Sichere Netzwerke in der Cloud
|
|
|
- Kerry Harrison
- 6 years ago
- Views:
Transcription
1 Sichere Netzwerke in der Cloud Best Practices Justin Bradley, Solutions Architect 30. Juni , Amazon Web Services, Inc. or its Affiliates. All rights reserved.
2 What to expect from the session What is Amazon VPC VPC Toolkit Building your VPC Public vs Private Connectivity to your Data center Protecting your VPC Resources Moving Beyond a Single VPC Configuring logging and monitoring
3 AWS Global Infrastructure 12 Regions 33 Availability Zones 54 Edge Locations Region Edge Location
4 What is Amazon VPC
5 What is Amazon VPC? A private, isolated section of the AWS cloud A virtual network topology you can deploy and customize You have complete control of your networking Proven and well-understood networking concepts
6 Most simply put, it is a virtual data center you can build out and control on AWS!
7 VPC Toolbox
8 VPC components Amazon VPC customer gateway endpoints flow logs Route table Elastic IP Internet gateway router VPC NAT gateway AWS Direct Connect Subnet Elastic network interface VPN connection VPN gateway VPC peering
9 Building your VPC
10 VPCs span an entire region VPC CIDR: /16 Availability Zone A Availability Zone B
11 Subnets sit in a single Availability Zone VPC CIDR: /16 Subnet ( /24) Subnet ( /24) Availability Zone A Availability Zone B
12 Plan your VPC IP space before creating it Consider future AWS region expansion Consider future connectivity to your internal networks Consider subnet design VPC can be /16 down to /28 CIDR cannot be modified after creation Overlapping IP spaces = future headache
13 Add an Internet Gateway VPC CIDR: /16 Web (public) Subnet ( /24) Subnet ( /24) Availability Zone A Availability Zone B
14 Add an Internet Gateway VPC CIDR: /16 Route Table Destination Target /16 Local /0 Internet Gateway Web (public) Subnet ( /24) Subnet ( /24) Availability Zone A Availability Zone B
15 Add private subnets VPC CIDR: /16 PUBLIC PUBLIC Subnet ( /24) Subnet ( /24) PRIVATE PRIVATE Subnet ( /24) Subnet ( /24) Availability Zone A Availability Zone B
16 Add private subnets VPC CIDR: /16 Subnet ( /24) Web (public) Subnet ( /24) Web (public) Subnet ( /24) Database (private) Subnet ( /24) Database (private) Availability Zone A Availability Zone B
17 Add private subnets VPC CIDR: /16 Route Table Destination Target /16 Local /0 Web Subnet ( /24) (public) Internet Gateway Subnet ( /24) Web (public) Destination Route Table Target /16 Local Database Subnet ( /24) (private) Subnet ( /24) Database (private) Availability Zone A Availability Zone B
18 NAT Gateway VPC NAT gateway VPC CIDR: /16 Subnet ( /24) Web (public) Subnet ( /24) Web (public) Subnet ( /24) Database (private) Subnet ( /24) Database (private) Availability Zone A Availability Zone B
19 NAT Gateway VPC CIDR: /16 Route Table Destination Target /16 Local /0 Web Internet Gateway Subnet ( /24) (public) Subnet ( /24) Web (public) Route Table Destination Target /16 Local Database Subnet ( /24) /0 NAT Gateway (private) (ENI) Availability Zone A Subnet ( /24) Database (private) Availability Zone B
20 Connect to your data center Subnet ( /24) Subnet ( /24) /16 Subnet ( /24) Availability Zone A Subnet ( /24) Availability Zone B /16
21 Connect to your data center Subnet ( /24) Subnet ( /24) /16 Subnet ( /24) Availability Zone A Subnet ( /24) Availability Zone B /16 or
22 Connect to your data center Subnet ( /24) Subnet ( /24) Internal Server /16 Subnet ( /24) Availability Zone A Subnet ( /24) Availability Zone B /16 or
23 Connect to your data center Subnet ( /24) Subnet ( /24) Internal Server /16 Subnet ( /24) Availability Zone A Subnet ( /24) Availability Zone B /16 or
24 Connect to your data center Route Table Destination Target /16 Local /16 IGW Subnet ( /24) Subnet ( /24) Internal Server /16 Route Table Destination Target /16 Local /16 VPG Subnet ( /24) /0 NAT Gateway Availability Zone A or Subnet ( /24) Availability Zone B /16
25 Protecting your VPC resources
