Crypto-Options on AWS. Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH
|
|
- Sydney Gardner
- 5 years ago
- Views:
Transcription
1 Crypto-Options on AWS Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH Amazon.com, Inc. and its affiliates. All rights reserved.
2 Agenda Theory Options
3 The Cryptographic Trinity Key Data Algorithm If you don t own all three parts of the solution, your data is not considered to be hard encrypted
4 In Region I:
5 In Region II: AWS DC AWS DC AWS DC AWS DC
6 Between Regions: Availability Zone Availability Zone Public Availability Zone Availability Zone Region DX Site Customer WAN DX Site Region
7 Summary Data in transit within an AZ might leave the building Data in transit between AZs will leave the building Data in transit between AWS Regions or between AWS and customer premises needs to be taken care of, too Whatever you do: Encrypt Your Data in Flight What about devices? Device decommissioning is a primary task for AWS This is fully compliant and audited No device leaves our DCs in a functional state People leaving a DC need to pass through a metal detector Let s discuss data at rest
8 Discussion Points Hard encryption might be excessive, for some purposes Find out where you need which kind of encryption map your view of risk and need Think about the lifetime of your data (example: German expiry of use of 3DES and resulting requirement for bulk data re-encryption with stronger algorithm ) Sometimes encryption is only there for Compliance reasons Work on your data classification Find balance between your obligation for executive care, cost and complexity
9 But: Getting Data at rest encrypted on AWS is so easy that you should consider a policy: All data need to be encrypted at rest!
10 AWS services and where we look into today: + Technology Partners Consulting Partners Ecosystem AWS Marketplace Elastic Beanstalk for Java, Node.js, Python, Ruby, PHP and.net Containers & Deployment (PaaS) OpsWorks CloudFormation IAM CloudTrail Cloud HSM CloudWatch Management & Administration Management Console APIs and SDKs Command Line Interface Analytics Application Services EMR Redshift Kinesis Data Pipeline CloudFront SNS SQS SES SWF WorkSpaces AppStream CloudSearch Networking VPC Direct Connect Route 53 Compute Storage MySQL, PostgreSQL Databases Oracle, SQL Server EC2 Elastic Load Balancer Auto Scaling S3 EBS Glacier Storage Gateway Import/Export RDS DynamoDB ElastiCache Regions Availability Zones Content Delivery POPs
11 AWS Key Management Service I Designed for Scalability and Throughput Uses bespoke AWS hardware + software Is a multi-tenant service Performs AES256 operations API for crypto command: Key Management Encryption / Decryption Customer selects MasterKey Data Key is transported via envelope encryption Data Key 1 Amazon S3 Object Customer Master Key(s) Data Key 2 Data Key 3 Data Key 4 Amazon EBS Volume Amazon Redshift Cluster AWS KMS Custom Application
12 AWS Key Management Service II Reference Architecture Encrypted Data Application or AWS Service Data Key + Encrypted Data Key AWS Key Management Service Master Key(s) in Customer s Account 1. Application or AWS service client requests an encryption key to use to encrypt data, and passes a reference to a master key under the account. 2. Client request is authenticated based on whether they have access to use the master key. 3. A new data encryption key is created and a copy of it is encrypted under the master key. 4. Both data key and encrypted data key are returned to the client. Data key is used to encrypt customer data and then deleted as soon as is practical. 5. Encrypted data key is stored for later use and sent back to AWS KMS when the source data needs to be decrypted.
