16. Cloud Computing is ? - Network as a “cloud” - Network is the computer (SUN moto) - TCP/IP abstraction (1 st cloud) - www data abstraction (2 nd cloud) - Virtualization (3 rd cloud) Bottom line: - Virtualization done right, with webservices
17. Cloud Computing is ! - on-demand self-service - ubiquitous network access - location independent resource pooling - rapid elasticity and capacity - measured service - pay as you go - abstract resources
18.
19. CCaaS - Software as a Service - SalesForce - Platform as a Service - Google App Engine - Microsoft Azure - Infrastructure as a Service - Rackspace Mosso - Amazon Web Services
24. Only the paranoid survive! - Key issues trust, trust, multi-tenancy, trust, encryption, compliance - Massive complex systems running on functional units - Certification & Audit - Loss of physical control - Interoperability - Accountability
25. please, keep in mind that - Shared hell: - Hardware - Memory - Disks - NIC's (Virtual) - Cache Snooping - Hypervisor Attacks - Persistent Root Kits - Password Cracking - Broken or stolen key rings / authorization federation - Never ending logs
26.
27. Great things do come - Provisioning and fault tolerance - Rapid reconstitution of services - Storage fragmented - Security layers (auth, firewall, logging, …) - Network and Security perimeters - Virtual Zoning - Think it all over again
28.
29. Challenges - Data dispersal and international privacy laws - Isolation management & Multi-Tenancy - Certification (SAS 70 Type II audits and ISO 27001) - Data ownership - QoS & SLA's garantees - Secure Hypervisors - Credentials
30.
31.
32. Challenges - Massive outages - Service bottle necks; DNS as your best friend - Encryption needs cloud resources, applications, storage, services - Disaster recovery and contingency plans - If you have it on Auto mode, you won't see it coming - Honey for hackers
33.
34.
35.
36.
37. ToDo - Network with VPN and VLAN's - SLA's; read the fine prints - Backup and recover often; Risk assessment - Log (out of there) as if the world ended tomorrow - Plan for failure - YOU secure!!! Encrypt data before transmission!!! - Sandbox, Sandbox, Sandbox
38. You're not alone - Security Groups IBM; SUN Oracle ; Amazon; PCCA; ICCV - Cloud Security Alliance (awesome guide!!) - OpenCloud Manifesto & Amazon Security Paper - Cloud Computing ML at Google Groups - Legal Cloud's - Vivek Kundra - USA CTO, did it, so as Facebook, New York Times and Nasdaq (on AWS)
39.
40. Wrap up - Plan - Encrypt - Backup - Secure - Audit - Sandbox (check my sapo codebits talk) - http://codebits.sapo.pt/files/aws_23.pdf - Trust