26 Protecting your VPC resources Network Linking Auditing VPN connection AWS Direct Connect VPC peering Endpoint Routing flow logs CloudTrail route table Public / Elastic IP Internet gateway endpoints
27 Protecting your VPC resources Network Linking Security Group Ingress/Egress Rules VPN connection AWS Direct Connect VPC peering Fleet 1 SG Fleet 2 SG Subnet ( /24) Endpoint Routing Network Access Control Lists App 1 SG App 2 SG route table Public / Elastic IP Internet gateway Subnet ( /24) Subnet ( /24)
28 Virtual Private Cloud Security Layers Availability Zone A Availability Zone B Lockdown at instance level Security Group Security Group Security Group Isolate network functions Subnet /24 Subnet /24 Lockdown at network level Network ACL Router Network ACL Route restrictively Routing Table Routing Table Virtual Private Gateway Internet Gateway
29 VPC Security Groups VPC (BuildABeer-VPC-1) HTTP GET Beer TCP(6) Port(80) NTP Buffer Overrun UDP(17) Port(123) security group (BuildABeer-SG-1)
30 Network ACL VPC (BuildABeer-VPC-1) HTTP GET Beer TCP(6) Port(80) HTTP GET Beer TCP(6) Port(80) srcip= security group (BuildABeer-SG-1)
31 Obfuscate - CloudFront VPC (BuildABeer-VPC-1) CloudFront Users Amazon Route 53
32 Hide n go seek ~>nslookup Server: Address: #53 Non-authoritative answer: canonical name = d3u9qbug2y23to.cloudfront.net. Name: d3u9qbug2y23to.cloudfront.net Address: <snip> Name: d3u9qbug2y23to.cloudfront.net Address:
33 Moving Beyond a Single VPC
34 Why have more than one? Application isolation Scope of audit containment (separate AWS Accounts) Risk level separation Separate production from non-production Multi-tenant isolation Business unit alignment
35 Growing your VPCs VPC A Web App VPC A Internal App VPC B Internal App VPC C Internal App VPC D Internal App VPC (N) Internal App HA Pair of VPN Endpoints
36 Connecting your VPCs (VPC Peering) Now, with VPC Peering, you can connect VPCs together within a Region without having to maintain all the VPN overhead. Peering creates a private network connection between any two VPCs in a region Including cross-account VPC Peering
37 Common Design Shared Services VPC Move shared services such as Active Directory, Logging and Monitoring to a shared services VPC VPC B /16 VPC C /16 VPC D /16 None of the other VPCs can send traffic directly to each other through VPC A (= app isolation) pcx-aaaabbbb pcx-aaaacccc VPC A /16 pcx-aaaadddd Only VPC A has direct network access to your data center via a VPN Security Groups and NACLs still apply /16
38 Common Design Shared Services VPC Route Table Route Tables Destination Target VPC A's route table /16 Local /16 pcx-aaaabbbb VPC B /16 VPC C /16 VPC D / /16 pcx-aaaacccc /16 pcx-aaaadddd pcx-aaaacccc /16 VPG1 VPC B's route table /16 Local /16 pcx-aaaabbbb VPC C's route table /16 Local pcx-aaaabbbb VPC A /16 pcx-aaaadddd /16 pcx-aaaacccc VPC D's route table /16 Local /16 pcx-aaaadddd /16
39 Simplify with AWS Direct Connect VPC B /16 VPC C /16 VPC D /16 VPC B /16 VPC C /16 VPC D /16 VPC B /16 VPC C /16 VPC D /16 pcx-aaaacccc pcx-aaaacccc pcx-aaaacccc pcx-aaaabbbb VPC A /16 pcx-aaaadddd pcx-aaaabbbb VPC A /16 pcx-aaaadddd pcx-aaaabbbb VPC A /16 pcx-aaaadddd AWS Direct Connect location Customer data center
40 Configuring logging and monitoring
41 Services AWS CloudTrail VPC Flow Logs
42 AWS CloudTrail
43 Introduction to AWS CloudTrail Amazon S3 bucket Store/ archive Amazon Elastic Block Store (Amazon EBS) Troubleshoot You are making API calls... On a growing set of AWS services around the world.. CloudTrail is continuously recording API calls Monitor and alarm
44 Use cases enabled by CloudTrail IT and security administrators can perform security analysis IT administrators and DevOps engineers can attribute changes on AWS resources to the identity, time and other critical details of who made the change DevOps engineers can troubleshoot operational issues IT auditors can use log files as a compliance aid See: Security at Scale: Logging in AWS White Paper
