SlideShare a Scribd company logo

Open Source Private Cloud Management with OpenStack and Security Evaluation with Intrusion Detection/ Prevention Systems

Download as PPTX, PDF
XHANI TRUNGU
XHANI TRUNGU

Nowadays, we hear about terms like, cloud computing, cloud architectures, virtualization technologies, cloud management systems, clustering and cloud security systems. By a first glance these terms are a bit vague, and questions arise about what is a cloud, what is virtualization and finally what is clustering.

Technology
1 of 19
Open Source Private Cloud Management with OpenStack and Security Evaluation with Intrusion Detection/Prevention Systems Penetration Testing for Evaluation of Cloud’s Security 05/07/2016 1
Taking a sneak peek on cloud computing definition • Key technology for sharing resources • Web as a space where computing has been preinstalled and exists as a service Data centres, storage, operating systems, applications and processing power ALL shared on the web. 05/07/2016 2
Virtualization in Cloud Systems • Almost complete simulation of the actual Hardware to allow Software to run unmodified • Example: We have a desktop computer with Ubuntu OS and with virtualization technology we can run another Ubuntu OS, inside the Host machine, as a complete fully functional second desktop computer inside ours 05/07/2016 3
How is cloud connected to virtualization? • Easy to understand. Cloud Computing provides: on-demand resources and dynamically Virtualization provides : on-demand resources (you can create a virtual machine whenever you need or delete one) and dynamically (change your resources as you like, example 1) CPU, 2) CPUs, 3) CPUs 05/07/2016 4
Our Project’s Goal ! • Create a Cloud using virtualization Hardware • Specifically Using OpenStack Cloud Management System • Secure our Cloud System with Security software and tools 05/07/2016 5
Architecture of our Cloud System(1) • Initial plan • 3 virtualized OpenStack nodes • 1 OSSEC server monitoring the physical network and servers, plus the virtualized network and servers • Deployment of Fortification/security measures on the physical and virtualized Servers • Testing by means of offense 05/07/2016 6
• OpenStack Networking (Neutron) Architecture • OSSEC server-client architecture 05/07/2016 7
Architecture of our Cloud Systems(2) • Final plan: • 1 virtualized OpenStack node • 1virtualized OSSEC server • Deployment of Fortification/security measures on the physical and virtualized Servers • Testing by means of offense 05/07/2016 8
• DevStack OpenStack Cloud Management Architecture • OSSEC server-client architecture 05/07/2016 9
OSSEC Features • File integrity checking • Log Monitoring • Rootkit Detection • Active Response 05/07/2016 10
OSSEC Compliance Requirements • Detect + Alerts Reasons : • Unauthorized filesystem modifications • Malicious behaviour in log files 05/07/2016 11
Fortification/security measures of servers • SSH configurations for high security • Firewall rules modifications for inbound traffic • Iptables rules modifications • Apache server security hardening with Mod Security • Logwatch for the operating systems • Rkhunter rootkit scanner 05/07/2016 12
Attacking Scenario No.1 • Sqlmap toolset. • This tool focuses primarily on exploiting an SQL database. • The Goal of this test was to check if our Cloud has any vulnerabilities against SQL attack methods, like SQL injections. • Example attack command: • python sqlmap.py -u "http://www.site.com/section.php?id=51" 05/07/2016 13
• The next method of attack is by sqlmap again trying to reach any database entries from the Dashboard (Horizon) • The example command is: • Sqlmap –u “http://192.168.100.50” --db 05/07/2016 14
Attacking Scenario No.2 • THC Hydra toolset • This tool focuses on cracking login information • It supports quite plenty of protocols, such as HTTP, HTTPS, SFTP, SSH (v1 and v2) SSHKEY, POSTGRE and etc. • A first method of attack is by trying to attempt logging in as a root user on an SSH server. • #hydra –l root –P /usr/share/wordlists/metasploit/unix_passwor ds.txt –t 6 ssh://192.168.100.50 05/07/2016 15
Security Evaluation of our Cloud • It endured any attack from the two scenarios. • This means the fortification is quite satisfying • Unfortunately there were not more attacking methods in order to cover a larger area of security issues. The result is : Our Private DevStack Cloud has achieved to stand against threats. GOALS ACHIEVED! 05/07/2016 16
Conclusions • There is no “Best Security Strategy” for a Cloud System. • To secure a Cloud we shall: Be open-minded, adopt and other security products, methods used by others. Fuse our strategy with other existing effective strategies. Bear in mind, one wooden stick can be broken, 20 wooden sticks, will never be broken, or even worse, bend. 05/07/2016 17
Conclusions • Securing the Cloud’s infrastructure is sensible. • Securing the probable Servers hosting Cloud’s components is sensible. • INSENSIBLE would be if only securing one of these two. • Nevertheless, our project scope was to deploy security measures on the Servers of the Cloud. • However, future work, shall be to research, design and deploy the security technologies on the Cloud’s platform. 05/07/2016 18
Conclusions • Final step : Deploy and implement complementary security technologies on the Cloud too. At last, after a lot of effort, it shall be ready for migration to real environment. 05/07/2016 19