13 S3 (normal mode) Data is sent to S3 encrypted S3 stores the data unencrypted Data travels unencrypted between AZs Enforce https: { } "Statement": [{ "Effect": "Deny, "Action": "s3:*", "Condition": { "Bool": { "aws:securetransport": false } }, "Resource": "arn:aws:s3:::bucket/*" ]}
14 S3 (server-side encryption) Data is sent to S3 encrypted S3 encrypts data with AWS owned key Data travels encrypted between AZs Data at rest is encrypted with AWS-owned key Enforce at-rest encryption: { "Statement":[{ "Sid":"DenyUnEncryptedObjectUploads", "Effect":"Deny", "Principal":"*", "Action":"s3:PutObject", "Resource":"arn:aws:s3:::YourBucket/*", "Condition":{ "StringNotEquals":{ "s3:x-amz-server-side-encryption":"aes256" } } } ] }
15 S3 (server-side, user key) Data is sent to S3 encrypted S3 encrypts data with customer key sent in request The key will be forgotten by AWS immediately Data travels encrypted between AZs Data at rest is encrypted with customer-owned key Customer needs to send key in GET request
16 IAM S3 (server-side, user key + KMS) Data is sent to S3 encrypted S3 encrypts data with key sent in request Data travels encrypted between AZs Data at rest is encrypted with customer-owned key Key remains in KMS KMS Object
17 S3 (client-side encryption) Client encrypts the data locally with local held key Data is sent to S3 encrypted Data travels encrypted between AZs Data at rest is encrypted with customer-owned key AWS never sees the key
18 EBS (normal mode) Instance sends data to volume via hypervisor module Module can encrypt or not, depending on customer choice Data travels to the disks and between datacentres, potentially unencrypted Data lives unencrypted on Disk
19 IAM EBS (server-side encryption) Instance sends encrypted data over hypervisor to volume Instance OS needs to support encryption Data travels encrypted to the disks and between datacentres Data lives encrypted on Disk AWS owns key/algorithm/data Included in scope of AWS SOC1 report KMS Volume
20 CloudHSM Tamper-Proof and Tamper-Evident Destroys its stored keys if under attack FIPS Level 2 certified Base position is to be a Keystore Can also be used to timestamp documents You can send data for encrypt / decrypt Key never leaves the HSM as cleartext Can be used by several commercial software products Can be used by API to access the HSM Needs to be backed-up (ideally to HSM on customer premises) Can (and should) be combined in HA clusters Is NOT a key management system but can work with some third-party ones Communicates via: PKCS#11 JCE Some applications need a plugin
21 Redshift can use CloudHSM When using CloudHSM Redshift gets cluster key from HSM Redshift generates a database key and encrypts it with the cluster key from the CloudHSM Redshift encrypts data with the database key Redshift supports re-encryption
22 RDS Crypto Support RDS / Oracle can use CloudHSM to store keys for Oracle Wallet So TDE can be HSM-backed RDS / MySQL, RDS / Postgres can use KMS to manage keys used to encrypt underlying EBS volumes So all tables are encrypted at rest Note that in-memory database contents (once the database has been unlocked) are cleartext RAM encryption is not something AWS has today, but it has been done in other contexts
23 VPC VGW Hardware IPsec termination points Data on the VPC side of the VGW is unprotected by the VGW (no re-encryption) If you need VPN termination with onward re-encryption, use EC2 instances with OpenSWAN or Cisco CRSs instead Uses pre-shared symmetric key The Key is a shared one between AWS and the customer Customer
24 Between Regions Public Availability Zone Availability Zone Availability Zone Region Customer WAN Custome r DC Availability Zone Region DX Site DX Site
25 Others Glacier Archives have always been encrypted this is entirely transparent to the user Glacier keys are AES256 AWS holds key/algorithm/data Route53 Supports signed zones ELB Supports SSL termination including onward re-encryption and customer choice of cipher suite (useful post-poodle) AWS holds keys/algorithm/data Unidirectional trust only (no certificate-based authentication of client to server) Import/Export Currently relies on Truecrypt shared secret between customer and AWS for exporting data Truecrypt has not been broken, but it is not longer maintained. Therefore import/export will choose another option
26 Bertram Dorn Amazon Web Services Germany GmbH Additional Ressources:
27
Werden Sie ein Teil von Internet der Dinge auf AWS. AWS Enterprise Summit 2015 Dr. Markus Schmidberger -
Werden Sie ein Teil von Internet der Dinge auf AWS AWS Enterprise Summit 2015 Dr. Markus Schmidberger - schmidbe@amazon.de Internet of Things is the network of physical objects or "things" embedded with
More informationAWS 101. Patrick Pierson, IonChannel
AWS 101 Patrick Pierson, IonChannel What is AWS? Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help
