Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

AWS Fundamentals for DoD, Immersion Day Huntsville 2019

141 views

Published on

A look into the fundamentals of AWS cloud for the Department of Defense. Link to video in slides: https://www.youtube.com/watch?v=RPis5mbM8c8

  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD THAT BOOKS INTO AVAILABLE FORMAT (2019 Update) ......................................................................................................................... ......................................................................................................................... Download Full PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download Full doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download PDF EBOOK here { http://bit.ly/2m77EgH } ......................................................................................................................... Download EPUB Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... Download doc Ebook here { http://bit.ly/2m77EgH } ......................................................................................................................... ......................................................................................................................... ................................................................................................................................... eBook is an electronic version of a traditional print book that can be read by using a personal computer or by using an eBook reader. (An eBook reader can be a software application for use on a computer such as Microsoft's free Reader application, or a book-sized computer that is used solely as a reading device such as Nuvomedia's Rocket eBook.) Users can purchase an eBook on diskette or CD, but the most popular method of getting an eBook is to purchase a downloadable file of the eBook (or other reading material) from a Web site (such as Barnes and Noble) to be read from the user's computer or reading device. Generally, an eBook can be downloaded in five minutes or less ......................................................................................................................... .............. Browse by Genre Available eBooks .............................................................................................................................. Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, ......................................................................................................................... ......................................................................................................................... .....BEST SELLER FOR EBOOK RECOMMEND............................................................. ......................................................................................................................... Blowout: Corrupted Democracy, Rogue State Russia, and the Richest, Most Destructive Industry on Earth,-- The Ride of a Lifetime: Lessons Learned from 15 Years as CEO of the Walt Disney Company,-- Call Sign Chaos: Learning to Lead,-- StrengthsFinder 2.0,-- Stillness Is the Key,-- She Said: Breaking the Sexual Harassment Story That Helped Ignite a Movement,-- Atomic Habits: An Easy & Proven Way to Build Good Habits & Break Bad Ones,-- Everything Is Figureoutable,-- What It Takes: Lessons in the Pursuit of Excellence,-- Rich Dad Poor Dad: What the Rich Teach Their Kids About Money That the Poor and Middle Class Do Not!,-- The Total Money Makeover: Classic Edition: A Proven Plan for Financial Fitness,-- Shut Up and Listen!: Hard Business Truths that Will Help You Succeed, ......................................................................................................................... .........................................................................................................................
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