Recommended

Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleMajor Hayden
 
OpenStack-Ansible Security
OpenStack-Ansible SecurityOpenStack-Ansible Security
OpenStack-Ansible SecurityMajor Hayden
 
Deploying OpenStack with Ansible
Deploying OpenStack with AnsibleDeploying OpenStack with Ansible
Deploying OpenStack with AnsibleKevin Carter
 
Intro to OpenStack
Intro to OpenStackIntro to OpenStack
Intro to OpenStackdonnieh1
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebula Project
 
Simple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleSimple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleJean-Philippe Evrard
 
Open source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementOpen source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementDyaa El-din Ahmed
 
VIO30 Technical Overview
VIO30 Technical OverviewVIO30 Technical Overview
VIO30 Technical OverviewJulienne Pham
 

Recommended

Flexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleFlexible, simple deployments with OpenStack-Ansible
Flexible, simple deployments with OpenStack-AnsibleMajor Hayden
 
OpenStack-Ansible Security
OpenStack-Ansible SecurityOpenStack-Ansible Security
OpenStack-Ansible SecurityMajor Hayden
 
Deploying OpenStack with Ansible
Deploying OpenStack with AnsibleDeploying OpenStack with Ansible
Deploying OpenStack with AnsibleKevin Carter
 
Intro to OpenStack
Intro to OpenStackIntro to OpenStack
Intro to OpenStackdonnieh1
 
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...
OpenNebulaConf2018 - UCLouvain Case Study: VDI for 37,000 students with OpenN...OpenNebula Project
 
Simple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleSimple flexible deployments with openstack ansible
Simple flexible deployments with openstack ansibleJean-Philippe Evrard
 
Open source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementOpen source integrated infra structure using ansible configuration management
Open source integrated infra structure using ansible configuration managementDyaa El-din Ahmed
 
VIO30 Technical Overview
VIO30 Technical OverviewVIO30 Technical Overview
VIO30 Technical OverviewJulienne Pham
 
The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...
The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...
The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...Cloud Native Day Tel Aviv
 
Mastering OpenStack - Episode 04 - Provisioning and Deployment
Mastering OpenStack - Episode 04 - Provisioning and DeploymentMastering OpenStack - Episode 04 - Provisioning and Deployment
Mastering OpenStack - Episode 04 - Provisioning and DeploymentRoozbeh Shafiee
 
Mastering OpenStack - Episode 09 - Storage Decisions
Mastering OpenStack - Episode 09 - Storage DecisionsMastering OpenStack - Episode 09 - Storage Decisions
Mastering OpenStack - Episode 09 - Storage DecisionsRoozbeh Shafiee
 
Mastering OpenStack - Episode 10 - Storage Decisions
Mastering OpenStack - Episode 10 - Storage DecisionsMastering OpenStack - Episode 10 - Storage Decisions
Mastering OpenStack - Episode 10 - Storage DecisionsRoozbeh Shafiee
 
Define your Future with SUSE
Define your Future with SUSEDefine your Future with SUSE
Define your Future with SUSESUSE
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleMajor Hayden
 
Mastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network DesignMastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network DesignRoozbeh Shafiee
 
SDN Symposium - Cybera
SDN Symposium - CyberaSDN Symposium - Cybera
SDN Symposium - CyberaEdgar Magana
 
Automating hard things may 2015
Automating hard things may 2015Automating hard things may 2015
Automating hard things may 2015Mark Baker
 
CloudStack and the HeartBleed vulnerability
CloudStack and the HeartBleed vulnerabilityCloudStack and the HeartBleed vulnerability
CloudStack and the HeartBleed vulnerabilityJohn Kinsella
 