More informationAmazon Linux: Operating System of the Cloud
Amazon Linux: Operating System of the Cloud Chris Schlaeger Director, Kernel and Operating Systems Managing Director, Amazon Development Center Germany GmbH How did Amazon get into Cloud Computing? We
More informationCertificate of Registration
Certificate of Registration THIS IS TO CERTIFY THAT 2001 8th Ave, Seattle, WA 98121 USA operates AWS using IaaS model (Amazon CloudFront, Amazon Elastic Block Store (EBS), Amazon Elastic Compute Cloud
More informationSecurity Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security Aspekts on Services for Serverless Architectures Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Security in General Services in Scope Aspects of Services for
More informationProtecting Your Data in AWS. 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Protecting Your Data in AWS 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Encrypting Data in AWS AWS Key Management Service, CloudHSM and other options What to expect from this
More informationAWS Solution Architect Associate
AWS Solution Architect Associate 1. Introduction to Amazon Web Services Overview Introduction to Cloud Computing History of Amazon Web Services Why we should Care about Amazon Web Services Overview of
More informationMicroservices on AWS. Matthias Jung, Solutions Architect AWS
Microservices on AWS Matthias Jung, Solutions Architect AWS Agenda What are Microservices? Why Microservices? Challenges of Microservices Microservices on AWS What are Microservices? What are Microservices?
More informationSecurity on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Overview AWS Regions Availability Zones Shared Responsibility Security Features Best Practices
More informationAWS Security. Stephen E. Schmidt, Directeur de la Sécurité
AWS Security Stephen E. Schmidt, Directeur de la Sécurité 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express
More informationAmazon Web Services (AWS) Solutions Architect Intermediate Level Course Content
Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content Introduction to Cloud Computing A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction
More informationWhat s New at AWS? A selection of some new stuff. Constantin Gonzalez, Principal Solutions Architect, Amazon Web Services
What s New at AWS? A selection of some new stuff Constantin Gonzalez, Principal Solutions Architect, Amazon Web Services Speed of Innovation AWS Pace of Innovation AWS has been continually expanding its
More informationAmazon Web Services Training. Training Topics:
Amazon Web Services Training Training Topics: SECTION1: INTRODUCTION TO CLOUD COMPUTING A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction to Cloud Computing
More informationAbout Intellipaat. About the Course. Why Take This Course?
About Intellipaat Intellipaat is a fast growing professional training provider that is offering training in over 150 most sought-after tools and technologies. We have a learner base of 600,000 in over
More informationMapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd
Berlin Mapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd AWS Compliance Display Cabinet Certificates: Programmes:
More informationHigh School Technology Services myhsts.org Certification Courses
AWS Associate certification training Last updated on June 2017 a- AWS Certified Solutions Architect (40 hours) Amazon Web Services (AWS) Certification is fast becoming the must have certificates for any
More informationARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS
ARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS Dr Adnene Guabtni, Senior Research Scientist, NICTA/Data61, CSIRO Adnene.Guabtni@csiro.au EC2 S3 ELB RDS AMI
More informationArchitecting for HIPAA Security and Compliance on Amazon Web Services
Architecting for HIPAA Security and Compliance on Amazon Web Services June 2018 We welcome your feedback. Please share your thoughts at this link. 2018, Amazon Web Services, Inc. or its affiliates. All
More informationMicroservices Architekturen aufbauen, aber wie?
Microservices Architekturen aufbauen, aber wie? Constantin Gonzalez, Principal Solutions Architect glez@amazon.de, @zalez 30. Juni 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. AWS Service Drill Downs Mark Ryland Chief Solutions Architect, Worldwide Public Sector Deployment & Administration Application Services Compute Storage Database Networking AWS Global Infrastructure
More informationCloudHSM Deep-Dive. Dave Walker Specialised Solutions Architect Security/Compliance Amazon Web Services UK Ltd
CloudHSM Deep-Dive Dave Walker Specialised Solutions Architect Security/Compliance Amazon Web Services UK Ltd 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved CloudHSM Tamper-Proof
More informationAmazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect. Amazon.com, Inc. and its affiliates. All rights reserved.
Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect Amazon.com, Inc. and its affiliates. All rights reserved. Learning about Cloud Computing with AWS What is Cloud Computing and
More informationWhat s New at AWS? looking at just a few new things for Enterprise. Philipp Behre, Enterprise Solutions Architect, Amazon Web Services
What s New at AWS? looking at just a few new things for Enterprise Philipp Behre, Enterprise Solutions Architect, Amazon Web Services 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More informationDeliver High- quality Streaming Media Globally with AWS and Wowza
Deliver High- quality Streaming Media Globally with AWS and Wowza EC2 S3 CloudFront CloudFormation Agenda In this session you will learn how to: Quickly launch a virtual server on EC2 using AWS Marketplace
More informationSimple Security for Startups. Mark Bate, AWS Solutions Architect
BERLIN Simple Security for Startups Mark Bate, AWS Solutions Architect Agenda Our Security Compliance Your Security Account Management (the keys to the kingdom) Service Isolation Visibility and Auditing
More informationAmazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India
(AWS) Overview: AWS is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy various types of application in the cloud.
More informationAmazon Web Services (AWS) Training Course Content
Amazon Web Services (AWS) Training Course Content SECTION 1: CLOUD COMPUTING INTRODUCTION History of Cloud Computing Concept of Client Server Computing Distributed Computing and it s Challenges What is
More information4) An organization needs a data store to handle the following data types and access patterns:
1) A company needs to deploy a data lake solution for their data scientists in which all company data is accessible and stored in a central S3 bucket. The company segregates the data by business unit,
More information8/3/17. Encryption and Decryption centralized Single point of contact First line of defense. Bishop
Bishop Encryption and Decryption centralized Single point of contact First line of defense If working with VPC Creation and management of security groups Provides additional networking and security options
More informationAt Course Completion Prepares you as per certification requirements for AWS Developer Associate.
[AWS-DAW]: AWS Cloud Developer Associate Workshop Length Delivery Method : 4 days : Instructor-led (Classroom) At Course Completion Prepares you as per certification requirements for AWS Developer Associate.
More informationHow can you implement this through a script that a scheduling daemon runs daily on the application servers?
You ve been tasked with implementing an automated data backup solution for your application servers that run on Amazon EC2 with Amazon EBS volumes. You want to use a distributed data store for your backups
More informationGetting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
More informationEnroll Now to Take online Course Contact: Demo video By Chandra sir
Enroll Now to Take online Course www.vlrtraining.in/register-for-aws Contact:9059868766 9985269518 Demo video By Chandra sir www.youtube.com/watch?v=8pu1who2j_k Chandra sir Class 01 https://www.youtube.com/watch?v=fccgwstm-cc
More informationAWS Well Architected Framework
AWS Well Architected Framework What We Will Cover The Well-Architected Framework Key Best Practices How to Get Started Resources Main Pillars Security Reliability Performance Efficiency Cost Optimization
More informationCloud Computing. Amazon Web Services (AWS)
Cloud Computing What is Cloud Computing? Benefit of cloud computing Overview of IAAS, PAAS, SAAS Types Of Cloud private, public & hybrid Amazon Web Services (AWS) Introduction to Cloud Computing. Introduction
More informationAWS Data Security Security Update
AWS Data Security Security Update December 1 st 2015 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Security Agenda 1:00 pm AWS Security Overview + What s New 2:00 pm Network
