Ultra Secure Cloud Data Center on AWS
Upcoming SlideShare
Loading in...5
×
 

Ultra Secure Cloud Data Center on AWS

on

  • 534 views

This presentation is an introduction to Emind Systems' in-house best practice for an ultra-secure application deployment on the AWS cloud. This best practice is based on Emind's experience in ...

This presentation is an introduction to Emind Systems' in-house best practice for an ultra-secure application deployment on the AWS cloud. This best practice is based on Emind's experience in performing dozens of infrastructure projects based on the Amazon Web Services’ platform.

Statistics

Views

Total Views
534
Views on SlideShare
533
Embed Views
1

Actions

Likes
0
Downloads
7
Comments
0

1 Embed 1

http://www.newvem.com 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Ultra Secure Cloud Data Center on AWS Ultra Secure Cloud Data Center on AWS Presentation Transcript

  • Ultra Secure Data Center on Amazon Cloud Lahav Savir, Architect & CEO Emind systems ltd. lahavs@emind.co
  • AboutLahav Savir• 15+ years in on-line industry• Architect and CEO @ Emind SystemsEmind Systems (est. 2006)• Boutique system integrator• AWS solution provider• 100+ AWS customers
  • Amazon (AWS) Certification Amazon Solution Provider & Consulting Partner https://aws.amazon.com/solution-providers/si/emind-systems-ltd
  • What is secure data center ?• Isolated and controlled • Data encryption• Firewalled • Antivirus• Secure access • Frequent updates – VPN • User management – SSL – One time password• Audited • One spot for monitoring• Intrusion detection & – Centralized alerts and prevention notifications• Configuration analysis • Regulatory compliance
  • Emind’s best practice
  • Access Management• Control the data flow – AWS VPC – ACL – Routing – Handle all in/out traffic• Access control – Security groups• Identity access management – One-time-password – AWS IAM with MFA
  • ACL & Routing in the VPC
  • Emind’s best practice
  • Traffic Control• Log in / out traffic• Terminate encrypted connection• Sanitize in / out packets – Real-time decisions – Accept / reject connections – Rate limiting
  • Emind’s best practice
  • Anomalies detection• Host based IDS – Detect configuration changes – Track running processes – Track file access – Resource access – Detect abnormal behavior !• OS hardening• App cleanup
  • Emind’s best practice
  • Data Protection• In-flight – SSL encryption – IPSec• In-rest – Storage level encryption – Data base encryption
  • Emind’s best practice
  • Data aggregation• Need to aggregate – VPN access logs – Traffic audit logs – Network IDS logs – Host IDS logs – Anti virus logs• Detect patterns
  • Emind’s best practice
  • Security lifecycle management• Ongoing log discovery & analysis – Access – Traffic – IDS – Anti virus – Encryption keys• Act on analysis result• Revel and solve cloud infrastructure settings• Make them all orchestrate together !
  • • goCloud – Emind’s optimal road to the cloud – Secure cloud architecture – Scalable & high-availability design – Customized system deployment – Orchestrating cloud and software – Cloud operation team – Monitoring and alerting – 24x7 SLA
  • Contact me, lahavs@emind.co 054-4321688