Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Openstack Demo-virtual checkpoint FW and virtual suricata IDS

1 618 vues

Publié le

Presentation

Publié dans : Ingénierie
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Openstack Demo-virtual checkpoint FW and virtual suricata IDS

  1. 1. Copyright@ 2018 All reserved by KrDAG OPENSTACK DEMO Security KRDAG STUDY Seo & Ryu
  2. 2. Copyright@ 2018 All reserved by KrDAG NET1 #1. FW IN OPENSTACK vRouter와 vFW vRouter Internet VM VM vFW ? vFW Internet VM VM vRouter와 vFW의 기능 충돌 Routing Security Routing NAT vRouter를 갈아치우자 NET2
  3. 3. Copyright@ 2018 All reserved by KrDAG DC DC #1. FW IN OPENSTACK 배포 위치 고민 Controller Compute Compute Compute vFW VM VM VM VM Openstack Internet Openstack Openstack Openstack Physical FW Openstack Internet Openstack Openstack Openstack vFW
  4. 4. Copyright@ 2018 All reserved by KrDAG #2. AFTER VM DEPLOY Default is Drop WHY NO initial Configuration – support heat API/CLI/GUI 열어주세요~
  5. 5. Copyright@ 2018 All reserved by KrDAG #2. AFTER VM DEPLOY Auto? Depoloying security policy VM 추가 VM의 IP 정보 확인 방화벽에 해당 IP object 추가 방화벽에 해당 VM IP 허용 ./Cpadd.sh "svr1“ ./Cpdel.sh “svr1” DEMO Controller Compute Compute vFW svr1 IDSsvr3
  6. 6. Copyright@ 2018 All reserved by KrDAG #3. IDS IN OPENSTACK 대체 뭘 모니터링 해야해 그래서 어디있는데? Target VMIDS
  7. 7. Copyright@ 2018 All reserved by KrDAG #3. IDS IN OPENSTACK 인터페이스를 찾자 VM 인스턴스 정보(instance-000xxx)확인 배포된 compute 노드 확인 네트워크 포트 순서(역순) 확인 해당 compute 노드에서 qemu 파일 확인 ./mirrir.sh add "svr1“ “internal service” ./mirrir.sh del "svr1“ “internal service” DEMO 해당 인터페이스 확인 Controller Compute Compute vFW svr1 IDSsvr3

×