More informationScaling on AWS. From 1 to 10 Million Users. Matthias Jung, Solutions Architect
Berlin 2015 Scaling on AWS From 1 to 10 Million Users Matthias Jung, Solutions Architect AWS @jungmats How to Scale? lot of results not the right starting point What is the right starting point? First
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationCloud Computing /AWS Course Content
Cloud Computing /AWS Course Content 1. Amazon VPC What is Amazon VPC? How to Get Started with Amazon VPC Create New VPC Launch an instance (Server) to use this VPC Security in Your VPC Networking in Your
More informationTraining on Amazon AWS Cloud Computing. Course Content
Training on Amazon AWS Cloud Computing Course Content 15 Amazon Web Services (AWS) Cloud Computing 1) Introduction to cloud computing Introduction to Cloud Computing Why Cloud Computing? Benefits of Cloud
More informationOverview of AWS Security - Database Services
Overview of AWS Security - Database Services June 2016 (Please consult http://aws.amazon.com/security/ for the latest version of this paper) 2016, Amazon Web Services, Inc. or its affiliates. All rights
More informationLINUX, WINDOWS(MCSE),
Virtualization Foundation Evolution of Virtualization Virtualization Basics Virtualization Types (Type1 & Type2) Virtualization Demo (VMware ESXi, Citrix Xenserver, Hyper-V, KVM) Cloud Computing Foundation
More informationThe Orion Papers. AWS Solutions Architect (Associate) Exam Course Manual. Enter
AWS Solutions Architect (Associate) Exam Course Manual Enter Linux Academy Keller, Texas United States of America March 31, 2017 To All Linux Academy Students: Welcome to Linux Academy's AWS Certified
More informationAWS Mobile Services 7/7/2014. Marco Argenti, Vice President
AWS Mobile Services 7/7/2014 Marco Argenti, Vice President Agenda AWS Overview AWS Mobile Services Overview Amazon Cognito Amazon Mobile Analytics Amazon SNS Pricing/Availability Q&A 7/7/2014 Slides not
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : SAA-C01 Title : AWS Certified Solutions Architect - Associate (Released February 2018)
More informationAWS Solutions Architect Exam Tips
AWS Solutions Architect Exam Tips This is not a brain dump! Questions and Answers are not given here, rather guidelines for further research, reviewing the Architecting on AWS courseware and AWS documentation.
More informationOracle WebLogic Server 12c on AWS. December 2018
Oracle WebLogic Server 12c on AWS December 2018 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationStartups and Mobile Apps on AWS. Dave Schappell, Startup Business Development Manager, AWS September 11, 2013
Startups and Mobile Apps on AWS Dave Schappell, Startup Business Development Manager, AWS September 11, 2013 The most radical and transformative of inventions are those that empower others to unleash their
More informationAWS Certifications. Columbus Amazon Web Services Meetup - February 2018
AWS Certifications Columbus Amazon Web Services Meetup - February 2018 Presenter: Andrew May Senior Solutions Architect & Cloud Solutions Lead @ Leading EDJE Java developer since 2000 2 ½ years AWS experience
More informationTestkingPass. Reliable test dumps & stable pass king & valid test questions
TestkingPass http://www.testkingpass.com Reliable test dumps & stable pass king & valid test questions Exam : AWS-Solutions-Architect- Associate Title : AWS Certified Solutions Architect - Associate Vendor
More informationMid-Atlantic CIO Forum
Mid-Atlantic CIO Forum Agenda Security of the Cloud Security In the Cloud Your Product and Services Roadmap (innovation) AWS and Cloud Services Growth and Expansion at AWS Questions & Discussion Shared
More informationAmazon AWS-Solution-Architect-Associate Exam
Volume: 858 Questions Question: 1 You are trying to launch an EC2 instance, however the instance seems to go into a terminated status immediately. What would probably not be a reason that this is happening?