45 VPC Flow Logs
46 Dumping out the heavy hitter IP addresses #!/usr/bin/python3 import boto3 # Get the service resource logs = boto3.client( logs ) # Get the log groups groups = logs.describe_log_groups() for loggroup in groups[ loggroups ] : # Get the LogStream for each loggroup logstreamsdesc = logs.describe_log_streams(loggroupname=loggroup[ loggroupname ]) for logstream in logstreamsdesc[ logstreams ]: events_resp = logs.get_log_events(loggroupname=loggroup[ loggroupname ], logstreamname=logstream[ logstreamname ]) # Store each log entry by the src IP address ip_dict = {} for event in events_resp[ events ] : ip = event[cd message ].split()[4] if ip in ip_dict: ip_dict[ip] = ip_dict[ip] + 1 else : ip_dict[ip] = 1 for w in sorted(ip_dict, key=ip_dict.get, reverse=true): print ( {0:15} {1:8d}.format(w, ip_dict[w])) #Early exit exit()
47 Partners
48 Justin Bradley
Overview. AWS networking services including: VPC Extend your network into a virtual private cloud. EIP Elastic IP
Networking in AWS 2017 Amazon Web Services, Inc. and its affiliates. All rights served. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon Web Services,
Network Security & Access Control in AWS
Network Security & Access Control in AWS Ian Massingham, Technical Evangelist @IanMmmm 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Account Security Day One Governance Account
Creating Your Virtual Data Center
Creating Your Virtual Data Center VPC Fundamentals and Connectivity Options Giulio Soro, Sr. Solutions Architect AWS Antonio Sglavo, Head of Data Center Transformation - ENEL AWS Summit, 2016 2016, Amazon
AWS Networking Fundamentals
AWS Networking Fundamentals Tom Adamski Specialist Solutions Architect, AWS Traditional Network WAN VPN VPN Fiber Applications Applications AWS Network VPN WAN (AWS Direct Connect) VPN Fiber Applications
AWS Solutions Architect Associate (SAA-C01) Sample Exam Questions
1) A company is storing an access key (access key ID and secret access key) in a text file on a custom AMI. The company uses the access key to access DynamoDB tables from instances created from the AMI.
Getting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
MyIGW Main. Oregon. MyVPC /16. MySecurityGroup / us-west-2b. Type Port Source SSH /0 HTTP
MyIGW Main Oregon MyVPC 10.0.0.0/16 10.0.1.0/24 10.0.1.0 -- us-west-2a MySecurityGroup 10.0.2.0/24 10.0.2.0 -- us-west-2b MyWebServer1 MyDBServer DMZ MyInternetRouteTable 0.0.0.0/0 IGW Type Port Source
lab Highly Available and Fault Tolerant Architecture for Web Applications inside a VPC V1.01 AWS Certified Solutions Architect Associate lab title
lab lab title Highly Available and Fault Tolerant Architecture for Web Applications inside a VPC V1.01 Course title AWS Certified Solutions Architect Associate Table of Contents Contents Table of Contents...
Introduction to Cloud Computing
You will learn how to: Build and deploy cloud applications and develop an effective implementation strategy Leverage cloud vendors Amazon EC2 and Amazon S3 Exploit Software as a Service (SaaS) to optimize
Creating your Virtual Data Centre
Creating your Virtual Data Centre VPC Fundamentals and Connectivity Options Paul Burne, Senior Technical Account Manager, Enterprise Support - 28 th June 2017 2016, Amazon Web Services, Inc. or its Affiliates.
25 Best Practice Tips for architecting Amazon VPC
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Overview AWS Regions Availability Zones Shared Responsibility Security Features Best Practices
Understanding Perimeter Security
Understanding Perimeter Security In Amazon Web Services Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com Changing Your Perspective How do I securing my business applications in AWS? Moving
How to Install Forcepoint NGFW in Amazon AWS TECHNICAL DOCUMENT
How to Install Forcepoint NGFW in Amazon AWS TECHNICAL DOCUMENT Table of Contents TABLE OF CONTENTS... 1 TEST NETWORK DIAGRAM... 2 PREPARING YOUR VPC... 3 IP addressing... 3 Virtual Private Cloud (VPC)...