Dell openstack cloud with inktank ceph – large scale customer deployment
Dell openstack cloud with inktank ceph – large scale customer deploymentDell openstack cloud with inktank ceph – large scale customer deployment
Dell openstack cloud with inktank ceph – large scale customer deploymentKamesh Pemmaraju
 
The Environment for Innovation: Tristan Goode, Aptira
The Environment for Innovation: Tristan Goode, AptiraThe Environment for Innovation: Tristan Goode, Aptira
The Environment for Innovation: Tristan Goode, AptiraOpenStack
 
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITThings You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITOpenStack
 
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final John Zannos
 
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMwareInfrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMwareOpenStack
 
Successfully Deliver and Operate OpenStack in Production with VMware VIO
Successfully Deliver and Operate OpenStack in Production with VMware VIOSuccessfully Deliver and Operate OpenStack in Production with VMware VIO
Successfully Deliver and Operate OpenStack in Production with VMware VIOArraya Solutions
 
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...OpenStack
 
Openstack lab environment Virtualbox (English)
Openstack lab environment Virtualbox (English)Openstack lab environment Virtualbox (English)
Openstack lab environment Virtualbox (English)Abderrahmane TEKFI
 
Xen Project on SUSE OpenStack Cloud
Xen Project on SUSE OpenStack CloudXen Project on SUSE OpenStack Cloud
Xen Project on SUSE OpenStack CloudThe Linux Foundation
 
Cisco deploying openstack with UCS
Cisco deploying openstack with UCSCisco deploying openstack with UCS
Cisco deploying openstack with UCSsolarisyougood
 
Architecture Challenges In Cloud Computing
Architecture Challenges In Cloud ComputingArchitecture Challenges In Cloud Computing
Architecture Challenges In Cloud ComputingIndicThreads
 
Anomaly Detection
Anomaly DetectionAnomaly Detection
Anomaly Detectionguest0edcaf
 

More Related Content

What's hot

The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...
The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...
The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...Cloud Native Day Tel Aviv
 
Mastering OpenStack - Episode 04 - Provisioning and Deployment
Mastering OpenStack - Episode 04 - Provisioning and DeploymentMastering OpenStack - Episode 04 - Provisioning and Deployment
Mastering OpenStack - Episode 04 - Provisioning and DeploymentRoozbeh Shafiee
 
Mastering OpenStack - Episode 09 - Storage Decisions
Mastering OpenStack - Episode 09 - Storage DecisionsMastering OpenStack - Episode 09 - Storage Decisions
Mastering OpenStack - Episode 09 - Storage DecisionsRoozbeh Shafiee
 
Mastering OpenStack - Episode 10 - Storage Decisions
Mastering OpenStack - Episode 10 - Storage DecisionsMastering OpenStack - Episode 10 - Storage Decisions
Mastering OpenStack - Episode 10 - Storage DecisionsRoozbeh Shafiee
 
Define your Future with SUSE
Define your Future with SUSEDefine your Future with SUSE
Define your Future with SUSESUSE
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleMajor Hayden
 
Mastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network DesignMastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network DesignRoozbeh Shafiee
 
SDN Symposium - Cybera
SDN Symposium - CyberaSDN Symposium - Cybera
SDN Symposium - CyberaEdgar Magana
 
Automating hard things may 2015
Automating hard things may 2015Automating hard things may 2015
Automating hard things may 2015Mark Baker
 
CloudStack and the HeartBleed vulnerability
CloudStack and the HeartBleed vulnerabilityCloudStack and the HeartBleed vulnerability
CloudStack and the HeartBleed vulnerabilityJohn Kinsella
 
Dell openstack cloud with inktank ceph – large scale customer deployment
Dell openstack cloud with inktank ceph – large scale customer deploymentDell openstack cloud with inktank ceph – large scale customer deployment
Dell openstack cloud with inktank ceph – large scale customer deploymentKamesh Pemmaraju
 
The Environment for Innovation: Tristan Goode, Aptira
The Environment for Innovation: Tristan Goode, AptiraThe Environment for Innovation: Tristan Goode, Aptira
The Environment for Innovation: Tristan Goode, AptiraOpenStack
 
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITThings You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITOpenStack
 
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final John Zannos
 
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMwareInfrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMwareOpenStack
 