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationAWS Certified Solutions Architect - Associate 2018 (SAA-001)
AWS Certified Solutions Architect - Associate 2018 (SAA-001) Amazon AWS Certified Solutions Architect Associate 2018 Dumps Available Here at: /amazon-exam/aws-certified-solutionsarchitect-associate-2018-dumps.html
More informationHPE Digital Learner AWS Certified SysOps Administrator (Intermediate) Content Pack
Content Pack data sheet HPE Digital Learner AWS Certified SysOps Administrator (Intermediate) Content Pack HPE Content Pack number Content Pack length Content Pack category Learn more CP017 20 Hours Category
More informationAWS Solutions Architect Associate (SAA-C01) Sample Exam Questions
1) A company is storing an access key (access key ID and secret access key) in a text file on a custom AMI. The company uses the access key to access DynamoDB tables from instances created from the AMI.
More informationAWS Administration. Suggested Pre-requisites Basic IT Knowledge
Course Description Amazon Web Services Administration (AWS Administration) course starts your Cloud Journey. If you are planning to learn Cloud Computing and Amazon Web Services in particular, then this
More informationCloud Solutions for Mobile Applications
Cloud Solutions for Mobile Applications Anssi Soinu Master s thesis May 2014 Information Technology ABSTRACT Tampere University of Applied Sciences Degree Programme in Information Technology Anssi Soinu:
More informationNetwork Security & Access Control in AWS
Network Security & Access Control in AWS Ian Massingham, Technical Evangelist @IanMmmm 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Account Security Day One Governance Account
More informationAWS Service Drill Downs
AWS Public Sector Jerusalem 19 Nov 2014! AWS Service Drill Downs Leo Zhadanovsky Senior Solu*ons Architect @leozh Deployment & Administration Application Services Compute Storage Networking Database AWS
More informationActiveNET. #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD
ActiveNET #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD-500018 9848111288 activesurya@ @gmail.com wwww.activenetinformatics.com y Suryanaray yana By AWS Course Content 1. Introduction to Cloud
More informationServerless Computing. Redefining the Cloud. Roger S. Barga, Ph.D. General Manager Amazon Web Services
Serverless Computing Redefining the Cloud Roger S. Barga, Ph.D. General Manager Amazon Web Services Technology Triggers Highly Recommended http://a16z.com/2016/12/16/the-end-of-cloud-computing/ Serverless
More informationSecurity by Design Running Compliant workloads in AWS
Security by Design Running Compliant workloads in 2015 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent
More informationAdditional Security Services on AWS
Additional Security Services on AWS Bertram Dorn Specialized Solutions Architect Security / Compliance / DataProtection AWS EMEA The Landscape The Paths Application Data Path Path Cloud Managed by Customer
More informationBetter, Faster, Stronger web apps with Amazon Web Services. Senior Technology Evangelist, Amazon Web Services
Better, Faster, Stronger web apps with Amazon Web Services Simone Brunozzi ( @simon ) Senior Technology Evangelist, Amazon Web Services (from the previous presentation) Knowledge starts from great questions.
More informationIntroduction to Cloud Computing
You will learn how to: Build and deploy cloud applications and develop an effective implementation strategy Leverage cloud vendors Amazon EC2 and Amazon S3 Exploit Software as a Service (SaaS) to optimize
More informationWelcome and Introductions. Belegu Rinon Imsand Matthias
Zürich Welcome and Introductions Belegu Rinon Imsand Matthias Agenda Agenda Agenda Introduction: Rinon Belegu Rinon Belegu Digicomp (Technical-Lead AWS and Veeam) Legendary IT (Owner) Certification: AWS
More informationAmazon Search Services. Christoph Schmitter
Amazon Search Services Christoph Schmitter csc@amazon.de What we'll cover Overview of Amazon Search Services Understand the difference between Cloudsearch and Amazon ElasticSearch Service Q&A Amazon Search
More informationAmazon AWS-DevOps-Engineer-Professional Exam
Volume: 173 Questions Question: 1 What method should I use to author automation if I want to wait for a CloudFormation stack to finish completing in a script? A. Event subscription using SQS. B. Event
