Understand about current cloud market, cloud service providers - Azure or Amazon, cloud fundamentals, VM Virtualization, Cloud deployment models, IaaS vs PaaS vs SaaS, Cloud Security and Risks.
The document discusses Azure penetration testing. It provides an agenda that covers an overview of common Azure services attacked, tools used for testing, and guidelines. It describes how Microsoft's blue and red teams work together on testing. Policies prohibit attacks on other customers or social engineering. Encouraged tests include using trial accounts and informing Microsoft of any vulnerabilities found. Steps outlined include identifying attack surfaces, data collection, vulnerability scanning, and penetration testing public-facing Azure services using tools like MicroBurst. Securing databases and using encryption are also addressed. A demo of vulnerability identification is promised.
This document provides an introduction to Azure Container Apps, Azure Container Registry, and GitHub Actions. It discusses that Azure Container Apps provides a serverless environment for running containerized applications without needing to manage infrastructure. It also describes Azure Container Registry as a private Docker registry and GitHub Actions for automating software development workflows. The document concludes with references and a demo of hands-on labs to showcase these services.
You'll understand how hackers can attack resources hosted in the Azure and protect Azure infrastructure by identifying vulnerabilities, along with extending your pentesting tools and capabilities.
20 common security vulnerabilities and misconfiguration in AzureCheah Eng Soon
This document outlines 20 common security vulnerabilities and misconfigurations in Microsoft Azure. It discusses issues such as storage accounts being publicly accessible, lack of multi-factor authentication, insecure guest user settings, and features like Azure Security Center and Network Watcher being disabled by default. The document is intended to educate users on important security best practices for securing resources and configurations in Azure.
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftAlert Logic
This document provides an overview of Microsoft Azure's security posture and capabilities. It discusses how Azure is designed to detect security threats using monitoring and machine learning, rapidly respond to incidents, and protect customer data and infrastructure across the cloud platform. Key security controls for Azure include secure multi-tenancy, network protection, data encryption, identity and access management, and the Azure Security Center for centralized security management. The document also emphasizes Microsoft's commitments to transparency, compliance with regulations, and empowering customers to control their security.
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
Clouds are finding increased use in core enterprise systems, which mean auditing is the cornerstone expectation. Cloud vendors announce new cloud services, offer new security solutions and refer to the global security standards among of them the requirements look like quite similar. This is series of articles about AWS Cloud Security from the point of view of the compliance to highlight technical requirements of the top Worldwide and Russian security standards for key AWS services, describe how technically prepare to audit and configure AWS services.
http://pentestmag.com/pentest-webapp-1212/
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
The presentation discusses Alert Logic's Cloud Insight Essentials, which provides automated exposure and vulnerability management for AWS. It integrates with Amazon GuardDuty to provide centralized visibility of AWS assets, identify configuration flaws, and offer immediate remediation advice. Cloud Insight Essentials allows customers to take action sooner on threats in their AWS environments and prevent future compromise through continuous checks and prioritized remediation recommendations with no footprint on AWS. A demo of the product is provided and customers can start a 30-day free trial from the AWS Marketplace.
The document discusses Azure penetration testing. It provides an agenda that covers an overview of common Azure services attacked, tools used for testing, and guidelines. It describes how Microsoft's blue and red teams work together on testing. Policies prohibit attacks on other customers or social engineering. Encouraged tests include using trial accounts and informing Microsoft of any vulnerabilities found. Steps outlined include identifying attack surfaces, data collection, vulnerability scanning, and penetration testing public-facing Azure services using tools like MicroBurst. Securing databases and using encryption are also addressed. A demo of vulnerability identification is promised.
This document provides an introduction to Azure Container Apps, Azure Container Registry, and GitHub Actions. It discusses that Azure Container Apps provides a serverless environment for running containerized applications without needing to manage infrastructure. It also describes Azure Container Registry as a private Docker registry and GitHub Actions for automating software development workflows. The document concludes with references and a demo of hands-on labs to showcase these services.
You'll understand how hackers can attack resources hosted in the Azure and protect Azure infrastructure by identifying vulnerabilities, along with extending your pentesting tools and capabilities.
20 common security vulnerabilities and misconfiguration in AzureCheah Eng Soon
This document outlines 20 common security vulnerabilities and misconfigurations in Microsoft Azure. It discusses issues such as storage accounts being publicly accessible, lack of multi-factor authentication, insecure guest user settings, and features like Azure Security Center and Network Watcher being disabled by default. The document is intended to educate users on important security best practices for securing resources and configurations in Azure.
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msftAlert Logic
This document provides an overview of Microsoft Azure's security posture and capabilities. It discusses how Azure is designed to detect security threats using monitoring and machine learning, rapidly respond to incidents, and protect customer data and infrastructure across the cloud platform. Key security controls for Azure include secure multi-tenancy, network protection, data encryption, identity and access management, and the Azure Security Center for centralized security management. The document also emphasizes Microsoft's commitments to transparency, compliance with regulations, and empowering customers to control their security.
AWS Cloud Security From the Point of View of the ComplianceYury Chemerkin
Clouds are finding increased use in core enterprise systems, which mean auditing is the cornerstone expectation. Cloud vendors announce new cloud services, offer new security solutions and refer to the global security standards among of them the requirements look like quite similar. This is series of articles about AWS Cloud Security from the point of view of the compliance to highlight technical requirements of the top Worldwide and Russian security standards for key AWS services, describe how technically prepare to audit and configure AWS services.
http://pentestmag.com/pentest-webapp-1212/
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
The presentation discusses Alert Logic's Cloud Insight Essentials, which provides automated exposure and vulnerability management for AWS. It integrates with Amazon GuardDuty to provide centralized visibility of AWS assets, identify configuration flaws, and offer immediate remediation advice. Cloud Insight Essentials allows customers to take action sooner on threats in their AWS environments and prevent future compromise through continuous checks and prioritized remediation recommendations with no footprint on AWS. A demo of the product is provided and customers can start a 30-day free trial from the AWS Marketplace.
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
This document provides an overview of Alert Logic's Security-as-a-Service offering. It describes Alert Logic's integrated multi-layer security solution that protects enterprise applications and cloud workloads from web application attacks, server and network activity, and vulnerabilities. It also discusses how Alert Logic assesses risks, blocks threats, detects anomalies, and ensures compliance. Alert Logic provides both security software and services to help secure hybrid and multi-cloud environments.
