Introduction to AWS VPC, Guidelines, and Best PracticesGary Silverman
I crafted this presentation for the AWS Chicago Meetup. This deck covers the rationale, building blocks, guidelines, and several best practices for Amazon Web Services Virtual Private Cloud. I classify it as a somewhere between a 101 and 201 level presentation.
If you like the presentation, I would appreciate you clicking the Like button.
AWS 환경에서 Dell Technologies 데이터 보호 솔루션을 활용한 데이터 보호 방안 - 정진환 이사, Dell EMC :: AW...Amazon Web Services Korea
스폰서 발표 세션 | AWS 환경에서 Dell Technologies 데이터 보호 솔루션을 활용한 데이터 보호 방안
정진환 이사, Dell EMC
본 세션에서는 AWS 환경에서 운용하고 있는 주요 서비스에 대해 Dell Technologies의 데이터 보호 솔루션을 활용하여 데이터를 보호하는 방법과 온프레미스 환경에서 운용하고 있는 주요 가상화 시스템을 AWS 환경으로 손쉽게 DR 환경을 구축할 수 있는 방법을 살펴봅니다. 또한 고객의 장기 보관 데이터를 AWS 환경으로 비용 효율적으로 보관하는 솔루션에 대해서 살펴봅니다.
In this session, we walk through the fundamentals of Amazon VPC. First, we cover build-out and design fundamentals for VPCs, including picking your IP space, subnetting, routing, security, NAT, and much more. We then transition to different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision makers interested in understanding the building blocks that AWS makes available with Amazon VPC. Learn how you can connect VPCs with your offices and current data center footprint.
This webinar discussed the use of the AWS Cloud as a disaster recovery (DR) environment. It also explored how the architectural approaches to DR in the AWS Cloud makes DR and BCP a great scenario for familiarising yourself with AWS before moving on to production application deployments in the cloud.
- 동영상 보기: https://www.youtube.com/watch?v=Rq4I57eqIp4
Amazon RDS 프록시는 Amazon Relational Database Service (RDS)를 위한 완전 관리형 고가용성 데이터베이스 프록시로, 애플리케이션의 확장 성, 데이터베이스 장애에 대한 탄력성 및 보안 성을 향상시킬 수 있습니다. (2020년 6월 서울 리전 출시)
영상 다시보기: https://youtu.be/aoQOqhVtdGo
기존 온-프레미스 환경에서 운영 중인 서버들을 AWS 클라우드로 옮겨오기 위한 방법은 무엇일까요? 본 세션에서는 리눅스 서버, 윈도우 서버 그리고 VMWare 등에서 운영되는 기존 서버의 클라우드 이전 방법을 소개합니다. 이를 통해 AWS의 기업 고객이 대량 마이그레이션을 진행했는지 고객 사례도 함께 공유합니다. 뿐만 아니라 VMware on AWS 및 AWS Outpost 같은 하이브리드 옵션을 통해 클라우드 도입을 가속화 하는 신규 서비스 동향도 살펴봅니다.
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Amazon Web Services
Most modern businesses depend on a portfolio of technology solutions to operate and be successful every day. How do you know whether your team is following best practices or what the risks are in your architectures? This session shows how the AWS Well-Architected Framework provides prescriptive advice on best practices and how the AWS Well-Architected Tool enables you to measure and improve your technology portfolio. We explain how other customers are using AWS Well-Architected in their businesses, and we share what we learned from reviewing tens of thousands of architectures across operational excellence, security, reliability, performance efficiency, and cost optimization.
Introduction to AWS VPC, Guidelines, and Best PracticesGary Silverman
I crafted this presentation for the AWS Chicago Meetup. This deck covers the rationale, building blocks, guidelines, and several best practices for Amazon Web Services Virtual Private Cloud. I classify it as a somewhere between a 101 and 201 level presentation.
If you like the presentation, I would appreciate you clicking the Like button.