More informationVMware, SQL Server and Encrypting Private Data Townsend Security
VMware, SQL Server and Encrypting Private Data Townsend Security 724 Columbia Street NW, Suite 400 Olympia, WA 98501 360.359.4400 Today s Agenda! Compliance, standards, and best practices! Encryption and
More informationAnalytics"in"the"Cloud"from"AWS
Analytics"in"the"Cloud"from"AWS January'10,'2017 "2016,"Amazon"Web"Services,"Inc."or"its"Affiliates."All"rights"reserved. AWS GovCloud (US) Global&Infrastructure Global&Infrastructure&of&AWS 17* Regions
More informationAWS cloud terminology
AWS cloud terminology AWS Cloud terminology Understand AWS cloud terminology of 71 services! Get acquainted with terms used in AWS world to start with your AWS cloud career! AWS i.e. Amazon Web Services
More information2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. Security, Compliance, and Governance on the AWS Cloud CJ Moses GM, Government Cloud Solutions AWS Platform Your Applications Management & Administration Identity & Access AWS IAM Identity
More informationTECHNICAL WORKBOOK. PCI Compliance in the AWS Cloud A NITIAN. Report Date: October 17, Jordan Wiseman, QSA
TECHNICAL WORKBOOK PCI Compliance in the AWS Cloud Report Date: October 17, 2016 Authors: Adam Gaydosh, QSA Jordan Wiseman, QSA A NITIAN COPYRIGHT Copyright 2016 by Anitian Corporation All rights reserved.
More informationMinfy MS Workloads Use Case
Contents Scope... 3 About Customer... 3 Use Case Description... 3 Technical Stack... 3 AWS Solution... 4 Security... 4 Benefits... 5 Scope This document provides a detailed use case study on Hosting GSP
More informationReactive Microservices Architecture on AWS
Reactive Microservices Architecture on AWS Sascha Möllering Solutions Architect, @sascha242, Amazon Web Services Germany GmbH Why are we here today? https://secure.flickr.com/photos/mgifford/4525333972
More informationAWS IoT Overview. July 2016 Thomas Jones, Partner Solutions Architect
AWS IoT Overview July 2016 Thomas Jones, Partner Solutions Architect AWS customers are connecting physical things to the cloud in every industry imaginable. Healthcare and Life Sciences Municipal Infrastructure
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More informationCLOUD AND AWS TECHNICAL ESSENTIALS PLUS
1 P a g e CLOUD AND AWS TECHNICAL ESSENTIALS PLUS Contents Description... 2 Course Objectives... 2 Cloud computing essentials:... 2 Pre-Cloud and Need for Cloud:... 2 Cloud Computing and in-depth discussion...
More informationAutomate best practices and operational health for your AWS resources with Trusted Advisor and AWS Health
Automate best practices and operational health for your AWS resources with Trusted Advisor and AWS Health Heitor Lessa, Solutions Architect @ AWS Stephen Gran, Senior Technical Architect @ Piksel June
More informationBest Practices and Performance Tuning on Amazon Elastic MapReduce
Best Practices and Performance Tuning on Amazon Elastic MapReduce Michael Hanisch Solutions Architect Amo Abeyaratne Big Data and Analytics Consultant ANZ 12.04.2016 2016, Amazon Web Services, Inc. or
More informationSAA-C01. AWS Solutions Architect Associate. Exam Summary Syllabus Questions
SAA-C01 AWS Solutions Architect Associate Exam Summary Syllabus Questions Table of Contents Introduction to SAA-C01 Exam on AWS Solutions Architect Associate... 2 AWS SAA-C01 Certification Details:...
More informationExpected Learning Outcomes Introduction To AWS
Introduction To AWS Expected Learning Outcomes Introduction To AWS Understand What Cloud Computing Is Discover Why Companies Are Adopting AWS Understand How AWS Can Help Your Explore AWS Services Apply
More informationAWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS
AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS suneys@amazon.com AWS Core Infrastructure and Services Traditional Infrastructure Amazon Web Services Security Security Firewalls ACLs
More informationAWS CloudHSM. User Guide
AWS CloudHSM User Guide AWS CloudHSM: User Guide Copyright 2018 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not be used in connection with
More informationWhat is Cloud Computing? What are the Private and Public Clouds? What are IaaS, PaaS, and SaaS? What is the Amazon Web Services (AWS)?
