Cloud Security,
Kryptovanie v CloudeWorkshop, Cloud Expo 2013www.rackscale.sk
Erik Kirschner	  Founder & Co-Owner Rackscale, s.r.o.  CCDA, CCNP, CCSP, VCP4, VCP5	  erik.kirschner@rackscale.sk  erik.ki...
Rackscale, s.r.o.	  * 5/2011	  Tomášikova 64 (Lakeside Park)  831 04 Bratislava 	  www.rackscale.sk  Twitter: @rackscale
Agenda	Kryptovanie v Cloude: Public, PrivateMožnosti/spôsoby kryptovania v CloudeAko kryptovať v Rackscale Public Cloud
Kryptovanie v Cloude	Private Cloud: 	            	Protect-V od SafeNet      	   	   	   	   	HighCloud Security 		Public C...
Možnosti/spôsoby kryptovania	  Private Cloud: 	         	Pre-Boot VM     	   	   	   	   	Storage (LUN, vmdk,…)	  Public C...
Ako kryptovať vRackscale Public CloudKey and Policy Server:       https://crypto.rackscale.sk	generovanie a správa kľúčovr...
Podporované OS	Microsoft: 	Windows Server 2008 R2     	   	   	Windows 7	Linux: 	       	CentOS 5.8 64-bit     	   	   	Ce...
Ako to funguje?
VM Sets	Rackscale
Registrácia VM	# hcl register -h my_ubuntu -d This is my 10.04 VM 192.168.140.130 ad85837b-9862-11e1-afd5-000c29de5d41_120...
# hcl status	                          HCL status, linux		Summary	--------------------------------------------------------...
HCL status, windows	C:Windowshcl status	      	Summary	      	------------------------------------------------------------...
# hcl status		Summary	               HCL status, linux	-------------------------------------------------------------------...
KPS, disks
Otázky?
Upcoming SlideShare
Loading in …5
×

Rackscale, Cryptovanie v Cloude, Workshop 2013

293 views

Published on

Ako kryptujeme VM v Rackscale Cloud

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
293
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Rackscale, Cryptovanie v Cloude, Workshop 2013

  1. 1. Cloud Security,
Kryptovanie v CloudeWorkshop, Cloud Expo 2013www.rackscale.sk
  2. 2. Erik Kirschner Founder & Co-Owner Rackscale, s.r.o. CCDA, CCNP, CCSP, VCP4, VCP5 erik.kirschner@rackscale.sk erik.kirschner@gmail.com 0908 707 197 Blog: www.erikkirschner.sk Twitter: @erikkirschner
  3. 3. Rackscale, s.r.o. * 5/2011 Tomášikova 64 (Lakeside Park) 831 04 Bratislava www.rackscale.sk Twitter: @rackscale
  4. 4. Agenda Kryptovanie v Cloude: Public, PrivateMožnosti/spôsoby kryptovania v CloudeAko kryptovať v Rackscale Public Cloud
  5. 5. Kryptovanie v Cloude Private Cloud: Protect-V od SafeNet HighCloud Security Public Cloud: HighCloud Security Regulatory compliance HIPAA, PCI and FIPS 140-2 level 3 certifiedKeySecure appliance
  6. 6. Možnosti/spôsoby kryptovania Private Cloud: Pre-Boot VM Storage (LUN, vmdk,…) Public Cloud: VM HDD ( !!! ale nie s OS !!! )
  7. 7. Ako kryptovať vRackscale Public CloudKey and Policy Server: https://crypto.rackscale.sk generovanie a správa kľúčovregistrácia VM, ktoré budú mať kryptované diskyspráva kryptovaných HDD vo VMs Kryptované HDD vo VM, ktoré su !!!kdekoľvek!!!, napr. u Vásvo firme, v Rackscale Cloud, alebo iných Cloud Providers.
  8. 8. Podporované OS Microsoft: Windows Server 2008 R2 Windows 7 Linux: CentOS 5.8 64-bit CentOS 6.2 64-bit CentOS 6.3 64-bit Ubuntu 10.04 server and desktop (64-bit) Ubuntu 12.04 server (64-bit) Ubuntu 12.10 server (64-bit) Red Hat Enterprise Linux 6
  9. 9. Ako to funguje?
  10. 10. VM Sets Rackscale
  11. 11. Registrácia VM # hcl register -h my_ubuntu -d This is my 10.04 VM 192.168.140.130 ad85837b-9862-11e1-afd5-000c29de5d41_120507163538.bin Enter Import Password: Enter certificate passphrase Enter passphrase (min 16 characters): onetimepassword16chrsmin Registered as my_ubuntu with KPS 192.168.140.130 Please login to the KPS to complete the authentication of this node
  12. 12. # hcl status HCL status, linux Summary -------------------------------------------------------------------------------- KPS: 192.168.140.151:443 KPS list: 192.168.140.151:443,192.168.140.152:443 Status: Connected Registered Devices -------------------------------------------------------------------------------- Disk Name Clear Cipher Status -------------------------------------------------------------------------------- Available Devices -------------------------------------------------------------------------------- Disk Name Device Node Size (in MB) -------------------------------------------------------------------------------- sde /dev/sde 2048 sdd /dev/sdd 2048 sdc /dev/sdc 2048 sdb2 /dev/sdb2 1027 sdb1 /dev/sdb1 1019 Other Devices -------------------------------------------------------------------------------- Disk Name Device Node Status -------------------------------------------------------------------------------- sda5 /dev/sda5 Mounted (swap) sda1 /dev/sda1 Mounted (/)
  13. 13. HCL status, windows C:Windowshcl status Summary ----------------------------------------------------------------------------- KPS: 192.168.140.151:443 KPS list: 192.168.140.151:443,192.168.140.152:443 Status: Connected Device details ----------------------------------------------------------------------------- Encrypted Clear Cipher Status ----------------------------------------------------------------------------- Available Devices ----------------------------------------------------------------------------- Disk name Drive Status ----------------------------------------------------------------------------- DeviceHarddisk1Partition0 Available DeviceHarddisk2Partition0 Available
  14. 14. # hcl status Summary HCL status, linux -------------------------------------------------------------------------------- KPS: 192.168.140.151:443 KPS list: 192.168.140.151:443,192.168.140.152:443 Status: Connected Registered Devices -------------------------------------------------------------------------------- Disk Name Clear Cipher Status -------------------------------------------------------------------------------- sdb2 /dev/mapper/clear_sdb2 AES-256 Attached -- auto_attach=ENABLED, attach_handler=DEFAULT, detach_handler=DEFAULT sdb1 /dev/mapper/clear_sdb1 AES-256 Attached -- auto_attach=ENABLED, attach_handler=DEFAULT, detach_handler=DEFAULT Available Devices -------------------------------------------------------------------------------- Disk Name Device Node Size (in MB) -------------------------------------------------------------------------------- sde /dev/sde 2048 sdd /dev/sdd 2048 sdc /dev/sdc 2048 Other Devices -------------------------------------------------------------------------------- Disk Name Device Node Status -------------------------------------------------------------------------------- sda5 /dev/sda5 Mounted (swap) sda1 /dev/sda1 Mounted (/)
  15. 15. KPS, disks
  16. 16. Otázky?

×