Successfully Deliver and Operate OpenStack in Production with VMware VIO
Successfully Deliver and Operate OpenStack in Production with VMware VIOSuccessfully Deliver and Operate OpenStack in Production with VMware VIO
Successfully Deliver and Operate OpenStack in Production with VMware VIOArraya Solutions
 
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...OpenStack
 
Openstack lab environment Virtualbox (English)
Openstack lab environment Virtualbox (English)Openstack lab environment Virtualbox (English)
Openstack lab environment Virtualbox (English)Abderrahmane TEKFI
 
Xen Project on SUSE OpenStack Cloud
Xen Project on SUSE OpenStack CloudXen Project on SUSE OpenStack Cloud
Xen Project on SUSE OpenStack CloudThe Linux Foundation
 
Cisco deploying openstack with UCS
Cisco deploying openstack with UCSCisco deploying openstack with UCS
Cisco deploying openstack with UCSsolarisyougood
 

What's hot (20)

The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...
The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...
The Ubuntu OpenStack interoperability lab - Proven integration testing Nicola...
 
Mastering OpenStack - Episode 04 - Provisioning and Deployment
Mastering OpenStack - Episode 04 - Provisioning and DeploymentMastering OpenStack - Episode 04 - Provisioning and Deployment
Mastering OpenStack - Episode 04 - Provisioning and Deployment
 
Mastering OpenStack - Episode 09 - Storage Decisions
Mastering OpenStack - Episode 09 - Storage DecisionsMastering OpenStack - Episode 09 - Storage Decisions
Mastering OpenStack - Episode 09 - Storage Decisions
 
Mastering OpenStack - Episode 10 - Storage Decisions
Mastering OpenStack - Episode 10 - Storage DecisionsMastering OpenStack - Episode 10 - Storage Decisions
Mastering OpenStack - Episode 10 - Storage Decisions
 
Define your Future with SUSE
Define your Future with SUSEDefine your Future with SUSE
Define your Future with SUSE
 
Securing OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with AnsibleSecuring OpenStack and Beyond with Ansible
Securing OpenStack and Beyond with Ansible
 
Mastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network DesignMastering OpenStack - Episode 15 - Network Design
Mastering OpenStack - Episode 15 - Network Design
 
SDN Symposium - Cybera
SDN Symposium - CyberaSDN Symposium - Cybera
SDN Symposium - Cybera
 
Automating hard things may 2015
Automating hard things may 2015Automating hard things may 2015
Automating hard things may 2015
 
CloudStack and the HeartBleed vulnerability
CloudStack and the HeartBleed vulnerabilityCloudStack and the HeartBleed vulnerability
CloudStack and the HeartBleed vulnerability
 
Dell openstack cloud with inktank ceph – large scale customer deployment
Dell openstack cloud with inktank ceph – large scale customer deploymentDell openstack cloud with inktank ceph – large scale customer deployment
Dell openstack cloud with inktank ceph – large scale customer deployment
 
The Environment for Innovation: Tristan Goode, Aptira
The Environment for Innovation: Tristan Goode, AptiraThe Environment for Innovation: Tristan Goode, Aptira
The Environment for Innovation: Tristan Goode, Aptira
 
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst ITThings You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
Things You MUST Know Before Deploying OpenStack: Bruno Lago, Catalyst IT
 
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final
OpenStack Benelux - Cloud, OpenStack and a Market In Motion - Sept 2015final
 
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMwareInfrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
Infrastructure as Code 101: Steve Tegeler + Nathan Ness, VMware
 
Successfully Deliver and Operate OpenStack in Production with VMware VIO
Successfully Deliver and Operate OpenStack in Production with VMware VIOSuccessfully Deliver and Operate OpenStack in Production with VMware VIO
Successfully Deliver and Operate OpenStack in Production with VMware VIO
 
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...
The 'Untold' OpenStack Enterprise Customer Stories: Anthony Rees & Alex Tesch...
 
