Haddy El-Haggan, profile picture
Uploaded byHaddy El-Haggan
PPTX, PDF794 views

Security on Windows Azure

The document discusses security on Microsoft Cloud solutions, particularly Windows Azure, highlighting its structure, benefits, and security layers including human, data, application, host, network, and physical security. It outlines data security measures, network architecture, and identity management technologies, explaining how access is controlled and monitored. The document also notes the importance of understanding responsibilities shared between users and the cloud provider and emphasizes the significance of secure networking and identity models in the Azure environment.

Embed presentation

Downloaded 33 times
Security on Microsoft Cloud Solutions Haddy El-Haggan Microsoft Student Partner Founder of Azure Community in Egypt
Security on Microsoft Cloud Solutions • Overview on Windows Azure • Security Overview • Data Security on Windows Azure • Network Security • Identity On Azure
Windows Azure • Cloud Computing is a new Concept of the Best utilization of the Data Center • Cloud Computing is based on Virtualization • Cloud Computing is mainly composed of 3 layers • Infrastructure as a Service (IaaS) • Platform as a Service (Paas) • Software as a Service (SaaS
Windows Azure (cont.) • Windows Azure is Microsoft Cloud Solutions • Windows Azure is composed of 3 main Nodes: – Compute – Storage (Windows Azure Storage, AppFabrics Caching and SQL Azure) – Fabrics (to enable communication between different applications hosted on Azure or even on premises)
Benefits • High Availability • High Scalability • Pay as you go • Best utilization of the hardware resources available • Focus on your business rather than the IT infrastructure • Flexibility to access your data
ONE OF THE BIGGEST CONCERN IS ALWAYS ABOUT THE SECURITY AND HOW ARE MY DATA SECURE ON THE CLOUD?
Platform (as a Service) Managedbyvendor Youmanage Storage Servers Networking O/S Middleware Virtualization Applications Runtime Data
Microsoft Cloud Solution Security Overview • Developers and users must know the responsibilities the share with the Cloud Provider • These are the main layers of security for any Cloud Provider: – Human – Data – Application – Host – Network – Physical
Microsoft Cloud Solution Security Overview (Cont.) • The “human” and “Data” layers are the users’ responsibility and how they manage their data and its permissions (more information about the data n Azure to be followed) • The “Application Layer” depend on the developer and the security used on it • Authentication • Input validation …. • Recommend to develop using SDL (security development lifecycle) designed for windows Vista, Windows 7 and windows Azure
Microsoft Cloud Solution Security Overview • “Host” Layer, Windows Azure is hosted on Windows Server 2008 Hyper-V • Windows Azure doesn’t depend on Windows Server 2008 hypervisor , it has its own hypervisor where the roles and the VM are hosted and isolated • Host has 2 main jobs: – Isolation (every role runs on its own VM) – Hardening (regular Security Updates)
Microsoft Cloud Solution Security Overview • Some Firewall can be configured by the service owner and some are controlled by the fabric controller • “Network” Layer, Windows Azure traffic through several firewall • Guest VM • Host VM • SQL Azure VM
THERE IS NO ENCRYPTION ON WINDOWS AZURE
Data Security on Azure • Windows Azure Compute and Windows Azure Storage are 2 different things each of them is hosted on different hardware resources • In the Storage Architecture the top layer validates, authenticates, and authorizes requests, routing them to the partition layer and data layer where the data exists • Protect against Data Loss, there are always three replicates of your data whatever happens • Isolation: all your data are isolated from the others by 2 ways: – Logically – Physically • Each type of storage has its own way of access depending on the developer • NO DATA ARE ACCESSIBLE BY THE PUBLIC EXCEPT THE PUBLIC BLOB
Data Security on Azure • Isolation: all your data are isolated from the others by 2 ways: – Logically – Physically • Each type of storage has its own way of access depending on the developer • NO DATA ARE ACCESSIBLE BY THE PUBLIC EXCEPT THE PUBLIC BLOB
Secure Networking • Network Architecture: – In Azure there are mainly 4 types of Nodes: • Fabric Controller Node (Azure Kernel) • Storage Node • Compute Node • Other infrastructure Node – In the FC Networking there are 3 types of isolated networks: • Main VLAN (all untrusted customer nodes) • FC VLAN (trusted FC networks) • Device VLAN (contains trusted networks an other infrastructure devices)
Secure Networking • No communication is possible between the VLANs without passing through a router for preventing faking traffic and eavesdropping on other traffic • The communication is permitted from the FC VLAN or the Device VLAN to the main VLAN but not initiated from the main VLAN
Secure Networking • Azure has the largest internet connections in the industry • It is unlikely that someone can cut azure out of public by producing enough malicious traffic • If your application on azure is attacked, azure will create several compute instances to maintain your application until the attack passes • Microsoft is considering ways to identify malicious traffic and block it as it enters the Azure Fabric, but this sort of protection has not yet been deployed.
Identity On Azure • To gain access to your application on the Cloud you have to pass few steps: – Authentication – Authorization – Monitoring and logging (track users and log their operations) • Windows Azure support several identity technology – Active Directory – Open ID – SQL Server – WIF
Identity On Azure • Windows Azure supports 2 types of identity in the Cloud: – Role based – Claim Based • Role based is using Username and password • Claim based is using Token containing a collection of Claims
Identity On Azure: Role based authorization • It can be used by SQL Azure, Azure Connect andASP.NET membership provider • You only use the username and the password and the rest are kept in the identity store • Simple, easy to use and possible to implement Domain join
Identity on Azure: Azure Connect • Azure connect support domain join of windows azure roles to on premises Active Directory
Identity on Azure : Claim Based • Claim is a piece of information • Token is a collection of Claims and are signed • Security Token Service map the credentials to the token • Application is provide with all the identity information needed • The management of the identity is not the application responsibility • Integration between several identity providers • Less infrastructure code
Identity On Azure: AppFabric Access Control • Enable the developer of using claim based authorization from enterprises like active directory, SQL Server • Also enable the usage of the other identity provider like live ID, Facebook, Google and Yahoo.
Azure Community in Egypt • Twitter: Azurecomeg • E-Mail: azureeg@hotmail.com
Contacts • Twitter: @Hhaggan • Email: h.haggan@hotmail.com • Blog: http://hhaggan.wordpress.com/
Security on Windows Azure

