• Save
Spider & F5 Round Table - Secure the Cloud Data Center with eMind
Upcoming SlideShare
Loading in...5
×
 

Spider & F5 Round Table - Secure the Cloud Data Center with eMind

on

  • 184 views

 

Statistics

Views

Total Views
184
Views on SlideShare
184
Embed Views
0

Actions

Likes
1
Downloads
0
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • You might have questions about security in the cloud, but our biggest and most conservative customers have found that we’re able to meet their security requirements, and often we can provide a better security profile than what they can deliver internally. Our focus and investment in security, and the fact that we incorporate requirements from our most security conscious customers which then benefit all of the customers on our platform allows us to offer an effective approach to meeting enterprise security requirements. We encourage you to dig deeper with our security white paper, and would be happy to help you get the information you need to feel confident in our security capabilities and options.
  • There’s a shared responsibility to accomplish security and compliance objectives in AWS cloud. There are some elements that AWS takes responsibility for, and others that the customer must address. The outcome of the collaborative approach is positive results seen by customers around the world.

Spider & F5 Round Table - Secure the Cloud Data Center with eMind Spider & F5 Round Table - Secure the Cloud Data Center with eMind Presentation Transcript

  • Ultra Secure Data Center on Amazon Cloud Lahav Savir, Architect & CEO Emind systems Ltd. lahavs@emind.co
  • Emind Systems • Cloud expert system integrator • Dedicated Cloud Architects • Dedicated DevOps teams • 24x7 SLA powered by DevOps Specialists • ~100 AWS customers • Partnerships with leading cloud vendors
  • Advanced Consulting Partner https://aws.amazon.com/solution-providers/si/emind-systems-ltd
  • Overview of Amazon Web Services 2:46 Minutes video
  • AWS Intro
  • Architected for Enterprise Security Requirements “The Amazon Virtual Private Cloud [Amazon VPC] was a unique option that offered an additional level of security and an ability to integrate with other aspects of our infrastructure.” Dr. Michael Miller, Head of HPC for R&D
  • Shared Responsibility for Security & Compliance Facilities Physical Security Compute Infrastructure Storage Infrastructure Network Infrastructure Virtualization Layer Operating System Applications Security Groups Firewalls Network Configuration Account Management + = Customer
  • What is secure data center ? • Isolated • Controlled • Firewalled • Secure access – VPN – SSL • IDS & IPS • Antivirus • Audited • User management – One time password • Data encryption • Frequent updates • Configuration analysis • Regulatory compliance • One spot for monitoring – Centralized alerts
  • Emind’s best practices
  • Access Management • Control the data flow – AWS VPC – ACL – Routing – Handle all in/out traffic • Firewall – F5 Firewall – VPC Security groups • Identity access management – One-time-password – AWS IAM with MFA – F5 Access Policy Management
  • ACL & Routing in the VPC
  • F5 APM
  • Emind’s best practices
  • Traffic Control • Web Applications Security • Log in / out traffic • Terminate encrypted connection • Sanitize in / out packets – Real-time decisions – Accept / reject connections – Rate limiting
  • Emind’s best practices
  • Anomalies detection • Host-based IDS – Detect configuration changes – Track running processes – Track file integrity & access – Resource access – Detect abnormal behaviors • OS hardening • App cleanup
  • Emind’s best practices
  • Data Protection • In-flight – SSL encryption – IPSec • In-rest – Storage level encryption – Data base encryption
  • Emind’s best practices
  • Central log • Need to aggregate – VPN access logs – Traffic audit logs – Network IDS logs – Host IDS logs – Anti virus logs • Detect patterns
  • Security lifecycle management • Ongoing discovery & analysis – Access – Traffic – IDS – Anti virus – Encryption keys • Act on analysis results • Reveal and solve settings • Make them all orchestrate together !
  • Emind’s best practices
  • Contact me lahavs@emind.co @lahavsavir 054-4321688