SlideShare une entreprise Scribd logo

Securing a public cloud infrastructure : Windows Azure

V
vivekbhat

Securing a public cloud infrastructure: Windows Azure

Technologie
1  sur  38
Télécharger pour lire hors ligne
Saugatuck Insight: Saugatuck believes that many users will find that changes required in internal organization and politics for moving from dedicated to shared resources pose significant challenges to the adoption of Cloud Computing. Source: Saugatuck Technology Inc., 2009 Cloud Infrastructure Survey (Julne09), WW N=670
Security Privacy Is your service secure? Are you HIPAA compliant? Are you ISO 27001 How do you ensure data certified? isolation? Questions Jurisdiction? Data retention? Have you ever had a service outage? Do you have an incident response plan? Do you have performance Do you have SAS Type II Report? SLA? Do you provide 24*7 support? Reliability Business Practice
location  ownership  control
10
SaaS Software as a Service PaaS Platform as a Service IaaS Infrastructure as a Service Public Hybrid Private
Tampering & Denial of Elevation of Spoofing Disclosure Service Privilege VLANs VM switch Top of Rack hardening Load-balanced Switches Partial Trust Infrastructure Certificate Runtime Custom packet Services Network filtering Hypervisor bandwidth Shared-Access custom Port Scanning/ throttling Signatures sandboxing Service Enumeration HTTPS Virtual Service Configurable Service Definition Accounts scale-out file, Windows Sidechannel Firewall, VM switch protections packet filtering
Physical Attacks Central Admin On Servers Customer Admin Users Windows Azure Customer Tenant External Web Site
Physical Attacks On Servers Customer Admin Users Windows Azure Customer Tenant
Central Admin Windows Azure Customer Tenant
Customer Admin Users Windows Azure Customer Tenant
Users Windows Azure Customer Tenant
Customer Admin Windows Azure Customer Tenant
Managed Code Access Security: partial trust Windows Account: running with least privileges Windows FW (VM): rules based on service model Virtual Machine: fixed CPU, memory, disk resources Root Partition Packet Filter: defense in depth against VM “jailbreaking” Network ACLs: dedicated VLANS for tenant nodes 22
R G G G G G G G o u u u u u u u o e e e e e e e t s s s s s s s t t t t t t t V M V V V V V V V M M M M M M M Hypervisor Network/Disk
World-Class Security Service security starts with the data center Data center within a data center Motion sensors 24×7 secured access Biometric controlled access systems Video camera surveillance Security breach alarms
1 .Windows Azure Security Overview 2. TechNet Webcast - Windows Azure Security - A Peek Under the Hood (Level 100) 3. MSDN Webcast - Security Talk - Using Windows Azure Storage Securely (Level 200) 4. Securing Microsoft's Cloud Infrastructure
Securing a public cloud infrastructure : Windows Azure

Recommandé

Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
Dedicated Hosting
Dedicated HostingDedicated Hosting
Dedicated Hostingwebhostingguy
 
Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityMicrosoft TechNet - Belgium and Luxembourg
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec
 
New Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the CloudNew Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the CloudOnline Tech
 
Introducing new Proof-of-Stake based networks - Why your network participatio...
Introducing new Proof-of-Stake based networks - Why your network participatio...Introducing new Proof-of-Stake based networks - Why your network participatio...
Introducing new Proof-of-Stake based networks - Why your network participatio...Michael Ng
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the FutureCisco Security
 

Recommandé

Seguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureSeguridad en SQL Azure Windows azure
Seguridad en SQL Azure Windows azureEduardo Castro
 
Dedicated Hosting
Dedicated HostingDedicated Hosting
Dedicated Hostingwebhostingguy
 
Private cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityPrivate cloud day session 5 a solution for private cloud security
Private cloud day session 5 a solution for private cloud securityMicrosoft TechNet - Belgium and Luxembourg
 