This document discusses Alert Logic's Security-as-a-Service offering which provides an integrated multi-layer security solution to protect enterprise applications and cloud workloads across hosted data centers and hybrid environments. It protects against web application attacks, server and network activity, and vulnerabilities across software stacks. Alert Logic also provides security experts and services including assessment, blocking, detection, and compliance. The document then discusses best practices for securing an AWS environment including logical network segmentation, access management, configuration management, and understanding the shared responsibility model between cloud providers and customers.
Shared Security Responsibility for the Azure CloudAlert Logic
This document discusses shared security responsibility in Azure. It provides an overview of security best practices when using Azure, including understanding the shared responsibility model, implementing network security practices, securing data and access, securely developing code, log management, and vulnerability management. It also describes Alert Logic security solutions that can help monitor Azure environments for threats across the application stack.
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
This document discusses the importance of detection in security and introduces Alert Logic Cloud Insight Essentials. It notes that it takes companies on average 6 months to detect an intrusion. The essentials of security require continuous monitoring, accurate detection, and centralized management. Cloud Insight Essentials provides automated exposure and vulnerability management for AWS that extends GuardDuty findings. It offers visibility, identifies configuration flaws, and provides remediation advice. Cloud Insight Essentials integrates with AWS APIs for no-touch automation and a REST API for integration. It allows taking action sooner on threats with context and prioritized recommendations.
Getting Started with Azure Security CenterCheah Eng Soon
- The document discusses Azure Security Center, a service that provides unified visibility and control over security for hybrid cloud workloads.
- It offers adaptive threat prevention through actionable protections that identify and mitigate risk to reduce exposure to attacks.
- Azure Security Center also allows for intelligent detection and response using advanced analytics and the Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats.
Windows Azure Security Features And Functionalityvivekbhat
Windows Azure is a cloud computing platform that combines compute, storage, and SQL components. It handles threats to its infrastructure like physical attacks and impersonation, while customers are responsible for threats to their tenant like code bugs and privilege abuse by their own administrators. Windows Azure provides security features like network access control, hypervisor isolation of tenants, access controls on storage accounts, and password authentication for SQL databases.
Css sf azure_8-9-17 - 5_ways to_optimize_your_azure_infrastructure_thayer gla...Alert Logic
This document discusses 5 ways to optimize an Azure infrastructure using CloudHealth Technologies. It summarizes CloudHealth's capabilities including gaining visibility across cloud accounts, consolidating resources into business perspectives, analyzing cost and usage, implementing policies for optimization, and providing best practices recommendations. The document also briefly outlines CloudHealth's expertise, platform uptime, customer base, and data center migration services.
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alAlert Logic
The document discusses strategies for protecting web applications from security threats. It begins by examining the types of attacks organizations face, including application attacks, brute force attacks, and suspicious activity. It then covers hacker reconnaissance methods such as crawling websites, using vulnerability scanners, and searching open forums and the dark web. The document outlines how attacks can escalate from exploiting web applications to gaining privileged access. It concludes by providing recommendations for developing a secure code, access management policies, patch management, monitoring strategies, and staying informed of the latest vulnerabilities.
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
Whether you’re working exclusively on Azure or with multiple cloud environments, there are certain things you should consider when moving assets to the public cloud. As with any cloud deployment, security is a top priority, and moving your workloads to the Azure cloud doesn’t mean you’re not responsible for the security of your operating system, applications, and data.
Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your environment is secure. In this session, we will discuss step-by-step what you need to do to secure access at the administrative, application and network layers.
This document provides an overview of Microsoft Azure security features, including:
- Shared responsibility model where Microsoft secures the platform and customers secure their data and applications
- Identity and access management, encryption of data at rest and in transit, network security controls, and logging/monitoring capabilities
- Security Center provides visibility into threats and advanced analytics to detect attacks
- Operations Management Suite allows collecting logs from Azure, on-premises, and other clouds to analyze security events
- Microsoft works with partners to provide additional virtual network appliances and security solutions to customers
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alAlert Logic
This document discusses security challenges in cloud computing. It notes that infrastructure has changed from buying hardware to using infrastructure as a service in the cloud. Security has also changed as cybercrime has become more organized and targets both large and small companies. While the cloud can be secure, it also introduces new security challenges around lack of control, increased threat surfaces, and difficulty tuning security tools. Effective cloud security requires applying the same standards as on-premises, understanding shared security responsibilities between the customer and cloud provider, and adopting a new approach tailored to the cloud. The document promotes Alert Logic as a solution that provides full-stack security monitoring, detection and protection across cloud workloads and applications.
Govern Your Cloud: The Foundation for SuccessAlert Logic
This document discusses the importance of cloud governance and outlines Cloudreach's methodology for implementing an effective governance framework. It begins with an introduction to cloud governance and examples of Cloudreach helping customers implement governance for Azure deployments. It then covers some key challenges of cloud computing that governance addresses, such as managing users, resources, spending and auditing. The presentation concludes by describing Cloudreach's governance framework methodology and the phases of creating and implementing an effective governance model.
Global Azure Bootcamp 2018 - Azure Security CenterScott Hoag
In this session, students will learn about Azure Security Center and Azure platform security.
Azure Security Center makes it easier than ever to protect your Microsoft Azure virtual machines and virtual networks (as well as Azure SQL Databases, Storage, and more), enabling you to move to the cloud with confidence.
Piloting The Cloud: Acting on OMB's Mandate - RightNow TechnologiesNitin Badjatia
This document discusses piloting cloud computing initiatives within government agencies. It begins by defining cloud computing and outlining its key characteristics. It then discusses the potential benefits to agencies, such as reduced costs, scalability, and focusing on core missions rather than technology. The document recommends agencies start by piloting opportunities in areas like communications, portals, content management, and analytics. It provides examples of cloud-based case studies that delivered savings and efficiencies. It positions RightNow as an experienced provider of cloud-based customer service solutions to over 160 government customers.
IBM Connect: Enabling Culture Change to Transform into a Social BusinessMeredith B. Singer
Traditional business hierarchy is not primed for social business. And social tools alone do not make a social business. People working in the open make a social business. At IBM, we’ve learned that transforming into a social business doesn't just happen because social tools are available. By blending traditional and emerging organizational change management techniques, IBM has created a unique point of view on enabling the required behavior and culture change. This presentation highlights the innovative approaches IBM uses to enable all employees to adopt new ways of working. It also provides tips for building executive commitment to your organization’s social business transformation.
Managed Threat Detection & Response for AWS ApplicationsAlert Logic
This document provides an overview of Alert Logic's Security-as-a-Service offering. It describes Alert Logic's integrated multi-layer security solution that protects enterprise applications and cloud workloads from web application attacks, server and network activity, and vulnerabilities. It also discusses how Alert Logic assesses risks, blocks threats, detects anomalies, and ensures compliance. Alert Logic provides both security software and services to help secure hybrid and multi-cloud environments.