AWS 환경에서 Dell Technologies 데이터 보호 솔루션을 활용한 데이터 보호 방안 - 정진환 이사, Dell EMC :: AW...Amazon Web Services Korea
스폰서 발표 세션 | AWS 환경에서 Dell Technologies 데이터 보호 솔루션을 활용한 데이터 보호 방안
정진환 이사, Dell EMC
본 세션에서는 AWS 환경에서 운용하고 있는 주요 서비스에 대해 Dell Technologies의 데이터 보호 솔루션을 활용하여 데이터를 보호하는 방법과 온프레미스 환경에서 운용하고 있는 주요 가상화 시스템을 AWS 환경으로 손쉽게 DR 환경을 구축할 수 있는 방법을 살펴봅니다. 또한 고객의 장기 보관 데이터를 AWS 환경으로 비용 효율적으로 보관하는 솔루션에 대해서 살펴봅니다.
In this session, we walk through the fundamentals of Amazon VPC. First, we cover build-out and design fundamentals for VPCs, including picking your IP space, subnetting, routing, security, NAT, and much more. We then transition to different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision makers interested in understanding the building blocks that AWS makes available with Amazon VPC. Learn how you can connect VPCs with your offices and current data center footprint.
This webinar discussed the use of the AWS Cloud as a disaster recovery (DR) environment. It also explored how the architectural approaches to DR in the AWS Cloud makes DR and BCP a great scenario for familiarising yourself with AWS before moving on to production application deployments in the cloud.
- 동영상 보기: https://www.youtube.com/watch?v=Rq4I57eqIp4
Amazon RDS 프록시는 Amazon Relational Database Service (RDS)를 위한 완전 관리형 고가용성 데이터베이스 프록시로, 애플리케이션의 확장 성, 데이터베이스 장애에 대한 탄력성 및 보안 성을 향상시킬 수 있습니다. (2020년 6월 서울 리전 출시)
영상 다시보기: https://youtu.be/aoQOqhVtdGo
기존 온-프레미스 환경에서 운영 중인 서버들을 AWS 클라우드로 옮겨오기 위한 방법은 무엇일까요? 본 세션에서는 리눅스 서버, 윈도우 서버 그리고 VMWare 등에서 운영되는 기존 서버의 클라우드 이전 방법을 소개합니다. 이를 통해 AWS의 기업 고객이 대량 마이그레이션을 진행했는지 고객 사례도 함께 공유합니다. 뿐만 아니라 VMware on AWS 및 AWS Outpost 같은 하이브리드 옵션을 통해 클라우드 도입을 가속화 하는 신규 서비스 동향도 살펴봅니다.
Introduction to the Well-Architected Framework and Tool - SVC208 - Anaheim AW...Amazon Web Services
Most modern businesses depend on a portfolio of technology solutions to operate and be successful every day. How do you know whether your team is following best practices or what the risks are in your architectures? This session shows how the AWS Well-Architected Framework provides prescriptive advice on best practices and how the AWS Well-Architected Tool enables you to measure and improve your technology portfolio. We explain how other customers are using AWS Well-Architected in their businesses, and we share what we learned from reviewing tens of thousands of architectures across operational excellence, security, reliability, performance efficiency, and cost optimization.
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016Amazon Web Services
Amazon Web Services (AWS) provides on-demand computing resources and services in the cloud, with pay-as-you-go pricing. This session provides an overview and describes how using AWS resources instead of your own is like purchasing electricity from a power company instead of running your own generator. Using AWS resources provides many of the same benefits as a public utility: Capacity exactly matches your need, you pay only for what you use, economies of scale result in lower costs, and the service is provided by a vendor experienced in running large-scale networks. A high-level overview of AWS’s infrastructure (such as AWS Regions and Availability Zones) and AWS services is provided as part of this session.