Security and Virtualization in the Data Center
Security and Virtualization in the Data CenterSecurity and Virtualization in the Data Center
Security and Virtualization in the Data CenterCisco Canada
 
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...
Symantec Introduces New Security Solutions to Counter Advanced Persistent Thr...Symantec
 
New Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the CloudNew Solutions for Security and Compliance in the Cloud
New Solutions for Security and Compliance in the CloudOnline Tech
 
Introducing new Proof-of-Stake based networks - Why your network participatio...
Introducing new Proof-of-Stake based networks - Why your network participatio...Introducing new Proof-of-Stake based networks - Why your network participatio...
Introducing new Proof-of-Stake based networks - Why your network participatio...Michael Ng
 
Data Center Security Now and into the Future
Data Center Security Now and into the FutureData Center Security Now and into the Future
Data Center Security Now and into the FutureCisco Security
 
22
2222
22Technology_solution
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Pittayakom Sa-ingtong
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015John White
 
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...PROIDEA
 
E collaborationscottrea
E collaborationscottreaE collaborationscottrea
E collaborationscottreaCollaborative Health Consortium
 
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltDDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltMazeBolt Technologies
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec
 
How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.martin_lee1969
 
Backup2013 - Barracuda Networks
Backup2013 - Barracuda NetworksBackup2013 - Barracuda Networks
Backup2013 - Barracuda NetworksKappa Data
 
Safe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsSafe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsASBIS SK
 
Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroGraeme Wood
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudGraeme Wood
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
The Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated IndustriesThe Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industriesdirkbeth
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securityn|u - The Open Security Community
 

Contenu connexe

Tendances

Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationCisco Security
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to CloudCisco Security
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015John White
 
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...PROIDEA
 
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltDDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltMazeBolt Technologies
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS RealityKVH Co. Ltd.
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Acrodex
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec
 
How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.martin_lee1969
 
Backup2013 - Barracuda Networks
Backup2013 - Barracuda NetworksBackup2013 - Barracuda Networks
Backup2013 - Barracuda NetworksKappa Data
 
Safe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsSafe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsASBIS SK
 

Tendances (16)

22
2222
22
 
Defending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the ApplicationDefending the Data Center: Managing Users from the Edge to the Application
Defending the Data Center: Managing Users from the Edge to the Application
 
From Physical to Virtual to Cloud
From Physical to Virtual to CloudFrom Physical to Virtual to Cloud
From Physical to Virtual to Cloud
 
Digi cert newsletter-2013-02
Digi cert newsletter-2013-02Digi cert newsletter-2013-02
Digi cert newsletter-2013-02
 
Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015Case_Study__Juniper_Expedient_2015
Case_Study__Juniper_Expedient_2015
 
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
infraxstructure: Emil Gągała "Ludzie, procesy, technika – czy wirtualizacja ...
 
E collaborationscottrea
E collaborationscottreaE collaborationscottrea
E collaborationscottrea
 
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBoltDDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
DDoS Mitigation Guide |DDoS Protection Cyber Security | MazeBolt
 
Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012Symantec Virtualization Launch VMworld 2012
Symantec Virtualization Launch VMworld 2012
 
Cloud Security: Perception VS Reality
Cloud Security: Perception VS RealityCloud Security: Perception VS Reality
Cloud Security: Perception VS Reality
 
HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure HyTrust and VMware-Providing a Secure Virtual Infrastructure
HyTrust and VMware-Providing a Secure Virtual Infrastructure
 
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
Secure Your Virtualized Environment. Protection from Advanced Persistent Thre...
 
Symantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility StrategySymantec Advances Enterprise Mobility Strategy
Symantec Advances Enterprise Mobility Strategy
 
How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.How Adopting the Cloud Can Improve Your Security.
How Adopting the Cloud Can Improve Your Security.
 