This document discusses Alert Logic's Security-as-a-Service offering which provides an integrated multi-layer security solution to protect enterprise applications and cloud workloads across hosted data centers and hybrid environments. It protects against web application attacks, server and network activity, and vulnerabilities across software stacks. Alert Logic also provides security experts and services including assessment, blocking, detection, and compliance. The document then discusses best practices for securing an AWS environment including logical network segmentation, access management, configuration management, and understanding the shared responsibility model between cloud providers and customers.
Shared Security Responsibility for the Azure CloudAlert Logic
This document discusses shared security responsibility in Azure. It provides an overview of security best practices when using Azure, including understanding the shared responsibility model, implementing network security practices, securing data and access, securely developing code, log management, and vulnerability management. It also describes Alert Logic security solutions that can help monitor Azure environments for threats across the application stack.
Extending Amazon GuardDuty with Cloud Insight Essentials Alert Logic
This document discusses the importance of detection in security and introduces Alert Logic Cloud Insight Essentials. It notes that it takes companies on average 6 months to detect an intrusion. The essentials of security require continuous monitoring, accurate detection, and centralized management. Cloud Insight Essentials provides automated exposure and vulnerability management for AWS that extends GuardDuty findings. It offers visibility, identifies configuration flaws, and provides remediation advice. Cloud Insight Essentials integrates with AWS APIs for no-touch automation and a REST API for integration. It allows taking action sooner on threats with context and prioritized recommendations.
Getting Started with Azure Security CenterCheah Eng Soon
- The document discusses Azure Security Center, a service that provides unified visibility and control over security for hybrid cloud workloads.
- It offers adaptive threat prevention through actionable protections that identify and mitigate risk to reduce exposure to attacks.
- Azure Security Center also allows for intelligent detection and response using advanced analytics and the Microsoft Intelligent Security Graph to rapidly detect and respond to evolving cyber threats.
Windows Azure Security Features And Functionalityvivekbhat
Windows Azure is a cloud computing platform that combines compute, storage, and SQL components. It handles threats to its infrastructure like physical attacks and impersonation, while customers are responsible for threats to their tenant like code bugs and privilege abuse by their own administrators. Windows Azure provides security features like network access control, hypervisor isolation of tenants, access controls on storage accounts, and password authentication for SQL databases.
Css sf azure_8-9-17 - 5_ways to_optimize_your_azure_infrastructure_thayer gla...Alert Logic
This document discusses 5 ways to optimize an Azure infrastructure using CloudHealth Technologies. It summarizes CloudHealth's capabilities including gaining visibility across cloud accounts, consolidating resources into business perspectives, analyzing cost and usage, implementing policies for optimization, and providing best practices recommendations. The document also briefly outlines CloudHealth's expertise, platform uptime, customer base, and data center migration services.
Css sf azure_8-9-17-protecting_web_apps_stephen coty_alAlert Logic
The document discusses strategies for protecting web applications from security threats. It begins by examining the types of attacks organizations face, including application attacks, brute force attacks, and suspicious activity. It then covers hacker reconnaissance methods such as crawling websites, using vulnerability scanners, and searching open forums and the dark web. The document outlines how attacks can escalate from exploiting web applications to gaining privileged access. It concludes by providing recommendations for developing a secure code, access management policies, patch management, monitoring strategies, and staying informed of the latest vulnerabilities.
Azure 101: Shared responsibility in the Azure CloudPaulo Renato
Whether you’re working exclusively on Azure or with multiple cloud environments, there are certain things you should consider when moving assets to the public cloud. As with any cloud deployment, security is a top priority, and moving your workloads to the Azure cloud doesn’t mean you’re not responsible for the security of your operating system, applications, and data.
Building on the security of the Azure infrastructure, this shared security responsibility starts with making sure your environment is secure. In this session, we will discuss step-by-step what you need to do to secure access at the administrative, application and network layers.
This document provides an overview of Microsoft Azure security features, including:
- Shared responsibility model where Microsoft secures the platform and customers secure their data and applications
- Identity and access management, encryption of data at rest and in transit, network security controls, and logging/monitoring capabilities
- Security Center provides visibility into threats and advanced analytics to detect attacks
- Operations Management Suite allows collecting logs from Azure, on-premises, and other clouds to analyze security events
- Microsoft works with partners to provide additional virtual network appliances and security solutions to customers
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_alAlert Logic
This document discusses security challenges in cloud computing. It notes that infrastructure has changed from buying hardware to using infrastructure as a service in the cloud. Security has also changed as cybercrime has become more organized and targets both large and small companies. While the cloud can be secure, it also introduces new security challenges around lack of control, increased threat surfaces, and difficulty tuning security tools. Effective cloud security requires applying the same standards as on-premises, understanding shared security responsibilities between the customer and cloud provider, and adopting a new approach tailored to the cloud. The document promotes Alert Logic as a solution that provides full-stack security monitoring, detection and protection across cloud workloads and applications.
Govern Your Cloud: The Foundation for SuccessAlert Logic
This document discusses the importance of cloud governance and outlines Cloudreach's methodology for implementing an effective governance framework. It begins with an introduction to cloud governance and examples of Cloudreach helping customers implement governance for Azure deployments. It then covers some key challenges of cloud computing that governance addresses, such as managing users, resources, spending and auditing. The presentation concludes by describing Cloudreach's governance framework methodology and the phases of creating and implementing an effective governance model.
Global Azure Bootcamp 2018 - Azure Security CenterScott Hoag
In this session, students will learn about Azure Security Center and Azure platform security.
Azure Security Center makes it easier than ever to protect your Microsoft Azure virtual machines and virtual networks (as well as Azure SQL Databases, Storage, and more), enabling you to move to the cloud with confidence.
Piloting The Cloud: Acting on OMB's Mandate - RightNow TechnologiesNitin Badjatia
This document discusses piloting cloud computing initiatives within government agencies. It begins by defining cloud computing and outlining its key characteristics. It then discusses the potential benefits to agencies, such as reduced costs, scalability, and focusing on core missions rather than technology. The document recommends agencies start by piloting opportunities in areas like communications, portals, content management, and analytics. It provides examples of cloud-based case studies that delivered savings and efficiencies. It positions RightNow as an experienced provider of cloud-based customer service solutions to over 160 government customers.