AWS Fundamentals for DoD, Immersion Day Huntsville 2019

  1. 1. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Immersion Day
  2. 2. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Schedule Time Agenda Item 9:00 AM Introduction & Opening Remarks 9:15 AM AWS Fundamentals 10:00 AM Break 10:15 AM AWS Core Services Overview 11:45 PM Lunch 12:30 PM Cybersecurity: A Driving Force Behind Cloud Adoption 2:00 PM Break 2:15 PM VMware Cloud on AWS 3:00 PM High Performance Computing in AWS 3:45 PM Closing Remarks
  3. 3. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  4. 4. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is Cloud Computing? The on-demand delivery of IT resources over public or private networks with zero up-front costs, no long-term contracts, and pay-as-you-go pricing
  5. 5. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. No Up Front Expense Pay for what you Use Improve Agility Scale Up and Down Self-Service Infrastructure AWS Cloud Equipment Resources and Administration Contracts Cost Traditional Infrastructure
  6. 6. Millions of Active Customers 2012 2013 2015 Today2014 20162008 2009 2010 2011
  7. 7. Pace of Innovation 5 1 6 2 4 4 8 6 1 8 2 1 5 9 2 8 0 7 2 2 1 , 0 1 7 LAUNCHES 2 0 0 8 2 0 0 9 2 0 1 0 2 0 1 1 2 0 1 2 2 0 1 3 2 0 1 4 2 0 1 5 2 0 1 6 1 , 4 0 0 + 2 0 1 7 New capabilities daily
  8. 8. Lower Cost Higher Reliability Scale Better Capacity Virtuous cycle
  9. 9. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  10. 10. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Global Infrastructure
  11. 11. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Global Infrastructure • 22 Regions with 69 Availability Zones • 3 Regions coming soon: Cape Town, Milan and Jakarta © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  12. 12. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 180 CloudFront PoPs • 169 Edge Locations • 11 Regional Edge Caches © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multiple Edge Locations
  13. 13. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 89 Direct Connect Locations © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  14. 14. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Global Network • Redundant 100 GbE network • Private network capacity between all AWS Region, except China © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  15. 15. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Regions are comprised of multiple AZs for high availability, high scalability, and high fault tolerance. Applications and data are replicated in real time and consistent in the different AZs AWS Region Design AWS Availability Zone (AZ) A Region is a physical location in the world where we have multiple Availability Zones. Availability Zones consist of one or more discrete data centers, each with redundant power, networking, and connectivity, housed in separate facilities. AZ AZ AZ AZ Transit Transit AWS Region
  16. 16. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Architected for Government Security Requirements And many more: https://aws.amazon.com/compliance/
  17. 17. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DoD Information Impact Levels SRG v1r2 Impact Level Maximum Data Type Information Characterization 2 Non-Controlled Unclassified Information Unclassified information approved for public release Unclassified, not designated as controlled unclassified information (CUI) or critical mission data, but requires some minimal level of access control 4 Controlled Unclassified Information Requires protection from unauthorized disclosure as established by Executive Order 13556 (Nov 2010); Education, Training, SSN, Recruiting (if medical is not included), Credit card information for individuals (i.e., PX or MWR events) PII, PHI, SSN, Credit card information for individuals, Export Control, FOUO, Law Enforcement Sensitive, Email 5 Controlled Unclassified Information + NSS National Security Systems and other information requiring a higher level of protection as deemed necessary by the information owner, public law, or other government regulations 6 Classified up to SECRET Pursuant to EO 12958 as amended by EO 13292; classified national security information or pursuant to the Atomic Energy Act of 1954, as amended to be Restricted Data (RD) DoD Cloud Computing Security Requirements Guide (SRG): http://iase.disa.mil/cloud_security/Pages/index.aspx
  18. 18. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. US AWS Regions # Commercial Region and Number of Availability Zones 3 3 3 6 3 3 3 3 # GovCloud Region and Number of Availability Zones # Classified Region and Number of Availability Zones HIGH MOD DoD IL 2/4/5 MOD DoD IL 2 MOD DoD IL 2 MOD DoD IL 2 MOD DoD IL 2 ICD 503 TS/SCIICD 503 SECRET DoD IL 6 HIGH MOD DoD IL 2/4/5
  19. 19. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Services in Scope ✓ This service is currently in scope and is reflected in current reports https://aws.amazon.com/com pliance/services-in-scope/
  20. 20. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Shared Responsibility Model
  21. 21. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Inheritance Personnel Incident Response Boundary Protection Identity & Access Control Disaster Recovery Configuration Management High Availability Architecture System Mgmt. & Monitoring Log Management & Monitoring Compute & Storage Networking Virtualization Data Center Specific Mission Owner Controls Controls fully inherited Mission Owner on Prem Mission Owner Controls Hybrid Controls Mission Owner on AWS + Mission Owner Mission Owner Controls ATO Package
  22. 22. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DoD Secure Cloud Computing Architecture • Secure Cloud Computing Architecture Functional Requirements Document (SCCA FRD) • Released March 9th 2017 • Provides implementation flexibility • Freedom to architect and manage as a shared services enclave The SCCA provides a standard approach for boundary and application level security for impact level 4 and 5 data hosted in commercial cloud environments.