What is Cloud Computing? What are the Private and Public Clouds? What are IaaS, PaaS, and SaaS? What is the Amazon Web Services (AWS)? What is Amazon Machine Image (AMI)? Amazon Elastic Compute Cloud (EC2)?
More informationCompute - 36 PCPUs (72 vcpus) - Intel Xeon E5 2686 v4 (Broadwell) - 512GB RAM - 8 x 2TB NVMe local SSD - Dedicated Host vsphere Features - vsphere HA - vmotion - DRS - Elastic DRS Storage - ESXi boot-from-ebs
More informationArchitecting for Greater Security in AWS
Architecting for Greater Security in AWS Jonathan Desrocher Security Solutions Architect, Amazon Web Services. Guy Tzur Director of Ops, Totango. 2015, Amazon Web Services, Inc. or its affiliates. All
More informationVom Server bis zum WorkSpace: Windows Anwendungen auf AWS
Vom Server bis zum WorkSpace: Windows Anwendungen auf AWS Rolf Kersten, Business Development Manager, Amazon Web Services Germany GmbH AWS Web Day, 07. Juni 2016 Agenda Vom Server Why are customers running
More informationManage AWS Services. Cost, Security, Best Practice and Troubleshooting. Principal Software Engineer. September 2017 Washington, DC
Manage AWS Services Cost, Security, Best Practice and Troubleshooting Elias Haddad Peter Chen Principal Product Manager Principal Software Engineer September 2017 Washington, DC Agenda Challenges in Managing
More informationMonitoring Serverless Architectures in AWS
Monitoring Serverless Architectures in AWS The introduction of serverless architectures is a positive development from a security perspective. Splitting up services into single-purpose functions with well-defined
More informationDevOps Tooling from AWS
DevOps Tooling from AWS What is DevOps? Improved Collaboration - the dropping of silos between teams allows greater collaboration and understanding of how the application is built and deployed. This allows
More informationDyadic Enterprise. Unbound Key Control For Azure Marketplace. The Secure-As-Hardware Software With a Mathematical Proof
Dyadic Enterprise Unbound Key Control For Azure Marketplace The Secure-As-Hardware Software With a Mathematical Proof Unbound Key Control (UKC) is the first software-only key management and key protection
More informationServerless Architecture Hochskalierbare Anwendungen ohne Server. Sascha Möllering, Solutions Architect
Serverless Architecture Hochskalierbare Anwendungen ohne Server Sascha Möllering, Solutions Architect Agenda Serverless Architecture AWS Lambda Amazon API Gateway Amazon DynamoDB Amazon S3 Serverless Framework
More informationPracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam
PracticeDump http://www.practicedump.com Free Practice Dumps - Unlimited Free Access of practice exam Exam : AWS-Developer Title : AWS Certified Developer - Associate Vendor : Amazon Version : DEMO Get
More informationWho s Protecting Your Keys? August 2018
Who s Protecting Your Keys? August 2018 Protecting the most vital data from the core to the cloud to the field Trusted, U.S. based source for cyber security solutions We develop, manufacture, sell and
More informationAWS Storage Gateway. Not your father s hybrid storage. University of Arizona IT Summit October 23, Jay Vagalatos, AWS Solutions Architect
AWS Storage Gateway Not your father s hybrid storage University of Arizona IT Summit 2017 Jay Vagalatos, AWS Solutions Architect October 23, 2017 The AWS Storage Portfolio Amazon EBS (persistent) Block
More informationAmazon Web Services Course Outline
Amazon Web Services Course Outline Tr Real Time Trainers 100% Placement Assistance Small Training Batch Hands on Experience Certification Support Video Tutorials will be provided Life Time Support will
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationDeep Dive on Amazon Relational Database Service
Deep Dive on Amazon Relational Database Service Toby Knight - Manager, Solutions Architecture, AWS 28 June 2017 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What to expect Amazon
More information