IBM Connect: Enabling Culture Change to Transform into a Social BusinessMeredith B. Singer
Traditional business hierarchy is not primed for social business. And social tools alone do not make a social business. People working in the open make a social business. At IBM, we’ve learned that transforming into a social business doesn't just happen because social tools are available. By blending traditional and emerging organizational change management techniques, IBM has created a unique point of view on enabling the required behavior and culture change. This presentation highlights the innovative approaches IBM uses to enable all employees to adopt new ways of working. It also provides tips for building executive commitment to your organization’s social business transformation.
This is the firs presentation I created for training IBM EBIS community on cloud computing and apporach to cloud sales and projects. All the materials come from IBM internal documentation and precedent classes slide.
This document summarizes a virtual event about preventing DDoS attacks against credit unions. The event covers 5 types of DDoS attacks and discusses practical steps credit unions can take to prepare for and prevent attacks. Presenters from RedZone Technologies discuss reviewing a credit union's security portfolio, identifying gaps, and developing a long-term investment roadmap to strengthen defenses against DDoS and other cyber threats. The event provides an overview of vendor solutions that can help protect against different attack types and questions attendees should consider.
This document discusses cloud forensics and privacy. It provides an overview of cloud computing models and characteristics. It also discusses digital forensics challenges in cloud environments, such as evidence segregation and data location issues. The document outlines different cloud investigation scenarios for internal and external cases. It presents models of cloud reference architecture and actors. Finally, it discusses opportunities and challenges for cloud forensics, including issues around jurisdiction, data access across borders, and dependencies between cloud providers.
The latest massive IoT DDoS attack from the Mirai botnet that took major websites like Twitter and Reddit offline for hours – has already gained notoriety as one of the worst DDoS strikes in history.
In this webinar Manish Rai & Ty Powers of Great Bay Software will help you understand exactly how the enterprise IoT landscape is changing, and what it means for the assumptions organizations have been making in regards to safeguarding against IoT cyberattacks. You will:
Gain insights into how the recent IoT-based DDoS attacks were launched
How similar attacks could be launched inside enterprise networks
How to safeguard against IoT device compromises
How to reduce your risk, whose job is it anyway?
Learn about what your peers are doing for IoT device security, relevant findings from the 2016 Great Bay Software IoT Security Survey
Watch this ondemand webinar with this link: https://go.greatbaysoftware.com/owb-safeguarding-against-iot-ddos-attacks
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)Kuniyasu Suzaki
The document discusses security issues with cloud storage and proposes a solution called Virtual Jail Storage System (VJSS). VJSS aims to prevent information leaks from servers and clients by encrypting and splitting data across multiple providers. It also seeks to address concerns about information erasure and loss through error correction and an append-only file system.
Cloud Computing offers an on-demand and scalable access to a shared pool of resources hosted in a data center at providers’ site. It reduces the overheads of up-front investments and financial risks for the end-user. Regardless of the fact that cloud computing offers great advantages to the end users, there are several challenging issues that are mandatory to be addressed.
Ian Farquhar outlines key considerations for CFOs regarding security of SaaS and private cloud environments. For SaaS and public cloud, it is important to thoroughly read contracts, conduct cost-benefit analyses, plan for contingencies like provider termination, and verify security claims while maintaining healthy skepticism. For private cloud, best practices from traditional IT still apply while some security aspects are improved, but the main focus areas are operational issues around administration, licensing, change control and data management.
This document discusses security and forensics discovery in cloud computing. It begins with an introduction to cloud computing concepts like Amazon EC2, S3, and cloud service models. It then covers cloud security risks including lock-in, shared service consequences, sudden acquisitions, run-on-the-cloud scenarios, maintaining certifications, and technical/procedural vulnerabilities. The document argues that security issues applicable to traditional systems also apply to the cloud due to a lack of cloud-specific security standards.
Trying to bottle the cloud forensic challenges with cloud computingBrent Muir
This document discusses the forensic challenges associated with cloud computing. It covers the different types of cloud technologies including cloud processing and cloud storage. It also discusses the challenges of accessing cloud data which can be stored across various backend infrastructures and datacenters around the world. The document outlines the different types of data that may be stored in the cloud including VM files systems, loose files, emails and more. It discusses issues around jurisdiction and legislation when cloud data is involved in an investigation. Recommendations are provided for forensically sound procedures when acquiring cloud evidence. Real-world examples involving an Australian cloud storage provider and Microsoft SkyDrive are also summarized.
This document summarizes a project on cloud forensics. It discusses cloud computing models like SaaS, PaaS, and IaaS. It describes implementing a private Eucalyptus cloud and testing live forensics via virtual introspection and recovering ephemeral data from previous cloud tenants. It demonstrates recovering data from a physical disk but not from a new virtual instance due to sparse files. The document concludes ephemeral data is not accessible to new tenants in Eucalyptus clouds due to sparse files and zero-filling.
The document discusses challenges with forensic tracing in the evolving Internet. It begins by looking at traceback methods from the 1980s Internet, when each end site had a stable IP address. The introduction of NATs complicated traceback by hiding internal addresses. Further issues have arisen from IPv4 exhaustion, widespread NAT deployment including carrier-grade NATs, and the diversity of IPv4-IPv6 transition technologies used by different ISPs. This variability undermines the traditional model of tracing based on IP addresses and timestamps. New record keeping requirements are needed from ISPs but may not be practical or scalable. The complexity is increased further by trends toward more encrypted and opaque application-level protocols that obscure network-level sessions.
The document discusses IoT security and methods for using Java to build more secure IoT applications. It covers recent IoT attacks exploiting weaknesses like default passwords. The Java Cryptography Architecture and libraries like Bouncy Castle provide cryptography support for tasks like encryption and digital signatures. Secure elements and JavaCard provide hardware-backed security by executing code and storing keys in a protected environment. The document emphasizes that security needs to be considered from the start of a project to reduce costs and vulnerabilities.
12Nov13 Webinar: Big Data Analysis with Teradata and Revolution AnalyticsRevolution Analytics
Revolution R Enterprise is a big data analytics platform based on the open source statistical programming language R. It allows for high performance, scalable analytics on large datasets across enterprise platforms. The presentation discusses Revolution R Enterprise and how it addresses challenges with big data and accelerating analytics, including data volume, complex computation, enterprise readiness, and production efficiency. It also highlights how Revolution R Enterprise integrates with Teradata to enable in-database analytics for further performance improvements.
The document discusses how IoT devices are increasingly being used in DDoS attacks against DNS infrastructure due to lack of security on many IoT devices. It provides examples of major DDoS attacks launched through botnets of compromised IoT devices, such as the Mirai malware attacks. The document also discusses recommendations for IoT users, industry, and network operators to help prevent and mitigate these types of DDoS attacks going forward.