Backup2013 - Barracuda Networks
Backup2013 - Barracuda NetworksBackup2013 - Barracuda Networks
Backup2013 - Barracuda Networks
 
Safe Net: Cloud Security Solutions
Safe Net: Cloud Security SolutionsSafe Net: Cloud Security Solutions
Safe Net: Cloud Security Solutions
 

Similaire à Securing a public cloud infrastructure : Windows Azure

Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroGraeme Wood
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudGraeme Wood
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesCloudPassage
 
The Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated IndustriesThe Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industriesdirkbeth
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsKannan Subbiah
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntelAPAC
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...Novell
 
Smartronix - Building Secure Applications on the AWS Cloud
Smartronix - Building Secure Applications on the AWS CloudSmartronix - Building Secure Applications on the AWS Cloud
Smartronix - Building Secure Applications on the AWS CloudAmazon Web Services
 
PCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitecturePCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitectureHyTrust
 
Extending your Data Centre with AWS Sydney Customer Appreciation Day
Extending your Data Centre with AWS Sydney Customer Appreciation DayExtending your Data Centre with AWS Sydney Customer Appreciation Day
Extending your Data Centre with AWS Sydney Customer Appreciation DayAmazon Web Services
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOpenStorageSummit
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudScientia Groups
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk managementAEC Networks
 
451 Research Client Event Nov 10
451 Research Client Event Nov 10451 Research Client Event Nov 10
451 Research Client Event Nov 10stavvmc
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Amazon Web Services
 
Securing and Governing Cloud APIs
Securing and Governing Cloud APIsSecuring and Governing Cloud APIs
Securing and Governing Cloud APIsCA API Management
 

Similaire à Securing a public cloud infrastructure : Windows Azure (20)

Vmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend MicroVmware Seminar Security & Compliance for the cloud with Trend Micro
Vmware Seminar Security & Compliance for the cloud with Trend Micro
 
Vss Security And Compliance For The Cloud
Vss Security And Compliance For The CloudVss Security And Compliance For The Cloud
Vss Security And Compliance For The Cloud
 
What You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud GuidelinesWhat You Need To Know About The New PCI Cloud Guidelines
What You Need To Know About The New PCI Cloud Guidelines
 
The Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated IndustriesThe Move to the Cloud for Regulated Industries
The Move to the Cloud for Regulated Industries
 
SaaS Challenges & Security Concerns
SaaS Challenges & Security ConcernsSaaS Challenges & Security Concerns
SaaS Challenges & Security Concerns
 
null Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Securitynull Bangalore meet - Cloud Computing and Security
null Bangalore meet - Cloud Computing and Security
 
Intel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfeeIntel Cloud Summit: Greg Brown McAfee
Intel Cloud Summit: Greg Brown McAfee
 
17h30 aws enterprise_app_jvaria
17h30 aws enterprise_app_jvaria17h30 aws enterprise_app_jvaria
17h30 aws enterprise_app_jvaria
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
How to Implement Cloud Security: The Nuts and Bolts of Novell Cloud Security ...
 
Smartronix - Building Secure Applications on the AWS Cloud
Smartronix - Building Secure Applications on the AWS CloudSmartronix - Building Secure Applications on the AWS Cloud
Smartronix - Building Secure Applications on the AWS Cloud
 
PCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference ArchitecturePCI Compliance and Cloud Reference Architecture
PCI Compliance and Cloud Reference Architecture
 
Extending your Data Centre with AWS Sydney Customer Appreciation Day
Extending your Data Centre with AWS Sydney Customer Appreciation DayExtending your Data Centre with AWS Sydney Customer Appreciation Day
Extending your Data Centre with AWS Sydney Customer Appreciation Day
 
OSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal SternOSS Presentation Keynote by Hal Stern
OSS Presentation Keynote by Hal Stern
 
Enterprise Applications on AWS
Enterprise Applications on AWSEnterprise Applications on AWS
Enterprise Applications on AWS
 
Projecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the CloudProjecting Enterprise Security Requirements on the Cloud
Projecting Enterprise Security Requirements on the Cloud
 
