Saugatuck Insight:                                                                                          Saugatuck beli...
Security                         Privacy  Is your service secure?                   Are you HIPAA compliant?  Are you ISO ...
location  ownership  control
10
SaaS           Software as a Service                 PaaS           Platform as a Service                  IaaS         In...
Tampering &      Denial of       Elevation of  Spoofing            Disclosure        Service          PrivilegeVLANs      ...
Physical Attacks             Central Admin       On ServersCustomer Admin                               Users             ...
Physical Attacks                                     On ServersCustomer Admin                                    Users    ...
Central Admin    Windows Azure  Customer Tenant
Customer Admin                      Users                 Windows Azure                  Customer Tenant
UsersWindows Azure  Customer Tenant
Customer Admin                 Windows Azure                   Customer Tenant
Managed Code     Access Security:     partial trust     Windows Account:     running with least     privileges     Windows...
R   G   G     G   G      G   G   Go   u   u     u   u      u   u   uo   e   e     e   e      e   e   et   s   s     s   s ...
World-Class                                                     SecurityService security starts with the data center      ...
1 .Windows Azure Security Overview2. TechNet Webcast - Windows Azure Security - APeek Under the Hood (Level 100)3. MSDN We...
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Securing a public cloud infrastructure : Windows Azure
Upcoming SlideShare
Loading in …5
×

Securing a public cloud infrastructure : Windows Azure

868
-1

Published on

Securing a public cloud infrastructure: Windows Azure

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
868
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
27
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Securing a public cloud infrastructure : Windows Azure

  1. 1. Saugatuck Insight: Saugatuck believes that many users will find that changes required in internal organization and politics for moving from dedicated to shared resources pose significant challenges to the adoption of Cloud Computing.Source: Saugatuck Technology Inc., 2009 Cloud Infrastructure Survey (Julne09), WW N=670
  2. 2. Security Privacy Is your service secure? Are you HIPAA compliant? Are you ISO 27001 How do you ensure data certified? isolation? Questions Jurisdiction? Data retention?Have you ever had aservice outage? Do you have an incident response plan?Do you have performance Do you have SAS Type II Report?SLA? Do you provide 24*7 support? Reliability Business Practice
  3. 3. location  ownership  control
  4. 4. 10
  5. 5. SaaS Software as a Service PaaS Platform as a Service IaaS Infrastructure as a ServicePublic Hybrid Private
  6. 6. Tampering & Denial of Elevation of Spoofing Disclosure Service PrivilegeVLANs VM switchTop of Rack hardening Load-balancedSwitches Partial Trust Infrastructure Certificate RuntimeCustom packet Services Networkfiltering Hypervisor bandwidth Shared-Access custom Port Scanning/ throttling Signatures sandboxing Service Enumeration HTTPS Virtual Service Configurable Service Definition Accounts scale-outfile, Windows SidechannelFirewall, VM switch protectionspacket filtering
  7. 7. Physical Attacks Central Admin On ServersCustomer Admin Users Windows Azure Customer Tenant External Web Site
  8. 8. Physical Attacks On ServersCustomer Admin Users Windows Azure Customer Tenant
  9. 9. Central Admin Windows Azure Customer Tenant
  10. 10. Customer Admin Users Windows Azure Customer Tenant
  11. 11. UsersWindows Azure Customer Tenant
  12. 12. Customer Admin Windows Azure Customer Tenant
  13. 13. Managed Code Access Security: partial trust Windows Account: running with least privileges Windows FW (VM): rules based on service model Virtual Machine: fixed CPU, memory, disk resources Root Partition Packet Filter: defense in depth against VM “jailbreaking” Network ACLs: dedicated VLANS for tenant nodes22
  14. 14. R G G G G G G Go u u u u u u uo e e e e e e et s s s s s s s t t t t t t tVM V V V V V V V M M M M M M M Hypervisor Network/Disk
  15. 15. World-Class SecurityService security starts with the data center Data center within a data center Motion sensors 24×7 secured access Biometric controlled access systems Video camera surveillance Security breach alarms
  16. 16. 1 .Windows Azure Security Overview2. TechNet Webcast - Windows Azure Security - APeek Under the Hood (Level 100)3. MSDN Webcast - Security Talk - Using WindowsAzure Storage Securely (Level 200)4. Securing Microsofts Cloud Infrastructure
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×