AWS Administration. Suggested Pre-requisites Basic IT Knowledge
Course Description Amazon Web Services Administration (AWS Administration) course starts your Cloud Journey. If you are planning to learn Cloud Computing and Amazon Web Services in particular, then this
Training on Amazon AWS Cloud Computing. Course Content
Training on Amazon AWS Cloud Computing Course Content 15 Amazon Web Services (AWS) Cloud Computing 1) Introduction to cloud computing Introduction to Cloud Computing Why Cloud Computing? Benefits of Cloud
Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content
Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content Introduction to Cloud Computing A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction
Cloud Computing /AWS Course Content
Cloud Computing /AWS Course Content 1. Amazon VPC What is Amazon VPC? How to Get Started with Amazon VPC Create New VPC Launch an instance (Server) to use this VPC Security in Your VPC Networking in Your
Creating Your Virtual Data Center
NET201 Creating Your Virtual Data Center VPC Fundamentals and Connectivity Options Becky Weiss, Principal Engineer, EC2 Networking October 2015 2015, Amazon Web Services, Inc. or its Affiliates. All rights
Amazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India
(AWS) Overview: AWS is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy various types of application in the cloud.
Amazon Web Services Hands- On VPC
Amazon Web Services Hands- On VPC Copyright 2011-2015, Amazon Web Services, All Rights Reserved Page 1 Table of Contents Overview... 3 Create a VPC... 3 VPC Object Walkthrough... 6 Your VPCs... 6 Subnets...
Amazon Web Services Training. Training Topics:
Amazon Web Services Training Training Topics: SECTION1: INTRODUCTION TO CLOUD COMPUTING A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction to Cloud Computing
PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : SAA-C01 Title : AWS Certified Solutions Architect - Associate (Released February 2018)
A Reference Design. VPN user access and VPC networking. Version Copyright Aviatrix Systems, Inc. All rights reserved.
A Reference Design VPN user access and VPC networking Version 08-16-2016 Copyright 2014-2016 Aviatrix Systems, Inc. All rights reserved. This reference design helps you build an end to end secure cloud
Crear un centro de datos virtual en AWS
Crear un centro de datos virtual en AWS Fundamentos de VPC y opciones de conectividad Damián Arregui, Solutions Architect, AWS Jueves 1ro de Junio 2016 2016, Amazon Web Services, Inc. or its Affiliates.
25 Best Practice Tips for architecting Amazon VPC. 25 Best Practice Tips for architecting Amazon VPC. Harish Ganesan- CTO- 8KMiles
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
Amazon Virtual Private Cloud. User Guide API Version
Amazon Virtual Private Cloud User Guide Amazon Web Services Amazon Virtual Private Cloud: User Guide Amazon Web Services Copyright 2012 Amazon Web Services LLC or its affiliates. All rights reserved. The
AWS Solution Architect Associate
AWS Solution Architect Associate 1. Introduction to Amazon Web Services Overview Introduction to Cloud Computing History of Amazon Web Services Why we should Care about Amazon Web Services Overview of
Compute - 36 PCPUs (72 vcpus) - Intel Xeon E5 2686 v4 (Broadwell) - 512GB RAM - 8 x 2TB NVMe local SSD - Dedicated Host vsphere Features - vsphere HA - vmotion - DRS - Elastic DRS Storage - ESXi boot-from-ebs
ActiveNET. #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD
ActiveNET #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD-500018 9848111288 activesurya@ @gmail.com wwww.activenetinformatics.com y Suryanaray yana By AWS Course Content 1. Introduction to Cloud
Top 30 AWS VPC Interview Questions and Answers Pdf
Top 30 AWS VPC Interview Questions and Answers Pdf Top 30 AWS VPC Interview Questions and Answers Pdf AWS Certified Solutions Architect Begins the 30 Top Funding IT Certifications. Surely, AWS Architect
How to Deploy the Barracuda NG Firewall in an Amazon Virtual Private Cloud
How to Deploy the Barracuda NG Firewall in an Amazon Virtual Private Cloud The Barracuda NG Firewall can run as a virtual appliance in the Amazon cloud as a gateway device for Amazon EC2 instances in an
Networking in AWS. Carl Simpson Technical Architect, Zen Internet Limited
Networking in AWS Carl Simpson Technical Architect, Zen Internet Limited carl.simpson@zeninternet.co.uk About Me: About Me: Technical Architect Cloud & Hosting @ Zen Internet Limited About Me: Technical
Building a Modular and Scalable Virtual Network Architecture with Amazon VPC
Building a Modular and Scalable Virtual Network Architecture with Amazon VPC Quick Start Reference Deployment Santiago Cardenas Solutions Architect, AWS Quick Start Reference Team August 2016 (revisions)
Enroll Now to Take online Course Contact: Demo video By Chandra sir
Enroll Now to Take online Course www.vlrtraining.in/register-for-aws Contact:9059868766 9985269518 Demo video By Chandra sir www.youtube.com/watch?v=8pu1who2j_k Chandra sir Class 01 https://www.youtube.com/watch?v=fccgwstm-cc
Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN
Best Practices for Extending the WAN into AWS (IaaS) with SD-WAN Ariful Huq Product Management @arifulhuq & Rob McBride Marketing @digitalmcb Industry trends impacting networking Cloud Mobile Social 2
SAA-C01. AWS Solutions Architect Associate. Exam Summary Syllabus Questions
SAA-C01 AWS Solutions Architect Associate Exam Summary Syllabus Questions Table of Contents Introduction to SAA-C01 Exam on AWS Solutions Architect Associate... 2 AWS SAA-C01 Certification Details:...