More Related Content

PDF
Microsoft Azure Security Infographic
byMicrosoft Azure
 
PPTX
Azure Security Fundamentals
byLorenzo Barbieri
 
PPTX
Power of the cloud - Introduction to azure security
byBruno Capuano
 
PPTX
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
byZabeel Institute
 
PPTX
What is Microsoft Azure Security?-Microsoft Azure security
byZabeel Institute
 
PPTX
Cloudbrew 2019 - Azure Security
byTom Janetscheck
 
PDF
Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...
byMicrosoft Private Cloud
 
PPTX
How Secure is Azure?
byLai Yoong Seng
 
Microsoft Azure Security Infographic
byMicrosoft Azure
 
Azure Security Fundamentals
byLorenzo Barbieri
 
Power of the cloud - Introduction to azure security
byBruno Capuano
 
Importance of Azure infrastructure?-Microsoft Azure security infrastructure
byZabeel Institute
 
What is Microsoft Azure Security?-Microsoft Azure security
byZabeel Institute
 
Cloudbrew 2019 - Azure Security
byTom Janetscheck
 
Microsoft Windows Azure - Security Best Practices for Developing Windows Azur...
byMicrosoft Private Cloud
 
How Secure is Azure?
byLai Yoong Seng
 

What's hot

PPTX
cyber-security-reference-architecture
byBirendra Negi ☁️
 
PPTX
Azure Security Center- Zero to Hero
byKasun Rajapakse
 
PDF
Cloud Security Introduction
byGLC Networks
 
PPTX
The Top Cloud Security Issues
byHTS Hosting
 
PDF
Access Security - Privileged Identity Management
byEng Teong Cheah
 
PDF
Global Azure Bootcamp 2018 - Azure Security Center
byScott Hoag
 
PDF
Stefan van der Wiele | Protect users identities and control access to valuabl...
byMicrosoft Österreich
 
PDF
Azure security infographic 2014 sec
byKesavan Munuswamy
 
PDF
CSS17: Houston - Azure Shared Security Model Overview
byAlert Logic
 
PDF
The Share Responsibility Model of Cloud Computing - ILTA NYC
byPatrick Sklodowski
 