Assessing the Security of Cloud SaaS SolutionsDigital Bond
The document discusses assessing the security of cloud SaaS solutions. It covers cloud security standards like ISO 27001, CSA Cloud Controls Matrix, and CSA STAR certification. Trust in the cloud is difficult due to lack of transparency from cloud providers. The document provides approaches for evaluating a cloud provider's security controls, privacy practices, and data protection. It also includes sample questions from the CSA consensus assessment initiative to assess these areas for a specific cloud SaaS solution.
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Positive Hack Days
Ведущий: Джефф Кац
По прогнозам Cisco, в этом году 25 млрд устройств будут подключены к интернету, а к 2020 году число увеличится вдвое. Планируя разработку решения в сфере Интернета вещей (IoT), вы должны подумать о том, что в один прекрасный день к вам нагрянет ФСБ . Вопрос безопасности пользователей нужно продумать заранее, не следует откладывать его на потом. Докладчик расскажет, как использовать преимущества IoT-продуктов, не ущемляя личных прав ваших клиентов. Доклад сопровождается примерами услуг, в которых конфиденциальность и безопасность были обеспечены в начале разработки.
A brief overview of IBM Cloud security in three slides – SaaS, IaaS and PaaS, and the others providing a snapshot of IBM's current set of SaaS, IaaS and PaaS offerings.
** Diadem Technologies | Cloud Computing | Nasscom Workshop in Kolkata **
Diadem Technologies is a leading web hosting service provider, specialising in providing managed and customised hosted solutions for its 1500+ clients.
Confused by cloud? Logicalis at how and why to move to an enterprise cloud platform:
What type of Cloud do I need?
Cloud value elements
What does Cloud mean to you?
The document discusses challenges facing today's enterprises including cutting costs, driving value with tight budgets, maintaining security while increasing access, and finding the right transformative capabilities. It then discusses challenges in building applications such as scaling, availability, and costs. The document introduces the Windows Azure platform as a solution, highlighting its fundamentals of scale, automation, high availability, and multi-tenancy. It provides considerations for using cloud computing on or off premises and discusses ownership models.
Cloud computing is a general term for network-based computing that takes place over the Internet. It provides on-demand access to shared pools of configurable computing resources like networks, servers, storage, applications, and services. Key characteristics include elasticity, ubiquitous network access, and pay-per-use pricing. Some advantages include lower costs, universal access, automatic updates, and unlimited storage. However, it also requires a constant Internet connection and raises security and data loss concerns.
System Center Datacenter Cloud Management Vision & RoadmapAmit Gatenyo
This document outlines Microsoft's vision and roadmap for System Center Cloud and Datacenter Management. It discusses increasing pressures on IT from business users to provide services faster, cheaper, and more scalable. Microsoft is committed to bringing its experience from public clouds like Windows Azure to help customers build and manage private clouds. The future roadmap focuses on delivering common management experiences across private and public clouds through features like self-service provisioning, delegation and control, and application visibility. Key components will include capabilities for infrastructure and application management, automation, and integration across System Center products and clouds.
An educational overview of the Cloud Computing Ecosystem or Framework. This presentation is geared toward those who are just beginning to understand Cloud Computing.
Organisations can find it more difficult to manage public cloud services than they originally expected and often they lack the skills and expertise necessary to do it properly.
Management becomes increasingly complex if using multiple cloud providers. Vendors are approaching cloud management in unique ways and in most cases tying you into specific cloud providers, making it difficult to compare select and even control public hybrid solutions
This session will look at tools and approaches that can assist your organisation to not only migrate workloads to the public cloud but also between the clouds, and toolsets designed to improve and control performance and flexibility in the cloud.
Cloud computing is a general term for network-based computing that takes place over the Internet. It provides on-demand access to shared pools of configurable computing resources like networks, servers, storage, applications, and services. Key characteristics include pay-as-you-go pricing, ubiquitous network access, resource pooling, rapid elasticity, and measured service. Common cloud service models are SaaS, PaaS, and IaaS. While cloud computing provides opportunities to reduce costs and access services from anywhere, challenges relate to security, control, and dependence on third parties.
The document provides an overview of cloud computing, including definitions of cloud, cloud characteristics, common cloud features, deployment models, service models, and examples of major cloud vendors like Amazon Web Services. It discusses how cloud computing provides on-demand access to shared computing resources over the internet and the business benefits of reduced costs and increased flexibility. However, some concerns include data security, latency issues for real-time applications, and lack of control over proprietary systems.
Cloud computing is a general term for internet-based computing where shared servers provide resources, software, and data to computers and other devices on demand. It provides hardware, software, storage, and networking services via the internet. Users can access cloud-based applications rather than installing them locally. Key advantages include lower costs, flexibility and scalability, universal access, collaboration capabilities, and automatic software updates. However, cloud computing also requires a constant internet connection and poses security, control and performance risks for users.
Cloud computing is a general term for internet-based computing that takes place over the internet. It involves delivering hosted services like storage, databases, software, analytics and more via third-party data centers. Key characteristics include pay-as-you-go pricing, ubiquitous network access, resource pooling and rapid elasticity. The main advantages are lower costs, improved performance, unlimited storage and easier collaboration. However, it requires a constant internet connection and stored data may not be fully secure.
Cloud computing refers to storing and accessing data and programs over the Internet instead of a local computer's hard drive. It offers on-demand access to a shared pool of configurable computing resources like networks, servers, storage, applications and services. Users can scale resources up or down depending on their needs. Cloud services provide easy access from anywhere via a web browser while automatically handling maintenance and updates behind the scenes. While cloud computing offers opportunities to reduce costs and improve access through economies of scale, it also raises security, control and reliability concerns that need to be addressed.
Cloud computing refers to storing and accessing data and programs over the Internet instead of a local computer's hard drive. It offers on-demand access to a shared pool of configurable computing resources like networks, servers, storage, applications and services. Key benefits include lower upfront costs, flexibility, scalability and ubiquitous access. However, challenges relate to security, control over data and dependence on third party providers.
Cloud computing refers to storing and accessing data and programs over the Internet instead of a local computer's hard drive. It offers on-demand access to a shared pool of configurable computing resources like networks, servers, storage, applications and services. Users can scale resources up or down depending on their needs. Some key benefits include lower costs, mobility, scalability and redundancy of data. However, issues around security, control and reliability need to be addressed for widespread adoption of cloud computing.