대규모 온프레미스 하둡 마이그레이션을 위한 실행 전략과 최적화 방안 소개-유철민, AWS Data Architect / 박성열,AWS Pr...Amazon Web Services Korea
빅데이터 분석을 위해 온프레미스 환경에서 대규모 하둡 클러스터를 운영하고 있는 고객은 매우 많습니다. 하지만 고객은 최근 관리 및 운영, 비용 등 다양한 어려움을 겪고 있으며, 이를 극복하기 위한 클라우드 전환을 적극적으로 검토하고 있습니다. 온프레미스 하둡을 클라우드 기반으로 마이그레이션 하기 위해 세워야 할 전략과 고려사항, 최적화를 위한 다양한 기법과 비용/성능 최적의 클러스터 구성 방안, 더 나아가서 TCO를 최적화하기 위한 구체적인 방안을 본 세션을 통해 소개드립니다.
by Michael St. Onge, Global Cloud Security Architect, AWS
Join us for this hands-on lab where you will learn about the new service Amazon GuardDuty by walking through its capabilities and some real-world attack scenarios. You will need an AWS account to do the lab. This should be your own personal account and not an account through your company given the activity in the lab. AWS Credits will be provided to help cover any costs incurred in the lab. Level 300
Intended for customers who have (or will have) thousands of instances on AWS, this session is about reducing the complexity of managing costs for these large fleets so they run efficiently. Attendees will learn about common roadblocks that prevent large customers from cost optimizing, tools they can use to efficiently remove those roadblocks, and techniques to monitor their rate of cost optimization. The session will include a case study that will talk in detail about the millions of dollars saved using these techniques. Customers will learn about a range of templates they can use to quickly implement these techniques, and also partners who can help them implement these templates.
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. In this talk, we discuss advanced tasks in Amazon VPC, including the implementation of Amazon VPC peering, the creation of multiple network zones, the establishment of private connections, and the use of multiple routing tables. We also provide information for current Amazon EC2-Classic network customers and help you prepare to adopt Amazon VPC.
Speakers:
Steve Seymour, AWS Solutions Architect
Eamonn O'Neill, Director, Lemongrass Consulting
Jackie Wong, Head of Networks, Financial Times
In the event of a disaster, you need to be able to recover lost data quickly to ensure business continuity. For critical applications, keeping your time to recover and data loss to a minimum and optimizing your overall capital expense can be challenging. This session presents AWS features and services along with disaster recovery architectures that you can leverage when building highly available and disaster-resilient strategies.
YouTube Link: https://youtu.be/9HsEMyKrlnw
**AWS Certification Training: https://www.edureka.co/cloudcomputing **
This "AWS S3 Tutorial for Beginners" PPT by Edureka will help you understand one of the most popular storage service, Amazon S3, and related concepts in detail. Following are the offerings of this PPT:
1. AWS Storage Services
2. What is AWS S3?
3. Buckets & Objects
4. Versioning & Cross Region Replication
5. Transfer Acceleration
6. S3 Demo and Use Case
Follow us to never miss an update in the future.
YouTube: https://www.youtube.com/user/edurekaIN
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Castbox: https://castbox.fm/networks/505?country=in
In this session, we first cover build-out and design fundamentals for VPCs, including selecting your IP space, subnetting, routing, security, and more. We then discuss different approaches and scenarios for connecting your VPC to your data center with AWS VPN or AWS Direct Connect. Throughout this presentation, we discuss our latest networking services and updates, including AWS Transit Gateway and AWS PrivateLink. This mid-level architecture discussion is for architects, network administrators, and technology decision makers interested in understanding the building blocks that AWS makes available with Amazon VPC. Learn how to connect VPCs with your offices and data center footprint.
발표자: 이정훈 솔루션즈 아키텍트, AWS / 이상규 솔루션즈 아키텍트, AWS / 현륜식 솔루션즈 아키텍트, AWS / 강동환 솔루션즈 아키텍트, AWS
Part 1 : Cloud 로의 전환
Cloud로 전환하는 과정에서 검토되는 Windows 서버 운영 및 Cloud Endure에 대한 기본 개념 등을 소개합니다.
Part 2 : SAP 에 대한 고민
본 세션에서는 기업들이 가지고 있는 SAP 가치를 극대화하고 비용절감 및 업무자동화를 실천하는 방법에 대해 소개합니다
Part 3 : 백업 및 복구
기업들이 가지고 있는 데이터 통합관리 및 재해복구 방안, 그리고 데이터 내구성을 확보하고 비용절감하는 방안에 대해 소개합니다.
Part 4 : 하이브리드 클라우드 아키텍처
하이브리드 클라우드 아키텍처를 제시하고, VMware Cloud on AWS, Outposts와 같은 고객의 On-Premise 환경과 밀접한 관련이 있는 제품 및 서비스를 알아봅니다.