Openstack lab environment Virtualbox (English)
Openstack lab environment Virtualbox (English)Openstack lab environment Virtualbox (English)
Openstack lab environment Virtualbox (English)
 
Xen Project on SUSE OpenStack Cloud
Xen Project on SUSE OpenStack CloudXen Project on SUSE OpenStack Cloud
Xen Project on SUSE OpenStack Cloud
 
Cisco deploying openstack with UCS
Cisco deploying openstack with UCSCisco deploying openstack with UCS
Cisco deploying openstack with UCS
 

Viewers also liked

Architecture Challenges In Cloud Computing
Architecture Challenges In Cloud ComputingArchitecture Challenges In Cloud Computing
Architecture Challenges In Cloud ComputingIndicThreads
 
Anomaly Detection
Anomaly DetectionAnomaly Detection
Anomaly Detectionguest0edcaf
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningPritesh Ranjan
 
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Amazon Web Services
 
Network Functions Virtualization – Our Strategy
Network Functions Virtualization – Our StrategyNetwork Functions Virtualization – Our Strategy
Network Functions Virtualization – Our StrategyADVA
 
Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...
Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...
Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...Ahmed kasim
 
FIne Grain Multithreading
FIne Grain MultithreadingFIne Grain Multithreading
FIne Grain MultithreadingDharmesh Tank
 
Update Your Disaster Recovery Plans with Virtualization
Update Your Disaster Recovery Plans with VirtualizationUpdate Your Disaster Recovery Plans with Virtualization
Update Your Disaster Recovery Plans with VirtualizationJason Dea
 
Disaster recovery and the cloud
Disaster recovery and the cloudDisaster recovery and the cloud
Disaster recovery and the cloudJason Dea
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Cleverence Kombe
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple pptAgarwaljay
 

Viewers also liked (12)

Architecture Challenges In Cloud Computing
Architecture Challenges In Cloud ComputingArchitecture Challenges In Cloud Computing
Architecture Challenges In Cloud Computing
 
Anomaly Detection
Anomaly DetectionAnomaly Detection
Anomaly Detection
 
Analysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data MiningAnalysis and Design for Intrusion Detection System Based on Data Mining
Analysis and Design for Intrusion Detection System Based on Data Mining
 
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
Intrusion Detection in the Cloud (SEC402) | AWS re:Invent 2013
 
Network Functions Virtualization – Our Strategy
Network Functions Virtualization – Our StrategyNetwork Functions Virtualization – Our Strategy
Network Functions Virtualization – Our Strategy
 
Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...
Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...
Multithreading: Exploiting Thread-Level Parallelism to Improve Uniprocessor ...
 
FIne Grain Multithreading
FIne Grain MultithreadingFIne Grain Multithreading
FIne Grain Multithreading
 
Update Your Disaster Recovery Plans with Virtualization
Update Your Disaster Recovery Plans with VirtualizationUpdate Your Disaster Recovery Plans with Virtualization
Update Your Disaster Recovery Plans with Virtualization
 
Disaster recovery and the cloud
Disaster recovery and the cloudDisaster recovery and the cloud
Disaster recovery and the cloud
 
Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems Intrusion Detection Systems and Intrusion Prevention Systems
Intrusion Detection Systems and Intrusion Prevention Systems
 
Lisa14
Lisa14Lisa14
Lisa14
 
Cloud computing simple ppt
Cloud computing simple pptCloud computing simple ppt
Cloud computing simple ppt
 

Similar to Open Source Private Cloud Management with OpenStack and Security Evaluation with Intrusion Detection/ Prevention Systems

Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansPeter Clapham
 
HPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journeyHPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journeyPeter Clapham
 
What is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - KangarootWhat is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - KangarootKangaroot
 
An Evaluation of OpenStack Deployment Frameworks
An Evaluation of OpenStack Deployment FrameworksAn Evaluation of OpenStack Deployment Frameworks
An Evaluation of OpenStack Deployment Frameworksshane_gibson
 
OpenStack Enabling DevOps
OpenStack Enabling DevOpsOpenStack Enabling DevOps
OpenStack Enabling DevOpsCisco DevNet
 
Openstack components as containerized microservices
Openstack components as containerized microservicesOpenstack components as containerized microservices
Openstack components as containerized microservicesMiguel Zuniga
 
Storage as a service and OpenStack Cinder
Storage as a service and OpenStack CinderStorage as a service and OpenStack Cinder
Storage as a service and OpenStack Cinderopenstackindia
 
Open stack
Open stackOpen stack
Open stacksvm
 
Utilizing Public AND Private Clouds with Bright Cluster Manager
Utilizing Public AND Private Clouds with Bright Cluster ManagerUtilizing Public AND Private Clouds with Bright Cluster Manager
Utilizing Public AND Private Clouds with Bright Cluster ManagerIan Lumb
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsSalman Baset
 
OpenStack 101 - All Things Open 2015
OpenStack 101 - All Things Open 2015OpenStack 101 - All Things Open 2015
OpenStack 101 - All Things Open 2015Mark Voelker
 
Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014Miguel Zuniga
 
The Unbearable Lightness of Ephemeral Processing
The Unbearable Lightness of Ephemeral ProcessingThe Unbearable Lightness of Ephemeral Processing
The Unbearable Lightness of Ephemeral ProcessingDataWorks Summit
 
StarlingX - Project Onboarding
StarlingX - Project OnboardingStarlingX - Project Onboarding
StarlingX - Project OnboardingShuquan Huang
 
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference... Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...Rahul Krishna Upadhyaya
 

Similar to Open Source Private Cloud Management with OpenStack and Security Evaluation with Intrusion Detection/ Prevention Systems (20)

Sanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticiansSanger, upcoming Openstack for Bio-informaticians
Sanger, upcoming Openstack for Bio-informaticians
 
Flexible compute
Flexible computeFlexible compute
Flexible compute
 
Container Security
Container SecurityContainer Security
Container Security
 
HPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journeyHPC and cloud distributed computing, as a journey
HPC and cloud distributed computing, as a journey
 
What is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - KangarootWhat is the OpenStack Platform? By Peter Dens - Kangaroot
What is the OpenStack Platform? By Peter Dens - Kangaroot
 
An Evaluation of OpenStack Deployment Frameworks
An Evaluation of OpenStack Deployment FrameworksAn Evaluation of OpenStack Deployment Frameworks
An Evaluation of OpenStack Deployment Frameworks
 
OpenStack Enabling DevOps
OpenStack Enabling DevOpsOpenStack Enabling DevOps
OpenStack Enabling DevOps
 
Openstack components as containerized microservices
Openstack components as containerized microservicesOpenstack components as containerized microservices
Openstack components as containerized microservices
 
Storage as a service and OpenStack Cinder
Storage as a service and OpenStack CinderStorage as a service and OpenStack Cinder
Storage as a service and OpenStack Cinder
 
Open stack
Open stackOpen stack
Open stack
 
Utilizing Public AND Private Clouds with Bright Cluster Manager
Utilizing Public AND Private Clouds with Bright Cluster ManagerUtilizing Public AND Private Clouds with Bright Cluster Manager
Utilizing Public AND Private Clouds with Bright Cluster Manager
 
A Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container PlatformsA Survey of Container Security in 2016: A Security Update on Container Platforms
A Survey of Container Security in 2016: A Security Update on Container Platforms
 
Openstack 101
Openstack 101Openstack 101
Openstack 101
 
OpenStack 101
OpenStack 101OpenStack 101
OpenStack 101
 
OpenStack 101 - All Things Open 2015
OpenStack 101 - All Things Open 2015OpenStack 101 - All Things Open 2015
OpenStack 101 - All Things Open 2015
 
Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014Private cloud cloud-phoenix-april-2014
Private cloud cloud-phoenix-april-2014
 
The Unbearable Lightness of Ephemeral Processing
The Unbearable Lightness of Ephemeral ProcessingThe Unbearable Lightness of Ephemeral Processing
The Unbearable Lightness of Ephemeral Processing
 
StarlingX - Project Onboarding
StarlingX - Project OnboardingStarlingX - Project Onboarding
StarlingX - Project Onboarding
 
Opensource tools for OpenStack IAAS
Opensource tools for OpenStack IAASOpensource tools for OpenStack IAAS
Opensource tools for OpenStack IAAS
 
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference... Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
Openstack - An introduction/Installation - Presented at Dr Dobb's conference...
 

Recently uploaded

SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...Fwdays
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsPrecisely
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 

Recently uploaded (20)

SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks..."LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
"LLMs for Python Engineers: Advanced Data Analysis and Semantic Kernel",Oleks...
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
Unlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power SystemsUnlocking the Potential of the Cloud for IBM Power Systems
Unlocking the Potential of the Cloud for IBM Power Systems
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 

Open Source Private Cloud Management with OpenStack and Security Evaluation with Intrusion Detection/ Prevention Systems