Securing Microservices Containerized Security in AWS
Securing Microservices Containerized Security in AWS Mike Gillespie, Solutions Architect, Amazon Web Services Splitting Monoliths Ten Years Ago Splitting Monoliths Ten Years Ago XML & SOAP Splitting Monoliths
Configuring VPC Peering For AWS
Configuring VPC Peering For AWS Last updated: April 11, 2017 Systems, Inc. 411 High Street Palo Alto CA 94301 USA http://www.aviatrix.com Tel: +1 844.262.3100 Page 1 of 7 TABLE OF CONTENTS 1 Overview...3
Amazon Virtual Private Cloud. VPC Peering Guide
Amazon Virtual Private Cloud VPC Peering Guide Amazon Virtual Private Cloud: VPC Peering Guide Copyright 2017 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and
Amazon Virtual Private Cloud. Getting Started Guide
Amazon Virtual Private Cloud Getting Started Guide Amazon Virtual Private Cloud: Getting Started Guide Copyright 2017 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks
Amazon Web Services Course Outline
Amazon Web Services Course Outline Tr Real Time Trainers 100% Placement Assistance Small Training Batch Hands on Experience Certification Support Video Tutorials will be provided Life Time Support will
Amazon Web Services (AWS) Training Course Content
Amazon Web Services (AWS) Training Course Content SECTION 1: CLOUD COMPUTING INTRODUCTION History of Cloud Computing Concept of Client Server Computing Distributed Computing and it s Challenges What is
Amazon AWS-Solutions-Architect-Professional Exam
Volume: 392 Questions Question: 1 By default, Amazon Cognito maintains the last-written version of the data. You can override this behavior and resolve data conflicts programmatically. In addition, push
Amazon Virtual Private Cloud Deep Dive
Amazon Virtual Private Cloud Deep Dive Randall Hunt Developer Evangelist, AWS 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Related Presentations Videos online https://www.youtube.com/user/amazonwebservices
Amazon Virtual Private Cloud. VPC Peering
Amazon Virtual Private Cloud VPC Peering Amazon Virtual Private Cloud: VPC Peering Table of Contents What is VPC Peering?... 1 VPC Peering Basics... 1 VPC Peering Connection Lifecycle... 2 Multiple VPC
LINUX, WINDOWS(MCSE),
Virtualization Foundation Evolution of Virtualization Virtualization Basics Virtualization Types (Type1 & Type2) Virtualization Demo (VMware ESXi, Citrix Xenserver, Hyper-V, KVM) Cloud Computing Foundation
Amazon Virtual Private Cloud Deep Dive
Amazon Virtual Private Cloud Deep Dive Steve Seymour, Solutions Architect, Networking Specialist 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved aws vpc -expert-mode Topics today
Cloud Security Strategy - Adapt to Changes with Security Automation -
SESSION ID: CMI-F03 Cloud Security Strategy - Adapt to Changes with Security Automation - Hayato Kiriyama Security Solutions Architect Amazon Web Services Japan K.K. @hkiriyam1 Agenda New Normal of Security
AWS Landing Zone. AWS User Guide. November 2018
AWS Landing Zone AWS User Guide November 2018 Copyright (c) 2018 by Amazon.com, Inc. or its affiliates. AWS Landing Zone User Guide is licensed under the terms of the Amazon Software License available
Look Who s Hiring! AWS Solution Architect AWS Cloud TAM
Look Who s Hiring! AWS Solution Architect https://www.amazon.jobs/en/jobs/362237 AWS Cloud TAM https://www.amazon.jobs/en/jobs/347275 AWS Principal Cloud Architect (Professional Services) http://www.reqcloud.com/jobs/701617/?k=wxb6e7km32j+es2yp0jy3ikrsexr
Best Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ
Best Practices for Cloud Security at Scale Phil Rodrigues Security Solutions Architect Web Services, ANZ www.cloudsec.com #CLOUDSEC Best Practices for Security at Scale Best of the Best tips for Security
Pass4test Certification IT garanti, The Easy Way!