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Amazon Web Services
Learning Objectives:
- Learn how to secure your web applications
- Learn how to configure AWS Shield and AWS WAF
- Learn how to defend the most common Layer 7 attacks
Distributed denial of service (DDoS) and other web attacks can affect your application’s availability, compromise its security, and consume excessive resources. AWS Shield and AWS Web Application Firewall (WAF) help secure your applications from these types of attacks. AWS Shield is a managed DDoS protection service that offers always-on detection and automatic inline mitigation to minimize application downtime and latency. AWS WAF is a web application firewall that helps protect your applications from common web exploits such as SQLi, XSS, and botnets. This introductory tech talk will provide you an overview and demonstration of these services.
AWS 네트워크 보안을 위한 계층별 보안 구성 모범 사례 – 조이정, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집Amazon Web Services Korea
* 발표 동영상: https://youtu.be/r84IuPv_4TI
AWS 서비스 환경을 대상으로 하는 각종 보안 위협에 대응하기 위해 인터넷에서 유입되는 트래픽에 대한 안전한 보호와 VPC 내부에서 발생할 수 있는 다양한 네트워크 트래픽을 보다 효율적이고 안전하게 보호할 수 있는 네트워크 보안 구성 방안과 모범 사례에 대해 소개합니다.
This session is for anyone interested in understanding the financial costs associated with migrating workloads to AWS. By presenting real cases from AWS Professional Services and directly from a customer, we explore how to measure value, improve the economics of a migration project, and manage migration costs and expectations through large-scale IT transformations. We’ll also look at automation tooling that can further assist and accelerate the migration process.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útokyVladimir Simek
DDoS a další webové útoky (XSS, SQL injection) vedené na vaši infrastrukturu mohou negativně ovlivnit dostupnost vašich aplikací, ohrozit jejich bezpečnost a zvyšovat vaše náklady. Jestli se zajímáte o ochranu webových aplikací, sledujte další díl našeho Česko-Slovenského AWS webináře a dozvíte se víc o doporučených postupech i tom, jak používat služby Amazon CloudFront, AWS WAF, AWS Firewall Manager a AWS Shield.
In this session, we will explore common use cases for (server based or generally load balanced) workloads in AWS and how they compare with the on-prem deployment patterns. you will learn the architectural patterns and line of thinking for deploying security perimeters and segmentation across a multiple account/vpc strategy, Edge security. also, you how you can make sure the pattern you develop will be applied uniformly across your current and future environments.
Introduction to AWS Cloud Computing | AWS Public Sector Summit 2016Amazon Web Services
Amazon Web Services (AWS) provides on-demand computing resources and services in the cloud, with pay-as-you-go pricing. This session provides an overview and describes how using AWS resources instead of your own is like purchasing electricity from a power company instead of running your own generator. Using AWS resources provides many of the same benefits as a public utility: Capacity exactly matches your need, you pay only for what you use, economies of scale result in lower costs, and the service is provided by a vendor experienced in running large-scale networks. A high-level overview of AWS’s infrastructure (such as AWS Regions and Availability Zones) and AWS services is provided as part of this session.
대규모 온프레미스 하둡 마이그레이션을 위한 실행 전략과 최적화 방안 소개-유철민, AWS Data Architect / 박성열,AWS Pr...Amazon Web Services Korea
빅데이터 분석을 위해 온프레미스 환경에서 대규모 하둡 클러스터를 운영하고 있는 고객은 매우 많습니다. 하지만 고객은 최근 관리 및 운영, 비용 등 다양한 어려움을 겪고 있으며, 이를 극복하기 위한 클라우드 전환을 적극적으로 검토하고 있습니다. 온프레미스 하둡을 클라우드 기반으로 마이그레이션 하기 위해 세워야 할 전략과 고려사항, 최적화를 위한 다양한 기법과 비용/성능 최적의 클러스터 구성 방안, 더 나아가서 TCO를 최적화하기 위한 구체적인 방안을 본 세션을 통해 소개드립니다.