This document discusses cloud computing and related topics. It begins with definitions of cloud computing and cloud storage. It then covers cloud architecture, virtualization, cloud services and service models (SaaS, PaaS, IaaS). The document discusses private, public and hybrid cloud types and provides examples. It also discusses cloud management strategies and tools. Opportunities and challenges of cloud computing are presented.
This document provides an overview of cloud computing, including its history, key concepts, architecture, deployment models, service models, virtualization, scheduling, and security. Cloud computing allows for on-demand access to shared computing resources over the internet. There are four deployment models (public, private, hybrid, community) and three main service models (SaaS, PaaS, IaaS). Virtualization is a core technology that allows efficient sharing of physical resources. Scheduling algorithms are used to allocate and deliver virtual resources. Security challenges include threats to data, interfaces, and system vulnerabilities.
The document provides an overview of modern cloud architecture. It discusses key cloud concepts like Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS). It also covers architectural considerations for cloud applications like multi-tenancy, load balancing, scaling, security, monitoring, and metering. Microservices architecture and containerization are introduced as approaches for building applications for the cloud. Data-intensive architectures like lambda architecture are also summarized.
This document discusses the migration to cloud computing and the opportunities for combining public and private clouds. It argues that most organizations will utilize a hybrid cloud model, using both public cloud services from providers like Microsoft Azure as well as maintaining some applications and infrastructure on private clouds. Service providers can help organizations optimize costs and IT resources by offering managed services that integrate private clouds with public cloud platforms. The document outlines several examples of how service providers could develop offerings around disaster recovery, bursting computing capacity to the public cloud, and hosting applications on Azure.
Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources that can be rapidly provisioned and released with minimal management effort or service provider interaction. Key characteristics of cloud computing include on-demand self-service, broad network access, resource pooling, rapid elasticity, and measured service. Cloud computing provides opportunities for lower costs, improved performance and reliability, universal access, and collaboration. However, it also poses disadvantages such as reliance on a constant internet connection, potential security issues, and lack of local control.
Cloud computing is a general term for internet-based computing where shared servers provide resources, software, and data to computers and other devices on demand. It provides scalable, elastic resources without upfront investment for infrastructure. Key characteristics include pay-for-use, ubiquitous network access, resource pooling, rapid elasticity, and measured service. Common cloud service models are SaaS, PaaS, and IaaS. While the cloud provides opportunities like reduced costs and universal access, disadvantages include reliance on internet connectivity and potential security and control issues.
Similar to Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1) (20)
Cloud Computing – Jump start cloud development with Microsoft Azure (Part-2)Manoj Kumar
Learn about following:
What it needs to get started with Azure development
Cloud First Architecture
Azure Development platform Ecosystem
Azure Pass 1.0 vs PaaS 2.0
Case Study
Who can be a cloud developer?
This document provides an overview of BizTalk orchestration. It defines key orchestration concepts like orchestration, shapes, ports, and the orchestration designer tool. It describes how orchestrations are used to automate business processes by interacting with outside systems through receive and send ports. The document also discusses commonly used orchestration features like transformation, correlation, promotion, distinguished fields, dehydration, and rehydration. It provides guidance on developing orchestrations and includes demos of key orchestration capabilities.
This document discusses BizTalk messaging fundamentals including commonly used terms, receive and send ports, pipelines, message processing, promoted vs distinguished properties, message publishing and routing. It provides definitions for key concepts like messages, adapters, pipelines, ports, subscriptions. It also describes the end-to-end process of a message being received through a receive port, processed through pipelines and routing, and sent through a send port. Sample demos are outlined to demonstrate message routing with subscriptions and handling routing failures.
This document provides an overview of Microsoft BizTalk Server. It defines BizTalk as a premier messaging and integration tool that allows connecting diverse software and graphically creating and modifying business processes. The document outlines BizTalk's tools and capabilities, when it should be used, its architecture and common terms. It also discusses BizTalk's user base, evolution, development tools and installation process. Finally, it mentions some competitors to BizTalk.
Structural Design Patterns: Adapter
The Adapter pattern converts the interface of an existing class into another interface clients expect. An adapter allows classes to work together that couldn't otherwise due to incompatible interfaces. There are two types of adapters - class adapters inherit from an existing class, while object adapters compose existing classes. The adapter pattern is useful when you need to use an existing class but its interface does not match what is needed.
Introduction to ASP.Net Mvc3 with RazorManoj Kumar
This document introduces ASP.NET MVC 3 and the new Razor view engine. It discusses key features of Razor like its clean syntax based on existing languages, IntelliSense support, and unit testing support. It also summarizes new features in MVC 3 like multiple view engine support, dynamic ViewBag properties, and global filters. The document concludes with an invitation to a workshop to learn more.
Server vs Client in real life and in programming worldManoj Kumar
The document discusses a technology company that provides products, consulting services, and managed services. It highlights the company's recognition and awards from 2010 to 2009 as one of the top technology solution providers in America by CRN Magazine.
HTML5 is a new version of the HTML standard that includes new features. It allows for richer content on the web without needing plugins. The document discusses several new HTML5 features like semantic markup elements, audio and video elements, forms, and canvas drawing. It provides examples and demos of how to use these new elements in HTML5.
Software application architecture is an interesting and broadly discussed topic. In this presentation, I am discussing N-Tier application architecture. Going to investigate: What is architecture? Kinds of N-Tier application architecture and its advantage and disadvantage.
There is also a very basic quiz at the end of the session.
Introduction of Cybersecurity with OSS at Code Europe 2024Hiroshi SHIBATA
I develop the Ruby programming language, RubyGems, and Bundler, which are package managers for Ruby. Today, I will introduce how to enhance the security of your application using open-source software (OSS) examples from Ruby and RubyGems.
The first topic is CVE (Common Vulnerabilities and Exposures). I have published CVEs many times. But what exactly is a CVE? I'll provide a basic understanding of CVEs and explain how to detect and handle vulnerabilities in OSS.
Next, let's discuss package managers. Package managers play a critical role in the OSS ecosystem. I'll explain how to manage library dependencies in your application.
I'll share insights into how the Ruby and RubyGems core team works to keep our ecosystem safe. By the end of this talk, you'll have a better understanding of how to safeguard your code.
Ivanti’s Patch Tuesday breakdown goes beyond patching your applications and brings you the intelligence and guidance needed to prioritize where to focus your attention first. Catch early analysis on our Ivanti blog, then join industry expert Chris Goettl for the Patch Tuesday Webinar Event. There we’ll do a deep dive into each of the bulletins and give guidance on the risks associated with the newly-identified vulnerabilities.