  23. 23. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. SCCA Architecture Approach in AWS GovCloud Region App Subnet Availability Zone A Database Subnet DMZ Subnet Web Server App Server DB Server primary Availability Zone B Database Subnet DB Server secondary Web Server App Server App Subnet DMZ Subnet Web Server auto scaling group auto scaling group security groupsecurity group synchronous replication CND Direct Connect Co- Location CAP CND DoDIN IAP VGW Mission Owner Virtual Private Cloud (VPC) Virtual Datacenter Security Stack (VDSS) Availability Zone BAvailability Zone A Network Firewall Services Network Intrusion Detection/Prevention Services Full Packet Capture Services Web Application Firewall Services Availability Zone B ACAS / Vulnerability Scanning Services HBSS / Endpoint Protection Services AD / DNS / SSO / OCSP / DCHP Services Other Shared Services Availability Zone A VGW VGW Virtual Datacenter Management Stack (VDMS)Inernet
  24. 24. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Leveraged Services Supporting Multiple Mission Owners GovCloud Region App Subnet AZB Database Subnet DMZ Subnet Web Server App Server DB Server primary CND Direct Connect Co- Location CAP CND DoDIN IAP VGW Mission Owner Virtual Private Cloud (VPC) Virtual Datacenter Security Stack (VDSS) Availability Zone BAvailability Zone A Network Firewall Services Network Intrusion Detection/Prevention Services Full Packet Capture Services Web Application Firewall Services Availability Zone B ACAS / Vulnerability Scanning Services HBSS / Endpoint Protection Services AD / DNS / SSO / OCSP / DCHP Services Other Shared Services Availability Zone A VGW VGW Virtual Datacenter Management Stack (VDMS)Inernet App Subnet AZA Database Subnet DMZ Subnet Web Server App Server DB Server primary App Subnet AZB Database Subnet DMZ Subnet Web Server App Server DB Server primary App Subnet AZA Database Subnet DMZ Subnet Web Server App Server DB Server primary Mission Owner A – Application Stack / VPC Mission Owner B – Application Stack / VPC VGW
  25. 25. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. A Full Range of Capabilities for Mission Owners Key Management Service Manage creation and control of encryption keys CloudHSM Hardware-based key storage Server-Side Encryption Flexible data encryption options Encryption IAM Manage user access and encryption keys SAML Federation SAML 2.0 support to allow on-prem identities Directory Service Host and manage Microsoft Active Directory Organizations Manage settings for multiple accounts Identity & Access Mgmt Virtual Private Cloud Network-isolated cloud resources Web Application Firewall Filter Malicious Web Traffic AWS Shield DDoS protection Certificate Manager Provision, manage, and deploy SSL/TSL certificates Networking VPC Flow Logs Comprehensive netflow data with click of button AWS Service Catalog Create and use standardized products AWS Config Track resource inventory and changes CloudTrail Track user activity and API usage CloudWatch Monitor resources and applications GuardDuty Intrusion detection and analysis Trusted Advisor Warning and reports on proper configuration Visibility and Control
  26. 26. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. n Identity & access management Detective controls Infrastructure protection Incident response Data protection AWS Security Solutions
  27. 27. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Breadth and Depth CORE SERVICES Integrated Networking Rules Engine Device Shadows Device SDKs Device Gateway Registry Local Compute Custom Model Training & Hosting Conversational Chatbots Virtual Desktops App Streaming Schema Conversion Image & Scene Recognition Sharing & Collaboration Exabyte-Scale Data Migration Text to Speech Corporate Email Application Migration Database Migration Regions Availability Zones Points of Presence Data Warehousing Business Intelligence Elasticsearch Hadoop/Spark Data Pipelines Streaming Data Collection ETL Streaming Data Analysis Interactive SQL Queries Queuing & Notifications Workflow Email Transcoding Deep Learning (Apache MXNet, TensorFlow, & others) Server MigrationCommunications MARKETPLACE Business Apps Business Intelligence DevOps Tools Security Networking StorageDatabases API Gateway Single Integrated Console Identity Sync Mobile Analytics Mobile App Testing Targeted Push Notifications One-clickApp Deployment DevOps Resource Management Application Lifecycle Management Containers Triggers Resource Templates Build & Test Analyze & Debug Identity Management Key Management & Storage Monitoring & Logs Configuration Compliance Web Application Firewall Assessment & Reporting Resource & Usage Auditing Access Control Account Grouping DDOS Protection TECHNICAL & BUSINESS SUPPORT Support Professional Services Optimization Guidance Partner Ecosystem Training & Certification Solutions Management Account Management Security & Billing Reports Personalized Dashboard Monitoring Manage Resources Data Integration Integrated Identity & Access Integrated Resource & Deployment Management Integrated Devices & Edge Systems Resource Templates Configuration Tracking Server Management Service Catalogue Search MIGRATIONHYBRID ARCHITECTUREENTERPRISE APPSMACHINE LEARNINGIoTMOBILE SERVICESDEV OPSANALYTICS APP SERVICES INFRASTRUCTURE SECURITY & COMPLIANCE MANAGEMENT TOOLS Compute VMs, Auto-scaling, Load Balancing, Containers, Virtual Private Servers, Batch Computing, Cloud Functions, Elastic GPUs, Edge Computing Storage Object, Blocks, File, Archivals, Import/Export, Exabyte-scale data transfer CDN Databases Relational, NoSQL, Caching, Migration, PostgreSQL compatible Networking VPC, DX, DNS Facial Recognition & Analysis Facial Search Patching Contact Center
  28. 28. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Questions?

×