PDF
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
byaOS Community
 
PDF
Getting Started with Azure Security Center
byCheah Eng Soon
 
PDF
CSF18 - Securing the Cloud - Karim El-Melhaoui
byNCCOMMS
 
PDF
Daniel Grabski | Microsofts cybersecurity story
byMicrosoft Österreich
 
PDF
Azure for beginners series session 4
byLalit Rawat
 
PPTX
What is Microsoft Azure security technologies?-Microsoft Azure security techn...
byZabeel Institute
 
PDF
Compute Security - Host Security
byEng Teong Cheah
 
PDF
Cloud Computing Security - Cloud Controls Security
byHari Kumar
 
PDF
Msft cloud architecture_security_commonattacks
byAkram Qureshi
 
PPTX
Assessing security of your Active Directory
byAldo Elam Majiah
 
cyber-security-reference-architecture
byBirendra Negi ☁️
 
Azure Security Center- Zero to Hero
byKasun Rajapakse
 
Cloud Security Introduction
byGLC Networks
 
The Top Cloud Security Issues
byHTS Hosting
 
Access Security - Privileged Identity Management
byEng Teong Cheah
 
Global Azure Bootcamp 2018 - Azure Security Center
byScott Hoag
 
Stefan van der Wiele | Protect users identities and control access to valuabl...
byMicrosoft Österreich
 
Azure security infographic 2014 sec
byKesavan Munuswamy
 
CSS17: Houston - Azure Shared Security Model Overview
byAlert Logic
 
The Share Responsibility Model of Cloud Computing - ILTA NYC
byPatrick Sklodowski
 
aOS Monaco 2019 - A7 - Sécurisez votre SI et vos services Office 365 partie 2...
byaOS Community
 
Getting Started with Azure Security Center
byCheah Eng Soon
 
CSF18 - Securing the Cloud - Karim El-Melhaoui
byNCCOMMS
 
Daniel Grabski | Microsofts cybersecurity story
byMicrosoft Österreich
 
Azure for beginners series session 4
byLalit Rawat
 
What is Microsoft Azure security technologies?-Microsoft Azure security techn...
byZabeel Institute
 
Compute Security - Host Security
byEng Teong Cheah
 
Cloud Computing Security - Cloud Controls Security
byHari Kumar
 
Msft cloud architecture_security_commonattacks
byAkram Qureshi
 
Assessing security of your Active Directory
byAldo Elam Majiah
 

Viewers also liked

PPTX
Cloud security ppt
byVenkatesh Chary
 
PPTX
#ALSummit: Realities of Security in the Cloud
byAlert Logic
 
PDF
Cloud Security with LibVMI
byTamas K Lengyel
 
PPT
Intel Trusted eXecution Technology
byBibhu Biswal
 
PPT
Cloud Computing Security Issues
byDiscover Cloud Computing
 
PDF
Report of Advance car security system major project
byAmi Goswami
 
PPTX
Open Source Security
bySander Temme
 
PPT
Integrated mca cloud technology & information security
byiNurture Education Solution pvt ltd
 
PPT
Privacy and E-Commerce
byAleksandr Yampolskiy
 
PPTX
Privacy and Security Issues in E-Commerce
byTitas Ahmed
 
PDF
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
byVincent Giersch
 
PPTX
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
byJan Ketil Skanke
 
PDF
Cloud security design considerations
byMike Kavis
 
PDF
SecureCloud Project
byEUBrasilCloudFORUM .
 
PDF
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
byPushpa
 
PDF
Secure Cloud - Secure Big Data Processing in Untrusted Clouds
byEUBrasilCloudFORUM .
 
PPT
Eamonn O Raghallaigh The Major Security Issues In E Commerce
byEamonnORagh
 
PPT
Window Security Solutions Presentation
byvickylysons
 
PPTX
Sgx alumni event 31 may 2013
bySim Shawn
 
PPTX
Sgx @ centre & vista
bySim Shawn
 
Cloud security ppt
byVenkatesh Chary
 
#ALSummit: Realities of Security in the Cloud
byAlert Logic
 
Cloud Security with LibVMI
byTamas K Lengyel
 
Intel Trusted eXecution Technology
byBibhu Biswal
 
Cloud Computing Security Issues
byDiscover Cloud Computing
 
Report of Advance car security system major project
byAmi Goswami
 
Open Source Security
bySander Temme
 
Integrated mca cloud technology & information security
byiNurture Education Solution pvt ltd
 
Privacy and E-Commerce
byAleksandr Yampolskiy
 
Privacy and Security Issues in E-Commerce
byTitas Ahmed
 
UKC - Feb 2013 - Analyzing the security of Windows 7 and Linux for cloud comp...
byVincent Giersch
 
Security @ Windows 10 Partner Technical Bootcamp Microsoft Norway October 2015
byJan Ketil Skanke
 
Cloud security design considerations
byMike Kavis
 
SecureCloud Project
byEUBrasilCloudFORUM .
 