  • 1. Open Source Private Cloud Management with OpenStack and Security Evaluation with Intrusion Detection/Prevention Systems Penetration Testing for Evaluation of Cloud’s Security 05/07/2016 1
  • 2. Taking a sneak peek on cloud computing definition • Key technology for sharing resources • Web as a space where computing has been preinstalled and exists as a service Data centres, storage, operating systems, applications and processing power ALL shared on the web. 05/07/2016 2
  • 3. Virtualization in Cloud Systems • Almost complete simulation of the actual Hardware to allow Software to run unmodified • Example: We have a desktop computer with Ubuntu OS and with virtualization technology we can run another Ubuntu OS, inside the Host machine, as a complete fully functional second desktop computer inside ours 05/07/2016 3
  • 4. How is cloud connected to virtualization? • Easy to understand. Cloud Computing provides: on-demand resources and dynamically Virtualization provides : on-demand resources (you can create a virtual machine whenever you need or delete one) and dynamically (change your resources as you like, example 1) CPU, 2) CPUs, 3) CPUs 05/07/2016 4
  • 5. Our Project’s Goal ! • Create a Cloud using virtualization Hardware • Specifically Using OpenStack Cloud Management System • Secure our Cloud System with Security software and tools 05/07/2016 5
  • 6. Architecture of our Cloud System(1) • Initial plan • 3 virtualized OpenStack nodes • 1 OSSEC server monitoring the physical network and servers, plus the virtualized network and servers • Deployment of Fortification/security measures on the physical and virtualized Servers • Testing by means of offense 05/07/2016 6
  • 7. • OpenStack Networking (Neutron) Architecture • OSSEC server-client architecture 05/07/2016 7
  • 8. Architecture of our Cloud Systems(2) • Final plan: • 1 virtualized OpenStack node • 1virtualized OSSEC server • Deployment of Fortification/security measures on the physical and virtualized Servers • Testing by means of offense 05/07/2016 8
  • 9. • DevStack OpenStack Cloud Management Architecture • OSSEC server-client architecture 05/07/2016 9
  • 10. OSSEC Features • File integrity checking • Log Monitoring • Rootkit Detection • Active Response 05/07/2016 10
  • 11. OSSEC Compliance Requirements • Detect + Alerts Reasons : • Unauthorized filesystem modifications • Malicious behaviour in log files 05/07/2016 11
  • 12. Fortification/security measures of servers • SSH configurations for high security • Firewall rules modifications for inbound traffic • Iptables rules modifications • Apache server security hardening with Mod Security • Logwatch for the operating systems • Rkhunter rootkit scanner 05/07/2016 12
  • 13. Attacking Scenario No.1 • Sqlmap toolset. • This tool focuses primarily on exploiting an SQL database. • The Goal of this test was to check if our Cloud has any vulnerabilities against SQL attack methods, like SQL injections. • Example attack command: • python sqlmap.py -u "http://www.site.com/section.php?id=51" 05/07/2016 13
  • 14. • The next method of attack is by sqlmap again trying to reach any database entries from the Dashboard (Horizon) • The example command is: • Sqlmap –u “http://192.168.100.50” --db 05/07/2016 14
  • 15. Attacking Scenario No.2 • THC Hydra toolset • This tool focuses on cracking login information • It supports quite plenty of protocols, such as HTTP, HTTPS, SFTP, SSH (v1 and v2) SSHKEY, POSTGRE and etc. • A first method of attack is by trying to attempt logging in as a root user on an SSH server. • #hydra –l root –P /usr/share/wordlists/metasploit/unix_passwor ds.txt –t 6 ssh://192.168.100.50 05/07/2016 15
  • 16. Security Evaluation of our Cloud • It endured any attack from the two scenarios. • This means the fortification is quite satisfying • Unfortunately there were not more attacking methods in order to cover a larger area of security issues. The result is : Our Private DevStack Cloud has achieved to stand against threats. GOALS ACHIEVED! 05/07/2016 16
  • 17. Conclusions • There is no “Best Security Strategy” for a Cloud System. • To secure a Cloud we shall: Be open-minded, adopt and other security products, methods used by others. Fuse our strategy with other existing effective strategies. Bear in mind, one wooden stick can be broken, 20 wooden sticks, will never be broken, or even worse, bend. 05/07/2016 17
  • 18. Conclusions • Securing the Cloud’s infrastructure is sensible. • Securing the probable Servers hosting Cloud’s components is sensible. • INSENSIBLE would be if only securing one of these two. • Nevertheless, our project scope was to deploy security measures on the Servers of the Cloud. • However, future work, shall be to research, design and deploy the security technologies on the Cloud’s platform. 05/07/2016 18
  • 19. Conclusions • Final step : Deploy and implement complementary security technologies on the Cloud too. At last, after a lot of effort, it shall be ready for migration to real environment. 05/07/2016 19