Weitere ähnliche Inhalte Mehr von Lahav Savir (13) Kürzlich hochgeladen (20) Ultra secure cloud data center on aws1. Ultra Secure Data Center
on Amazon Cloud
Lahav Savir, Architect & CEO
Emind systems Ltd.
lahavs@emind.co
2. About
Lahav Savir
• 15+ years’ experience in on-line industry
• Architect and CEO @ Emind Systems
Emind Systems (est. 2006)
• Boutique system integrator
• 100+ AWS customers
• AWS solution provider
3. Amazon (AWS) Certification
Amazon Solution Provider
& Consulting Partner
https://aws.amazon.com/solution-providers/si/emind-systems-ltd
4. What is secure data center ?
• Isolated • User management
• Controlled – One time password
• Firewalled • Data encryption
• Secure access • Frequent updates
– VPN • Configuration analysis
– SSL • Regulatory compliance
• IDS & IPS • One spot for monitoring
• Antivirus – Centralized alerts
• Audited
6. Access Management
• Control the data flow
– AWS VPC
– ACL
– Routing
– Handle all in/out traffic
• Firewall
– Security groups
• Identity access management
– One-time-password
– AWS IAM with MFA
9. Traffic Control
• Log in / out traffic
• Terminate encrypted connection
• Sanitize in / out packets
– Real-time decisions
– Accept / reject connections
– Rate limiting
11. Anomalies detection
• Host-based IDS
– Detect configuration changes
– Track running processes
– Track file access
– Resource access
– Detect abnormal behavior !
• OS hardening
• App cleanup
15. Centralize the info
• Need to aggregate
– VPN access logs
– Traffic audit logs
– Network IDS logs
– Host IDS logs
– Anti virus logs
• Detect patterns
16. Security lifecycle management
• Ongoing discovery & analysis
– Access
– Traffic
– IDS
– Anti virus
– Encryption keys
• Act on analysis results
• Reveal and solve settings
• Make them all orchestrate together !
18. • goCloud – Emind’s optimal road to the cloud
– Secure cloud architecture
– Scalable & high-availability design
– Customized system deployment
– Orchestrating cloud and software
– Cloud operation team
– Monitoring and alerting
– 24x7 SLA