Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
Introductions and What's New In AWS - by PolarSeven
Bonus Session - AWS Mitch Beaumant - Amazon Fargate in 15 minutes
Session 1:
Security Policy Lifecycle Management
"Automated security actions based on observed security events
and protecting AWS deployments are some of the key challenges facing network and security teams.
With the general availability of Palo Alto Networks PAN-OS 8.0 software, VM-Series virtualized next-generation firewall, network and security teams now have a simple, automated security management platform for managing and enforcing security policies within AWS deployments. This session will provide an advanced technical overview of the enhancements done over the last 12 months.
The topics covered will include,
• Technical overview of Panorama driven security workflows for AWS
• Presentation of our github AWS templates with a focus on CFT and Terraform"
Paloaltonetworks
https://www.paloaltonetworks.com/
See video presentation here
https://youtu.be/LLdto5LOcd8
Session 2:
Automating the Service Desk using Amazon Lex and Amazon Connect
Once considered a rare and difficult capability to achieve, the democratisation of artificial intelligence has made it possible for developers to easily access and leverage machine learning capabilities to automate and solve problems across multiple industries. This presentation aims to demonstrate how easy it is to take advantage of an AWS Machine Learning capability (Amazon Lex) with no deep learning experience and solve common everyday IT problems.
Telstra
https://www.telstra.com.au/
Watch the video presentation here
https://youtu.be/8BP1OZk2wUs
47. Session 1:
Mauricio Sabena
System Engineering Manager ANZ North for Palo Alto
Networks where he leads the engineering team to drive
security solutions to address customers business challenges
across enterprise and government.
“AUTOMATED SECURITY MANAGEMENT ON AWS”
54. WEB
Object Storage Caching Database
IaaS
PaaS
Web
Server
APP
App
Server
CRITICAL CLOUD PROTECTIONS
INLINE
Protect and
Segment Cloud
Workloads
API
HOST
Secure OS
& App Within
Workloads
API
Continuous
Security &
ComplianceOn-Premises
Cloud Application
55. 3. INLINE SECURITY1. ACCOUNT MGMT
• Segmentation
• Malware Prevention
• Secure Access
• VPC Edge Security
• Key rotation
• Inbound Accessible
Services
• Unencrypted storage
• Nonstandard AMI’s
• Password Policy
2. DATA GOVERNANCE
• Exposed Data
• Keys stored in the open
• Admin Access
API
Aperture
CRITICAL CLOUD PROTECTIONS
58. 344 KB file-sharing
URL category
PowerPoint
file type
“Confidential and Proprietary”
content
mjacobsen
user
prodmgmt
group
canada
destination country
172.16.1.10
source IP
64.81.2.23
destination IP
TCP/443
destination port
SSL
protocol
HTTP
protocol
slideshare
application
slideshare-uploading
application function
Security Groups/NACLs vs Dedicated:
Control & Visibility
72. Session 2:
Bobbie Couhbor
Cloud Infrastructure Consultant and Technology
and Solutions Advisor
“Automating the Service Desk using Amazon Lex and
Amazon Connect”
74. • Artificial Intelligence & automation will result in reduction of IT services
staff by 7-10% in India, US by 2022 – Economic Times
• 56,000 layoffs and counting: India’s IT bloodbath this year may just be the
start – Quartz India
• India faces youth unemployment spike as automation threatens traditional
jobs – ABC
News Headlines
75. Democratisation of Artificial Intelligence
The democratisation of AI is the driving force behind automation across
industries, making AI capabilities available to every developer, as a service via
the cloud.
• Amazon Comprehend
• Amazon Lex
• Amazon Rekognition
• Amazon Polly
• Amazon Transcribe
• Amazon Translate
76. High Level Architecture
1. User calls the service desk and asks for their password to be reset
2. Amazon Lex manages conversational dialog and collects user verification information
3. Amazon Lex passes the collected information to AWS Lambda
4. AWS Lambda verifies the user with Active Directory
5. Password is reset and sent to the user
79. Lambda function
1. Get encrypted AD service account using KMS
2. Perform secure LDAP bind
3. Query AD for user attributes
4. Compares AD and slot values
5. If successful, resets password and
SMS to user otherwise exit
83. Thanks For Coming:
Join Us Next Month – March 7th 2018
>> Register @ http://www.meetup.com/AWS-Sydney/ <<
In the Meantime Keep In Touch
http://bit.ly/polarseven-webinars