web Server Web Server Web Server Database Read Replica Database Read Replica Database Master replica tion VPC A B Worker Worker Worker Elastic Load Balancer Elastic Load Balancer Elastic Load Balancer
  18. 18. Next Steps • More information: https://www.alertlogic.com/products-services/public-cloud- security/cloud-security-for-aws/ • Alert Logic Cloud Defender https://www.alertlogic.com/products-services/alert-logic-cloud-defender/ • Additional product videos: https://www.youtube.com/user/AlertLogicTV 18
  19. 19. Thank you.

×