by Michael St. Onge, Global Cloud Security Architect, AWS
Join us for this hands-on lab where you will learn about the new service Amazon GuardDuty by walking through its capabilities and some real-world attack scenarios. You will need an AWS account to do the lab. This should be your own personal account and not an account through your company given the activity in the lab. AWS Credits will be provided to help cover any costs incurred in the lab. Level 300
Intended for customers who have (or will have) thousands of instances on AWS, this session is about reducing the complexity of managing costs for these large fleets so they run efficiently. Attendees will learn about common roadblocks that prevent large customers from cost optimizing, tools they can use to efficiently remove those roadblocks, and techniques to monitor their rate of cost optimization. The session will include a case study that will talk in detail about the millions of dollars saved using these techniques. Customers will learn about a range of templates they can use to quickly implement these techniques, and also partners who can help them implement these templates.
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. In this talk, we discuss advanced tasks in Amazon VPC, including the implementation of Amazon VPC peering, the creation of multiple network zones, the establishment of private connections, and the use of multiple routing tables. We also provide information for current Amazon EC2-Classic network customers and help you prepare to adopt Amazon VPC.
Speakers:
Steve Seymour, AWS Solutions Architect
Eamonn O'Neill, Director, Lemongrass Consulting
Jackie Wong, Head of Networks, Financial Times
In the event of a disaster, you need to be able to recover lost data quickly to ensure business continuity. For critical applications, keeping your time to recover and data loss to a minimum and optimizing your overall capital expense can be challenging. This session presents AWS features and services along with disaster recovery architectures that you can leverage when building highly available and disaster-resilient strategies.
YouTube Link: https://youtu.be/9HsEMyKrlnw
**AWS Certification Training: https://www.edureka.co/cloudcomputing **
This "AWS S3 Tutorial for Beginners" PPT by Edureka will help you understand one of the most popular storage service, Amazon S3, and related concepts in detail. Following are the offerings of this PPT:
1. AWS Storage Services
2. What is AWS S3?
3. Buckets & Objects
4. Versioning & Cross Region Replication
5. Transfer Acceleration
6. S3 Demo and Use Case
Follow us to never miss an update in the future.
YouTube: https://www.youtube.com/user/edurekaIN
Instagram: https://www.instagram.com/edureka_learning/
Facebook: https://www.facebook.com/edurekaIN/
Twitter: https://twitter.com/edurekain
LinkedIn: https://www.linkedin.com/company/edureka
Castbox: https://castbox.fm/networks/505?country=in
In this session, we first cover build-out and design fundamentals for VPCs, including selecting your IP space, subnetting, routing, security, and more. We then discuss different approaches and scenarios for connecting your VPC to your data center with AWS VPN or AWS Direct Connect. Throughout this presentation, we discuss our latest networking services and updates, including AWS Transit Gateway and AWS PrivateLink. This mid-level architecture discussion is for architects, network administrators, and technology decision makers interested in understanding the building blocks that AWS makes available with Amazon VPC. Learn how to connect VPCs with your offices and data center footprint.
발표자: 이정훈 솔루션즈 아키텍트, AWS / 이상규 솔루션즈 아키텍트, AWS / 현륜식 솔루션즈 아키텍트, AWS / 강동환 솔루션즈 아키텍트, AWS
Part 1 : Cloud 로의 전환
Cloud로 전환하는 과정에서 검토되는 Windows 서버 운영 및 Cloud Endure에 대한 기본 개념 등을 소개합니다.
Part 2 : SAP 에 대한 고민
본 세션에서는 기업들이 가지고 있는 SAP 가치를 극대화하고 비용절감 및 업무자동화를 실천하는 방법에 대해 소개합니다
Part 3 : 백업 및 복구
기업들이 가지고 있는 데이터 통합관리 및 재해복구 방안, 그리고 데이터 내구성을 확보하고 비용절감하는 방안에 대해 소개합니다.
Part 4 : 하이브리드 클라우드 아키텍처
하이브리드 클라우드 아키텍처를 제시하고, VMware Cloud on AWS, Outposts와 같은 고객의 On-Premise 환경과 밀접한 관련이 있는 제품 및 서비스를 알아봅니다.