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
byPushpa
 
Secure Cloud - Secure Big Data Processing in Untrusted Clouds
byEUBrasilCloudFORUM .
 
Eamonn O Raghallaigh The Major Security Issues In E Commerce
byEamonnORagh
 
Window Security Solutions Presentation
byvickylysons
 
Sgx alumni event 31 may 2013
bySim Shawn
 
Sgx @ centre & vista
bySim Shawn
 

Similar to Security on Windows Azure

PDF
Microsoft Azure Security Overview
byAlert Logic
 
PDF
366864108 azure-security
byober64
 
PPTX
Enter The Matrix Securing Azure’s Assets
byBizTalk360
 
PPTX
Azure Security Overview
byAllen Brokken
 
PPTX
Azure Fundamentals Part 3
byCCG
 
PPTX
Windows Azure Security Features And Functionality
byvivekbhat
 
PPTX
Windows Azure
byJohn Alioto
 
PPTX
Azure Day 1.pptx
bymasbulosoke
 
PPTX
Cloud application architecture with sql azure and windows azure
byEduardo Castro
 
PPTX
Cloud computing & windows azure intro
byHaddy El-Haggan
 
PDF
KoprowskiT_SQLSatMoscow_WASDforBeginners
byTobias Koprowski
 
PDF
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
byNCCOMMS
 
PPTX
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
byEuropean Collaboration Summit
 
PDF
KoprowskiT_session1_SDNEvent_WASDforBeginners
byTobias Koprowski
 
PDF
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
byMSAdvAnalytics
 
PPTX
MS Cloud day - Understanding and implementation on Windows Azure platform sec...
bySpiffy
 
PPTX
Azure presentation nnug dec 2010
byEthos Technologies
 
PPTX
Wisconsin .NET UG - Windows Azure
byWade Wegner
 
PPTX
Azure security
byLalit Rawat
 
PPTX
AZUG.BE - Azure User Group Belgium - First public meeting
byMaarten Balliauw
 
Microsoft Azure Security Overview
byAlert Logic
 
366864108 azure-security
byober64
 
Enter The Matrix Securing Azure’s Assets
byBizTalk360
 
Azure Security Overview
byAllen Brokken
 
Azure Fundamentals Part 3
byCCG
 
Windows Azure Security Features And Functionality
byvivekbhat
 
Windows Azure
byJohn Alioto
 
Azure Day 1.pptx
bymasbulosoke
 
Cloud application architecture with sql azure and windows azure
byEduardo Castro
 
Cloud computing & windows azure intro
byHaddy El-Haggan
 
KoprowskiT_SQLSatMoscow_WASDforBeginners
byTobias Koprowski
 
O365Con18 - Red Team vs Blue Team - Sasha Kranjac & Mustafa Toroman
byNCCOMMS
 
[Toroman/Kranjac] Red Team vs. Blue Team in Microsoft Cloud
byEuropean Collaboration Summit
 
KoprowskiT_session1_SDNEvent_WASDforBeginners
byTobias Koprowski
 
Cortana Analytics Workshop: Cortana Analytics -- Security, Privacy & Compliance
byMSAdvAnalytics
 
MS Cloud day - Understanding and implementation on Windows Azure platform sec...
bySpiffy
 
Azure presentation nnug dec 2010
byEthos Technologies
 
Wisconsin .NET UG - Windows Azure
byWade Wegner
 
Azure security
byLalit Rawat
 
AZUG.BE - Azure User Group Belgium - First public meeting
byMaarten Balliauw
 

Recently uploaded

PPTX
Software Tools for penetration Testing (1).pptx
byAmosCheruiyot13
 
PDF
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
PDF
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
PDF
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
PPTX
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
PDF
Scott M. Graffius' Phases of Team Development - Applied to Human Teams and Hu...
byScott M. Graffius
 
PDF
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
PDF
Chapter 1 Introduction to Computer Security.pdf
byGetnet Tigabie Askale -(GM)
 