How to Interpret Trends in the Kalyan Rajdhani Mix Chart.pdfChart Kalyan
A Mix Chart displays historical data of numbers in a graphical or tabular form. The Kalyan Rajdhani Mix Chart specifically shows the results of a sequence of numbers over different periods.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
A Comprehensive Guide to DeFi Development Services in 2024Intelisync
DeFi represents a paradigm shift in the financial industry. Instead of relying on traditional, centralized institutions like banks, DeFi leverages blockchain technology to create a decentralized network of financial services. This means that financial transactions can occur directly between parties, without intermediaries, using smart contracts on platforms like Ethereum.
In 2024, we are witnessing an explosion of new DeFi projects and protocols, each pushing the boundaries of what’s possible in finance.
In summary, DeFi in 2024 is not just a trend; it’s a revolution that democratizes finance, enhances security and transparency, and fosters continuous innovation. As we proceed through this presentation, we'll explore the various components and services of DeFi in detail, shedding light on how they are transforming the financial landscape.
At Intelisync, we specialize in providing comprehensive DeFi development services tailored to meet the unique needs of our clients. From smart contract development to dApp creation and security audits, we ensure that your DeFi project is built with innovation, security, and scalability in mind. Trust Intelisync to guide you through the intricate landscape of decentralized finance and unlock the full potential of blockchain technology.
Ready to take your DeFi project to the next level? Partner with Intelisync for expert DeFi development services today!
Fueling AI with Great Data with Airbyte WebinarZilliz
This talk will focus on how to collect data from a variety of sources, leveraging this data for RAG and other GenAI use cases, and finally charting your course to productionalization.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Skybuffer SAM4U tool for SAP license adoptionTatiana Kojar
Manage and optimize your license adoption and consumption with SAM4U, an SAP free customer software asset management tool.
SAM4U, an SAP complimentary software asset management tool for customers, delivers a detailed and well-structured overview of license inventory and usage with a user-friendly interface. We offer a hosted, cost-effective, and performance-optimized SAM4U setup in the Skybuffer Cloud environment. You retain ownership of the system and data, while we manage the ABAP 7.58 infrastructure, ensuring fixed Total Cost of Ownership (TCO) and exceptional services through the SAP Fiori interface.
Skybuffer AI: Advanced Conversational and Generative AI Solution on SAP Busin...Tatiana Kojar
Skybuffer AI, built on the robust SAP Business Technology Platform (SAP BTP), is the latest and most advanced version of our AI development, reaffirming our commitment to delivering top-tier AI solutions. Skybuffer AI harnesses all the innovative capabilities of the SAP BTP in the AI domain, from Conversational AI to cutting-edge Generative AI and Retrieval-Augmented Generation (RAG). It also helps SAP customers safeguard their investments into SAP Conversational AI and ensure a seamless, one-click transition to SAP Business AI.
With Skybuffer AI, various AI models can be integrated into a single communication channel such as Microsoft Teams. This integration empowers business users with insights drawn from SAP backend systems, enterprise documents, and the expansive knowledge of Generative AI. And the best part of it is that it is all managed through our intuitive no-code Action Server interface, requiring no extensive coding knowledge and making the advanced AI accessible to more users.
5th LF Energy Power Grid Model Meet-up SlidesDanBrown980551
5th Power Grid Model Meet-up
It is with great pleasure that we extend to you an invitation to the 5th Power Grid Model Meet-up, scheduled for 6th June 2024. This event will adopt a hybrid format, allowing participants to join us either through an online Mircosoft Teams session or in person at TU/e located at Den Dolech 2, Eindhoven, Netherlands. The meet-up will be hosted by Eindhoven University of Technology (TU/e), a research university specializing in engineering science & technology.
Power Grid Model
The global energy transition is placing new and unprecedented demands on Distribution System Operators (DSOs). Alongside upgrades to grid capacity, processes such as digitization, capacity optimization, and congestion management are becoming vital for delivering reliable services.
Power Grid Model is an open source project from Linux Foundation Energy and provides a calculation engine that is increasingly essential for DSOs. It offers a standards-based foundation enabling real-time power systems analysis, simulations of electrical power grids, and sophisticated what-if analysis. In addition, it enables in-depth studies and analysis of the electrical power grid’s behavior and performance. This comprehensive model incorporates essential factors such as power generation capacity, electrical losses, voltage levels, power flows, and system stability.
Power Grid Model is currently being applied in a wide variety of use cases, including grid planning, expansion, reliability, and congestion studies. It can also help in analyzing the impact of renewable energy integration, assessing the effects of disturbances or faults, and developing strategies for grid control and optimization.
What to expect
For the upcoming meetup we are organizing, we have an exciting lineup of activities planned:
-Insightful presentations covering two practical applications of the Power Grid Model.
-An update on the latest advancements in Power Grid -Model technology during the first and second quarters of 2024.
-An interactive brainstorming session to discuss and propose new feature requests.
-An opportunity to connect with fellow Power Grid Model enthusiasts and users.
3. 3
Cloud Market
Business and Technical benefits
What is cloud computing? Cloud Architecture?
Cloud Deployment models
Leading cloud providers
Dev models: IaaS Vs PaaS Vs SaaS
Cloud Migration strategy and challenges
5. Business drivers for cloud
Lower TCO
Just-in-time Infrastructure to scale
Higher Resource Utilization Rate
CAPEX OPEX
Focus on core business apps
Pay as you go instead of long-term contracts
Reduced administration effort
Reduced time to market
5
9. Cloud Infrastructure (Mega Datacenters)
9
With industry best practices. Billions of dollar pumped in
every year. More than $15Billion by Microsoft alone.
11. Top reasons for cloud rush
11
Factors that denote significant impact include a high potential for
disruption to the business, end users or IT, the need for a major
investment, or the risk of being late to adopt.
12. Technical Benefits of Cloud Computing
Automation – “Scriptable infrastructure”- easy DevOps
Auto/ Proactive scaling
Improved Testability: On demand “instant test lab” with pre-configured
environments only for the duration of testing phase.
Easy Disaster Recovery and Business Continuity: Take
advantage of geo-distribution and replicate the environment in other locations
within minutes at much lower TCO.
