• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Securing a public cloud infrastructure : Windows Azure
 

Securing a public cloud infrastructure : Windows Azure

on

  • 916 views

Securing a public cloud infrastructure: Windows Azure

Securing a public cloud infrastructure: Windows Azure

Statistics

Views

Total Views
916
Views on SlideShare
914
Embed Views
2

Actions

Likes
1
Downloads
17
Comments
0

2 Embeds 2

http://www.linkedin.com 1
https://www.linkedin.com 1

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Securing a public cloud infrastructure : Windows Azure Securing a public cloud infrastructure : Windows Azure Presentation Transcript

    • Saugatuck Insight: Saugatuck believes that many users will find that changes required in internal organization and politics for moving from dedicated to shared resources pose significant challenges to the adoption of Cloud Computing.Source: Saugatuck Technology Inc., 2009 Cloud Infrastructure Survey (Julne09), WW N=670
    • Security Privacy Is your service secure? Are you HIPAA compliant? Are you ISO 27001 How do you ensure data certified? isolation? Questions Jurisdiction? Data retention?Have you ever had aservice outage? Do you have an incident response plan?Do you have performance Do you have SAS Type II Report?SLA? Do you provide 24*7 support? Reliability Business Practice
    • location  ownership  control
    • 10
    • SaaS Software as a Service PaaS Platform as a Service IaaS Infrastructure as a ServicePublic Hybrid Private
    • Tampering & Denial of Elevation of Spoofing Disclosure Service PrivilegeVLANs VM switchTop of Rack hardening Load-balancedSwitches Partial Trust Infrastructure Certificate RuntimeCustom packet Services Networkfiltering Hypervisor bandwidth Shared-Access custom Port Scanning/ throttling Signatures sandboxing Service Enumeration HTTPS Virtual Service Configurable Service Definition Accounts scale-outfile, Windows SidechannelFirewall, VM switch protectionspacket filtering
    • Physical Attacks Central Admin On ServersCustomer Admin Users Windows Azure Customer Tenant External Web Site
    • Physical Attacks On ServersCustomer Admin Users Windows Azure Customer Tenant
    • Central Admin Windows Azure Customer Tenant
    • Customer Admin Users Windows Azure Customer Tenant
    • UsersWindows Azure Customer Tenant
    • Customer Admin Windows Azure Customer Tenant
    • Managed Code Access Security: partial trust Windows Account: running with least privileges Windows FW (VM): rules based on service model Virtual Machine: fixed CPU, memory, disk resources Root Partition Packet Filter: defense in depth against VM “jailbreaking” Network ACLs: dedicated VLANS for tenant nodes22
    • R G G G G G G Go u u u u u u uo e e e e e e et s s s s s s s t t t t t t tVM V V V V V V V M M M M M M M Hypervisor Network/Disk
    • World-Class SecurityService security starts with the data center Data center within a data center Motion sensors 24×7 secured access Biometric controlled access systems Video camera surveillance Security breach alarms
    • 1 .Windows Azure Security Overview2. TechNet Webcast - Windows Azure Security - APeek Under the Hood (Level 100)3. MSDN Webcast - Security Talk - Using WindowsAzure Storage Securely (Level 200)4. Securing Microsofts Cloud Infrastructure