PPTX
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
PDF
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
PPTX
DATALIVA-Presentation-EN_2026 Budgeting SAP Odoo ERP
byMustafa Kuğu
 
PDF
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
PDF
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
PPTX
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
PPTX
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
PDF
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
PDF
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
PDF
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
PDF
Strengthening cybern resilience for a leading indian Financial Services group
bypandeydevika621
 
PDF
The CISO_Transformation_Playbook From Cost Centre to Chief Trust Officer
bysajjasridhar1990
 
Software Tools for penetration Testing (1).pptx
byAmosCheruiyot13
 
Saga: The new era of transactions in a microservices architecture
byGiovanni Marigi
 
Louisville User Group: Transforming Technical Debt into Technical Wealth
byLynda Kane
 
Master the FME Connector for ArcGIS: Streamlined Data Management & Robust Met...
bySafe Software
 
Unit 1 Introduction of Computer Networks
bySuvarnaSharma5
 
Scott M. Graffius' Phases of Team Development - Applied to Human Teams and Hu...
byScott M. Graffius
 
oracle_apex_tamil_export_an_application.pdf
byUthamaselvan M
 
Chapter 1 Introduction to Computer Security.pdf
byGetnet Tigabie Askale -(GM)
 
On-Device AI with Gemma 3n and PaliGemma 2 Session Slides - GDG VESIT
bygdgcodecellcmpn
 
JR : Quality Random Data from the Command line
byGiovanni Marigi
 
DATALIVA-Presentation-EN_2026 Budgeting SAP Odoo ERP
byMustafa Kuğu
 
Best-Travel-Portal-Development-Solutions-for-Online-Growth
bykashishnagarrajput
 
The Cost of Missing Critical Connections in Data - Suspicious Behavior Detect...
byEnterprise Knowledge
 
Sensors-and-Actuators-in-IoT-Systems.pptx
byMuhammedNihal54
 
IBM_NEXA_DAC2021 NEXA, a cloud-native platform for collaborative hardware log...
byArun Joseph
 
Higgsfield AI: The New Way to Create Cinematic Video
bytechnologyupside
 
Digital Transformation Services The Key to Futureproofing Your Business
byQuadrafort Technolgies
 
Azure Identity, Governance, and Monitoring solutions
byVICTOR MAESTRE RAMIREZ
 
Strengthening cybern resilience for a leading indian Financial Services group
bypandeydevika621
 
The CISO_Transformation_Playbook From Cost Centre to Chief Trust Officer
bysajjasridhar1990
 

