Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Openstack Demo-virtual checkpoint FW and virtual suricata IDS

1,527 views

Published on

Presentation

Published in: Engineering
  • Be the first to comment

  • Be the first to like this

Openstack Demo-virtual checkpoint FW and virtual suricata IDS

  1. 1. Copyright@ 2018 All reserved by KrDAG OPENSTACK DEMO Security KRDAG STUDY Seo & Ryu
  2. 2. Copyright@ 2018 All reserved by KrDAG NET1 #1. FW IN OPENSTACK vRouter와 vFW vRouter Internet VM VM vFW ? vFW Internet VM VM vRouter와 vFW의 기능 충돌 Routing Security Routing NAT vRouter를 갈아치우자 NET2
  3. 3. Copyright@ 2018 All reserved by KrDAG DC DC #1. FW IN OPENSTACK 배포 위치 고민 Controller Compute Compute Compute vFW VM VM VM VM Openstack Internet Openstack Openstack Openstack Physical FW Openstack Internet Openstack Openstack Openstack vFW
  4. 4. Copyright@ 2018 All reserved by KrDAG #2. AFTER VM DEPLOY Default is Drop WHY NO initial Configuration – support heat API/CLI/GUI 열어주세요~
  5. 5. Copyright@ 2018 All reserved by KrDAG #2. AFTER VM DEPLOY Auto? Depoloying security policy VM 추가 VM의 IP 정보 확인 방화벽에 해당 IP object 추가 방화벽에 해당 VM IP 허용 ./Cpadd.sh "svr1“ ./Cpdel.sh “svr1” DEMO Controller Compute Compute vFW svr1 IDSsvr3
  6. 6. Copyright@ 2018 All reserved by KrDAG #3. IDS IN OPENSTACK 대체 뭘 모니터링 해야해 그래서 어디있는데? Target VMIDS
  7. 7. Copyright@ 2018 All reserved by KrDAG #3. IDS IN OPENSTACK 인터페이스를 찾자 VM 인스턴스 정보(instance-000xxx)확인 배포된 compute 노드 확인 네트워크 포트 순서(역순) 확인 해당 compute 노드에서 qemu 파일 확인 ./mirrir.sh add "svr1“ “internal service” ./mirrir.sh del "svr1“ “internal service” DEMO 해당 인터페이스 확인 Controller Compute Compute vFW svr1 IDSsvr3

×