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Amazon Web Services
Learning Objectives:
- Learn how to secure your web applications
- Learn how to configure AWS Shield and AWS WAF
- Learn how to defend the most common Layer 7 attacks
Distributed denial of service (DDoS) and other web attacks can affect your application’s availability, compromise its security, and consume excessive resources. AWS Shield and AWS Web Application Firewall (WAF) help secure your applications from these types of attacks. AWS Shield is a managed DDoS protection service that offers always-on detection and automatic inline mitigation to minimize application downtime and latency. AWS WAF is a web application firewall that helps protect your applications from common web exploits such as SQLi, XSS, and botnets. This introductory tech talk will provide you an overview and demonstration of these services.
AWS 네트워크 보안을 위한 계층별 보안 구성 모범 사례 – 조이정, AWS 솔루션즈 아키텍트:: AWS 온라인 이벤트 – 클라우드 보안 특집Amazon Web Services Korea
* 발표 동영상: https://youtu.be/r84IuPv_4TI
AWS 서비스 환경을 대상으로 하는 각종 보안 위협에 대응하기 위해 인터넷에서 유입되는 트래픽에 대한 안전한 보호와 VPC 내부에서 발생할 수 있는 다양한 네트워크 트래픽을 보다 효율적이고 안전하게 보호할 수 있는 네트워크 보안 구성 방안과 모범 사례에 대해 소개합니다.
This session is for anyone interested in understanding the financial costs associated with migrating workloads to AWS. By presenting real cases from AWS Professional Services and directly from a customer, we explore how to measure value, improve the economics of a migration project, and manage migration costs and expectations through large-scale IT transformations. We’ll also look at automation tooling that can further assist and accelerate the migration process.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útokyVladimir Simek
DDoS a další webové útoky (XSS, SQL injection) vedené na vaši infrastrukturu mohou negativně ovlivnit dostupnost vašich aplikací, ohrozit jejich bezpečnost a zvyšovat vaše náklady. Jestli se zajímáte o ochranu webových aplikací, sledujte další díl našeho Česko-Slovenského AWS webináře a dozvíte se víc o doporučených postupech i tom, jak používat služby Amazon CloudFront, AWS WAF, AWS Firewall Manager a AWS Shield.
In this session, we will explore common use cases for (server based or generally load balanced) workloads in AWS and how they compare with the on-prem deployment patterns. you will learn the architectural patterns and line of thinking for deploying security perimeters and segmentation across a multiple account/vpc strategy, Edge security. also, you how you can make sure the pattern you develop will be applied uniformly across your current and future environments.
Security is top priority at AWS. All Amazon Web Services (AWS) customers benefit from a data center and network architecture built to satisfy the requirements of the most security-sensitive organizations. In this session, Ryan Jaeger, senior solutions architect and security specialist, AWS, will discuss the four common challenges that CISOs and their security teams struggle with and why cybersecurity is becoming a driving force behind commercial cloud adoption. We will also share best practices and learnings from our customers on additional security measures organizations should explore to meet regulatory and compliance requirements and safeguard their environment.
AWS SSA Webinar 11 - Getting started on AWS: SecurityCobus Bernard
In this session, we will take a deeper look at the security services and features available on AWS. We will look at how Identity and Access Management (IAM) works by covering IAM users, policies, roles, groups. We will also look at AWS Security groups and how they are applied to the different infrastructure components, e.g. Amazon EC2 instances, Load Balancers, Databases (via Amazon RDS). Lastly, we will take a quick look at Amazon Certificate Manager for SSL certificates and mention additional services like Amazon Detective, GuardDuty, Macie, WAF.
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...Amazon Web Services
This is a practical demo-driven session where you will learn about the best practice to protect applications on AWS. We will give an overview of the threats on AWS, discuss why perimeter defense helps with these threats, and discuss some key techniques that use services such as Amazon CloudFront, Route 53, and WAF to protect your web applications. Lastly, you will learn about the best practices to protect different types of applications - Web/APIs, TCP-based, or Gaming.