Security on Windows Azure

  • 2.
    Security on MicrosoftCloud Solutions Haddy El-Haggan Microsoft Student Partner Founder of Azure Community in Egypt
  • 3.
    Security on MicrosoftCloud Solutions • Overview on Windows Azure • Security Overview • Data Security on Windows Azure • Network Security • Identity On Azure
  • 4.
    Windows Azure • CloudComputing is a new Concept of the Best utilization of the Data Center • Cloud Computing is based on Virtualization • Cloud Computing is mainly composed of 3 layers • Infrastructure as a Service (IaaS) • Platform as a Service (Paas) • Software as a Service (SaaS
  • 5.
    Windows Azure (cont.) •Windows Azure is Microsoft Cloud Solutions • Windows Azure is composed of 3 main Nodes: – Compute – Storage (Windows Azure Storage, AppFabrics Caching and SQL Azure) – Fabrics (to enable communication between different applications hosted on Azure or even on premises)
  • 6.
    Benefits • High Availability •High Scalability • Pay as you go • Best utilization of the hardware resources available • Focus on your business rather than the IT infrastructure • Flexibility to access your data
  • 7.
    ONE OF THEBIGGEST CONCERN IS ALWAYS ABOUT THE SECURITY AND HOW ARE MY DATA SECURE ON THE CLOUD?
  • 8.
  • 9.
    Microsoft Cloud SolutionSecurity Overview • Developers and users must know the responsibilities the share with the Cloud Provider • These are the main layers of security for any Cloud Provider: – Human – Data – Application – Host – Network – Physical
  • 10.
    Microsoft Cloud SolutionSecurity Overview (Cont.) • The “human” and “Data” layers are the users’ responsibility and how they manage their data and its permissions (more information about the data n Azure to be followed) • The “Application Layer” depend on the developer and the security used on it • Authentication • Input validation …. • Recommend to develop using SDL (security development lifecycle) designed for windows Vista, Windows 7 and windows Azure
  • 13.
    Microsoft Cloud SolutionSecurity Overview • “Host” Layer, Windows Azure is hosted on Windows Server 2008 Hyper-V • Windows Azure doesn’t depend on Windows Server 2008 hypervisor , it has its own hypervisor where the roles and the VM are hosted and isolated • Host has 2 main jobs: – Isolation (every role runs on its own VM) – Hardening (regular Security Updates)
  • 14.
    Microsoft Cloud SolutionSecurity Overview • Some Firewall can be configured by the service owner and some are controlled by the fabric controller • “Network” Layer, Windows Azure traffic through several firewall • Guest VM • Host VM • SQL Azure VM
  • 16.
    THERE IS NOENCRYPTION ON WINDOWS AZURE
  • 17.
    Data Security onAzure • Windows Azure Compute and Windows Azure Storage are 2 different things each of them is hosted on different hardware resources • In the Storage Architecture the top layer validates, authenticates, and authorizes requests, routing them to the partition layer and data layer where the data exists • Protect against Data Loss, there are always three replicates of your data whatever happens • Isolation: all your data are isolated from the others by 2 ways: – Logically – Physically • Each type of storage has its own way of access depending on the developer • NO DATA ARE ACCESSIBLE BY THE PUBLIC EXCEPT THE PUBLIC BLOB
  • 18.
    Data Security onAzure • Isolation: all your data are isolated from the others by 2 ways: – Logically – Physically • Each type of storage has its own way of access depending on the developer • NO DATA ARE ACCESSIBLE BY THE PUBLIC EXCEPT THE PUBLIC BLOB
  • 19.
    Secure Networking • NetworkArchitecture: – In Azure there are mainly 4 types of Nodes: • Fabric Controller Node (Azure Kernel) • Storage Node • Compute Node • Other infrastructure Node – In the FC Networking there are 3 types of isolated networks: • Main VLAN (all untrusted customer nodes) • FC VLAN (trusted FC networks) • Device VLAN (contains trusted networks an other infrastructure devices)
  • 20.
    Secure Networking • Nocommunication is possible between the VLANs without passing through a router for preventing faking traffic and eavesdropping on other traffic • The communication is permitted from the FC VLAN or the Device VLAN to the main VLAN but not initiated from the main VLAN
  • 21.
    Secure Networking • Azurehas the largest internet connections in the industry • It is unlikely that someone can cut azure out of public by producing enough malicious traffic • If your application on azure is attacked, azure will create several compute instances to maintain your application until the attack passes • Microsoft is considering ways to identify malicious traffic and block it as it enters the Azure Fabric, but this sort of protection has not yet been deployed.
  • 22.
    Identity On Azure •To gain access to your application on the Cloud you have to pass few steps: – Authentication – Authorization – Monitoring and logging (track users and log their operations) • Windows Azure support several identity technology – Active Directory – Open ID – SQL Server – WIF
  • 23.
    Identity On Azure •Windows Azure supports 2 types of identity in the Cloud: – Role based – Claim Based • Role based is using Username and password • Claim based is using Token containing a collection of Claims
  • 24.
    Identity On Azure:Role based authorization • It can be used by SQL Azure, Azure Connect andASP.NET membership provider • You only use the username and the password and the rest are kept in the identity store • Simple, easy to use and possible to implement Domain join
  • 25.
    Identity on Azure:Azure Connect • Azure connect support domain join of windows azure roles to on premises Active Directory
  • 26.
    Identity on Azure: Claim Based • Claim is a piece of information • Token is a collection of Claims and are signed • Security Token Service map the credentials to the token • Application is provide with all the identity information needed • The management of the identity is not the application responsibility • Integration between several identity providers • Less infrastructure code
  • 28.
    Identity On Azure:AppFabric Access Control • Enable the developer of using claim based authorization from enterprises like active directory, SQL Server • Also enable the usage of the other identity provider like live ID, Facebook, Google and Yahoo.
  • 29.
    Azure Community inEgypt • Twitter: Azurecomeg • E-Mail: azureeg@hotmail.com
  • 30.
    Contacts • Twitter: @Hhaggan •Email: h.haggan@hotmail.com • Blog: http://hhaggan.wordpress.com/