F5 Networks: architecture and risk management
F5 Networks: architecture and risk managementF5 Networks: architecture and risk management
F5 Networks: architecture and risk management
 
451 Research Client Event Nov 10
451 Research Client Event Nov 10451 Research Client Event Nov 10
451 Research Client Event Nov 10
 
Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012Security and Privacy in the AWS Cloud - AWS India Summit 2012
Security and Privacy in the AWS Cloud - AWS India Summit 2012
 
Securing and Governing Cloud APIs
Securing and Governing Cloud APIsSecuring and Governing Cloud APIs
Securing and Governing Cloud APIs
 

Dernier

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDropbox
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdfSandro Moreira
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityWSO2
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Bhuvaneswari Subramani
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxRemote DBA Services
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfOrbitshub
 

Dernier (20)

DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Platformless Horizons for Digital Adaptability
Platformless Horizons for Digital AdaptabilityPlatformless Horizons for Digital Adaptability
Platformless Horizons for Digital Adaptability
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 

Securing a public cloud infrastructure : Windows Azure

  • 1.
  • 2.
  • 3.
  • 4.
  • 5.
  • 6. Saugatuck Insight: Saugatuck believes that many users will find that changes required in internal organization and politics for moving from dedicated to shared resources pose significant challenges to the adoption of Cloud Computing. Source: Saugatuck Technology Inc., 2009 Cloud Infrastructure Survey (Julne09), WW N=670
  • 7. Security Privacy Is your service secure? Are you HIPAA compliant? Are you ISO 27001 How do you ensure data certified? isolation? Questions Jurisdiction? Data retention? Have you ever had a service outage? Do you have an incident response plan? Do you have performance Do you have SAS Type II Report? SLA? Do you provide 24*7 support? Reliability Business Practice
  • 9.
  • 10. 10
  • 11. SaaS Software as a Service PaaS Platform as a Service IaaS Infrastructure as a Service Public Hybrid Private
  • 12. Tampering & Denial of Elevation of Spoofing Disclosure Service Privilege VLANs VM switch Top of Rack hardening Load-balanced Switches Partial Trust Infrastructure Certificate Runtime Custom packet Services Network filtering Hypervisor bandwidth Shared-Access custom Port Scanning/ throttling Signatures sandboxing Service Enumeration HTTPS Virtual Service Configurable Service Definition Accounts scale-out file, Windows Sidechannel Firewall, VM switch protections packet filtering
  • 13.
  • 14.
  • 15.
  • 16. Physical Attacks Central Admin On Servers Customer Admin Users Windows Azure Customer Tenant External Web Site
  • 17. Physical Attacks On Servers Customer Admin Users Windows Azure Customer Tenant
  • 18. Central Admin Windows Azure Customer Tenant
  • 19. Customer Admin Users Windows Azure Customer Tenant
  • 20. Users Windows Azure Customer Tenant
  • 21. Customer Admin Windows Azure Customer Tenant
  • 22. Managed Code Access Security: partial trust Windows Account: running with least privileges Windows FW (VM): rules based on service model Virtual Machine: fixed CPU, memory, disk resources Root Partition Packet Filter: defense in depth against VM “jailbreaking” Network ACLs: dedicated VLANS for tenant nodes 22
  • 23.
  • 24.
  • 25. R G G G G G G G o u u u u u u u o e e e e e e e t s s s s s s s t t t t t t t V M V V V V V V V M M M M M M M Hypervisor Network/Disk
  • 26.
  • 27.
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35. World-Class Security Service security starts with the data center Data center within a data center Motion sensors 24×7 secured access Biometric controlled access systems Video camera surveillance Security breach alarms
  • 36.
  • 37. 1 .Windows Azure Security Overview 2. TechNet Webcast - Windows Azure Security - A Peek Under the Hood (Level 100) 3. MSDN Webcast - Security Talk - Using Windows Azure Storage Securely (Level 200) 4. Securing Microsoft's Cloud Infrastructure