Automating DDos and WAF responses - AWS Summit Cape Town 2018Amazon Web Services
Speaker: Andrew Kane, AWS
Level: 300/400
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as AWS Web Application Firewall, AWS Shield, AWS CloudWatch, and more. You will also learn how to use Lambda functions to automate event response and integrate with your security operations tools.
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
"In this workshop, you learn how to deploy AWS WAF in front of your application, how to set up AWS WAF full logging for compliance and monitoring purposes, and how to increase your security posture by creating custom rules using Amazon Elasticsearch Service with Kibana. You also learn how to protect your application against bad bots, web scrapers, and scanners by configuring bad and benign bot signatures and then automating your AWS WAF rules by parsing AWS WAF full logs using an AWS Lambda function.
All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."
This workshop is an introduction to security-related services on AWS. We will discuss security services on AWS and also walk through how to import third-party security solutions from the AWS marketplace. This Workshop will include a demo and some customer case studies.
In this talk, I discuss how to think about security for a serverless web application from front to back. The session introduces several controls available to you and the best practices for configuring them, along with ways to build more secure applications for an event-driven model.
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Amazon Web Services
Whether you are part of a large organization moving your applications to the cloud, or a new application owner just getting started, you always need a baseline security for your web applications. In addition, large organizations with common security requirements frequently need to standardize their security posture across many applications. With compliance initiatives, such as PCI, OFAC, and GDPR, there is a need to effectively manage this posture with minimal error. In this session, learn how to use services like AWS WAF, AWS Shield, and AWS Firewall Manager to deploy and manage rules and protections uniformly across many accounts and resources. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
AWS Edge Security - Cloud-Native Defense Against Diverse Internet ThreatsAmazon Web Services
Learn how you can defend your applications on AWS against diverse set of Internet threats, like DDoS, Bots or Zero-day attacks. At this session you will learn about how your applications on AWS are inherently secured against common threats. You will also learn about how you can use AWS security services like AWS WAF, Shield and Firewall Manager to build a robust and customised protection specific to your applications.
How to Architect and Bring to Market SaaS on AWS GovCloud (US)Amazon Web Services
AWS GovCloud (US) is an isolated AWS region designated to allow US government agencies and organizations in highly-regulated industries to move sensitive data and regulated IT workloads to the cloud by addressing their specific regulatory and compliance requirements. These organizations are increasingly integrating SaaS technologies into their IT environments; however, they often require SaaS products to address the same compliance features of the GovCloud region. This session will discuss how SaaS vendors should approach migrating to GovCloud (US), key architecture, compliance and operational considerations and best practices for bringing a SaaS product on GovCloud (US) to market. This session also shows you how to meet acquisition and procurement policies with AWS Marketplace for AWS GovCloud (US).
After AWS IAM and detective controls, the afternoon at AWS Security Week turns to infrastructure security, which means tuning AWS service configurations, AMI composition, and hardening other digital assets that will be deployed. You will learn how to define networking architecture (VPCs, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows; and how to determine vulnerability management and operational maintenance cadence.
Speaker: Mike Wasielewski - Sr. Solutions Architect, AWS
La sicurezza nel cloud, per AWS, è una priorità. I clienti che scelgono di utilizzare i servizi AWS traggono vantaggio da un'architettura di data center e di rete progettata per soddisfare i requisiti delle organizzazioni più esigenti a livello di sicurezza.Durante questa sessione vedremo quali sono gli strumenti che AWS mette a disposizione dei propri clienti per rendere le proprie applicazioni e i propri dati sicuri.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Speaker: Jesse Fuchs - Sr. Solutions Architect, AWS
AWS Security Week: Intro To Threat Detection & RemediationAmazon Web Services
AWS Security Week at the San Francisco Loft: Introduction to Threat Detection and Remediation on AWS
Presenter: Jeff Levine, Sr. Security Solutions Architect, AWS
Similar to Protect your applications from DDoS/BOT & Advanced Attacks (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
33. Protect Your Applications from DDoS &
Advanced Attacks (BOT & Credential
Stuffing)
Ryan Lo
Regional Manager, Solutions Engineering
F5 Shape Security
August 2020
35. Confidential / / Part of F5 4
0
You probably have used Shape before
and using Shape NOW.