Out of box Load balancing / Traffic management: “Overflow”
the traffic to the cloud
12
14. Common Cloud Terms
14
Cloud Computing,
Public Cloud,
Private Cloud,
Hybrid cloud, Govt Cloud
Compute, Storage
(Blob/Table/Queue),
Service bus, IoT, Big Data
IaaS, PaaS,
SaaS, DaaS
Elasticity,
Scale up/down/in/out
latency,
availability,
reliability
15. What is cloud computing?
“the practice of using a network of remote servers hosted
on the Internet to store, manage, and process data, rather
than a local server or a personal computer”
“cloud computing relies on sharing of resources to achieve
coherence and economies of scale”
15
The Next Frontier - On Demand Solutions For Your Business
Cloud
Web
Client-Server Computing
Personal Computers
Mainframe
17. Cloud – Enabling technology
Virtualization
An abstraction of an execution environment that can be made
dynamically available to authorized clients by using well-defined
protocols, Resource quota (e.g. CPU, memory share), and Software
configuration (e.g. O/S, provided services)
SOA
Cloud computing adopts concepts from Service-oriented
Architecture (SOA): Composition of services with easy global
access.
17
18. Cloud VMs
18
Hardware
Virtual Machine Monitor (VMM) / Hypervisor
Guest OS
(Linux)
Guest OS
(NetBSD)
Guest OS
(Windows)
VM VM VM
AppApp AppAppApp
Xen
VMWare
UML
Denali
etc.
Performance: Para-virtualization (e.g. Xen) is very close to raw
physical performance!
19. Cloud – Virtualization Advantages
Autonomic computing automates the process through which the user
can provision resources (VMs) on-demand.
Provides the agility required to speed up IT operations
Reduces cost by increasing infrastructure utilization.
By minimizing user involvement, automation speeds up the process,
reduces labor costs and reduces the possibility of human errors.
19
21. Cloud computing shares characteristics with other
computing techniques
Client–server model — request & response
Grid computing — Distributed and parallel computing (super and virtual computer
is composed of a cluster of networked, loosely coupled computers)
Mainframe computer
Utility computing — similar to a traditional public utility, such as electricity
Peer-to-peer — Participants are both suppliers and consumers of resources (in
contrast to the traditional client–server model)
21
22. Essential characteristics for cloud apps
22
National Institute of Standards and Technology's (NIST) identifies "five
essential characteristics"
• On-demand self-service: Manual or Automatic
• Broad network access: Easily available for heterogeneous thin or thick client
platforms (e.g., mobile phones, tablets, laptops, and workstations)
• Resource pooling: Resources are pooled to serve multiple consumers using a
multi-tenant model with different physical and virtual resources dynamically
assigned and reassigned
• Rapid elasticity: Capabilities can be elastically provisioned and released to
scale rapidly outward and inward. Limitless.
• Measured service: Resource usage can be monitored, controlled, and
reported, providing transparency for both the provider and consumer.
24. Security in Cloud (Azure)
Identity and access: WAAD and Multi-Factor Authentication
Encryption and key management: Implement additional encryption and manage
your own keys, Azure Key Vault to manage key.
Network security: Site-to-site VPN (On-premise to Azure migration). Min SSL for
internal comm.
Threat management: Azure offers Microsoft Antimalware for cloud services and
virtual machines
Monitoring, logging, and reporting: Centralized monitoring and analysis systems
that provide continuous visibility and timely alerts
Penetration testing: Microsoft conducts regular penetration testing to improve Azure
security
24
25. Risks with Cloud Computing
Stored or data-in-transit might not be safe
Stored data can be lost
Requires a constant Internet connection
Does not work well with low-speed connections
Can be Slow: Difference of Web vs Desktop app Capabilities
Not easy to switch cloud provider
25
(Nothing Unique, many of these exist for on premise)
26. Options – Leading Cloud services providers
Amazon (AWS-IaaS)
Microsoft (PaaS/IaaS – Azure)
Google (SaaS, PaaS)
VMware (vCloud)
Rackspace (IaaS)
Salesforce.com (SaaS – CRM)
26
Market Share (2014):
• Joyent (3*aaS)
• IBM (Blue Cloud)
• Net Suite (SaaS - SuitCloud)
• 3Tera (CloudWare)
Some of the newcomers in the market are:
• Enomaly (services to cloud providers)
• GoGrid (IaaS)
AWS:
28%
Microsoft
: 10%
IBM: 7%
Google: 5%,
Salesforce:
4%,
Rackspace
3%
Year on year growth (2014):
Microsoft (96%), Google (88%),
Amazon (51%) and IBM (48%)
27. Microsoft’s Azure
since 2010
4 general categories: Build infrastructure, Develop modern
applications, Gain insights from data, and Manage identity and
access
Features: Hybrid app development, Identity management,
auditing, encryption key creation/control/storage, monitoring
and logging, powerful analytics (HDInsight Hadoop framework),
and Apache Storm (data stream processing) and others.
27
28. Azure site – Demo
http://azure.microsoft.com/en-in/
28
29. AWS (Amazon web services)
since 2006
4 core features: Compute, Storage & Content Delivery,
Databases, and Networking
Features: Identity management, auditing, encryption key
creation/control/storage, monitoring and logging, powerful
analytics (Amazon EMR Hadoop framework), and Kinesis (data
stream processing) and others.
29
31. Azure vs AWS Cloud – Feature comparisons
31
Parameter Azure Amazon
Enterprise feature
coverage
75 92
More features 7 of 8 categories
Required feature not in
Azure
18
Capacity 5 times of next 14 cloud
competitors combined
Quality Much better at scale and
public cloud offering
Acceptability Good because of Microsoft
existing relationship with
enterprise customers
More discount
Hybrid Seamless extension of existing
on-premise ops.
Relies on partner
Better at DR 60 day notice for SLA review 30 days
Govt Cloud Azure Government GovCloud
OS Windows/Linux(SUSE & Oracle)
No RedHat (RHEL)
All
35. IaaS/PaaS/SaaS: Business Use cases
35
UseCase?
Dev Model Common business use cases
IaaS Extend on-premise data center infrastructure,
Quickly move existing appln to cloud (Like Legacy apps)
PaaS New development
Redesign
Increased developers productivity and faster time-to-market
SaaS Collaboration software – Email, Office 365
CRM, HR systems
36. Advantages/Disadvantages of PaaS vs IaaS
36
Model Advantage Disadvantage
PaaS Business:
• Low TCO
• Accelerates Innovation
Technical:
• Better/Easier DevOps
• Mitigates Platform Risks
Business:
• Harder Transition to Cloud
Technical:
• Application Portability Issues
• Not as mature as IaaS
• Different Codebases for Cloud and On-
premise
IaaS Business:
• Quick transition to Cloud
Technical:
• Mature ISV Ecosystem
• Complete Control
• Solution Portability
Business:
• Expensive to Operate
• Slows Down Innovation
• Security Risks from Unpatched Servers
Technical:
• Difficult to Maintain Legacy Apps
• Requires Rigorous Processes for Enabling
DevOps
• Requires Rigorous Server Maintenance
Processes