We’re the reason you login a lot less and see fewer
CAPTCHAs
?
36. Confidential / / Part of F5 4
1
Ridiculous captchas
2FA by trying to remember your favorite pizza
toppings
Password resets
Currently, the burden of proving known good is on
human users
Lots of repetitive logins
37. Confidential / / Part of F5
Security vs User Experience
Confidential 42
38. Confidential / / Part of F5
Cybercriminals Bypass CAPTCHA Through Solver
Service
Confidential 43
39. Confidential / / Part of F5
CAPTCHA Cannot Stop Bad Actors
Confidential 44
40. Confidential / / Part of F5
CAPTCHA Cannot Stop Bad Actors But Block the
Real Users
Confidential 45
41. Confidential / / Part of F5
Currently, the burden of proving known good is on
human users
Confidential
Nintendo suggests users to secure their Nintendo Account by enabling 2-Step Verification
46
42. Confidential / / Part of F5
Fraud occurs when Criminals act like Legitimate
Users
?
?
?
?
Users
(criminals mixed in with good
users)
Web, Mobile Apps and API
Endpoint
(serve good users & criminals alike)
Criminals
(not evident until it’s too
late)
Organisations must be open to anyone, anywhere, on any device
43. Confidential / / Part of F5
Retail – Reward Program Aggregators
They provide a valuable alternative
44. Confidential / / Part of F5
Retail – Reward Program Aggregators
How do fintechs and rewards program operators differentiate good from bad users?
45. Confidential / / Part of F5
Retail – Reward Program Aggregators
They provide a valuable alternative
46. Confidential / / Part of F5
Retail – Reward Program Aggregators
They provide a valuable alternative
47. Confidential / / Part of F5
Retail – Reward Program Aggregators
They provide a valuable alternative
48. Confidential / / Part of F5
Retail - Inventory Lockout
How many Bots are in front of you?
51. Confidential / / Part of F5
Retail - Sneaker Bots
Shape signals can identify device farms
52. Confidential / / Part of F5
Travel - Inventory Scraping
Scrapers are increasing the airline’s infrastructure costs and affecting the airline’s ability to
manage revenue
53. Confidential / / Part of F5
Travel - Inventory Scraping
How to simulate user behavior through Selenium
Attackers started with developer libraries
like Selenium and Puppeteer before
creating custom tools.
54. Confidential / / Part of F5
Results - A Fortune Global 2000 Customer
April May June
6M
5M
4M
3M
2M
1M
0
HUMAN DETECTED & BLOCKEDDETECTED & FLAGGEDPOSTS TO /LOGIN EVERY THREE HOURS
Mitigation Mode (on attacker fingerprints)
Mitigation Mode (on new fingerprint
Attacker Gives Up
Retool Detected in Stage II (update Stage
I)
Observation Mode (flagging only)
55. Confidential / / Part of F5
Multi-stage detection is paramount
Shape provides multi-stage detection as a service
WEB & MOBILE BROWSER
INTERNET
NATIVE MOBILE APPS
Mobile SDK
CUSTOMER ORIGIN SERVERS
24x7
STAGE IISTAGE I
MACHINE LEARNING
ARTIFICIAL INTELLIGENCE
Good Traffic
Bad Traffic
AWS CloudFront
JS
56. Confidential / / Part of F5
Reducing Friction, Fraud and Fiction
61
Identify and mitigate unwanted traffic
Differentiate good customers from bad customers
Create a friction free user experience and increase revenue
57. Confidential / / Part of F5
Multi-stage detection is paramount
Shape provides multi-stage detection as a service
WEB & MOBILE BROWSER
INTERNET
NATIVE MOBILE APPS
Mobile SDK
CUSTOMER ORIGIN SERVERS
STAGE IISTAGE I
LOAD BALANCER
MACHINE LEARNING
ARTIFICIAL INTELLIGENCE
appliance
Good Traffic
Bad Traffic
COMPANY COUNTRY SECTOR FUNDING ($ MIL.)
58. Confidential / / Part of F5
Multi-stage defense enables long term efficacy
Actual Shape customer’s journey to less than 1% automation
2019
78
%
Automated
<1
%
Automated
2018