Pass4test Certification IT garanti, The Easy Way! http://www.pass4test.fr Service de mise à jour gratuit pendant un an Exam : SOA-C01 Title : AWS Certified SysOps Administrator - Associate Vendor : Amazon
Virtual Private Cloud. User Guide. Issue 21 Date HUAWEI TECHNOLOGIES CO., LTD.
Issue 21 Date 2018-09-30 HUAWEI TECHNOLOGIES CO., LTD. Copyright Huawei Technologies Co., Ltd. 2018. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any
AWS Networking & Hybrid Cloud Connectivity
AWS Networking & Hybrid Cloud Connectivity Gold Coast AWS User Group Nov 2015 Kent Plummer - VPN Solutions Managed Private IP Networks for Business vpnsolutions.com.au AWS Networking & Hybrid Cloud Connectivity
Security Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security Aspekts on Services for Serverless Architectures Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Security in General Services in Scope Aspects of Services for
High School Technology Services myhsts.org Certification Courses
AWS Associate certification training Last updated on June 2017 a- AWS Certified Solutions Architect (40 hours) Amazon Web Services (AWS) Certification is fast becoming the must have certificates for any
Introduction to AWS GoldBase. A Solution to Automate Security, Compliance, and Governance in AWS
Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS September 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
Security & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
Configuring AWS for Zerto Virtual Replication
Configuring AWS for Zerto Virtual Replication VERSION 1 MARCH 2018 Table of Contents 1. Prerequisites... 2 1.1. AWS Prerequisites... 2 1.2. Additional AWS Resources... 3 2. AWS Workflow... 3 3. Setting
Deploy the Firepower Management Center Virtual On the AWS Cloud
Deploy the Firepower Management Center Virtual On the AWS Cloud Amazon Virtual Private Cloud (Amazon VPC) enables you to launch Amazon Web Services (AWS) resources into a virtual network that you define.
2013 AWS Worldwide Public Sector Summit Washington, D.C.
Washington, D.C. VPC Construction Nathan McCourtney Senior Consultant, Professional Services What is a Amazon Virtual Private Cloud (VPC)? A virtual private cloud (VPC) is a virtual network that closely
Pexip Infinity and Amazon Web Services Deployment Guide
Pexip Infinity and Amazon Web Services Deployment Guide Contents Introduction 1 Deployment guidelines 2 Configuring AWS security groups 4 Deploying a Management Node in AWS 6 Deploying a Conferencing Node
KillTest *KIJGT 3WCNKV[ $GVVGT 5GTXKEG Q&A NZZV ]]] QORRZKYZ IUS =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX
![KillTest *KIJGT 3WCNKV[ $GVVGT 5GTXKEG Q&A NZZV ]]] QORRZKYZ IUS =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX](/thumbs/89/98477196.jpg "KillTest *KIJGT 3WCNKV[ $GVVGT 5GTXKEG Q&A NZZV ]]] QORRZKYZ IUS =K ULLKX LXKK [VJGZK YKX\OIK LUX UTK _KGX")
KillTest Q&A Exam : AWS-SysOps Title : AWS Certified SysOps Administrator Associate Version : Demo 1 / 4 1.A user has created photo editing software and hosted it on EC2. The software accepts requests
AWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
Security & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
AWS EC2 & VPC CRASH COURSE WHITNEY CHAMPION
AWS EC2 & VPC CRASH COURSE WHITNEY CHAMPION BEFORE WE START Prereqs AWS account SSH client Mac - Terminal, Royal TSX, Termius Windows - mremote https://mremoteng.org/download http://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html
Cloud security 2.0: Joko nyt pilveen voi luottaa?
Cloud security 2.0: Joko nyt pilveen voi luottaa? www.nordcloud.com 11 04 2017 Helsinki 2 Teemu Lehtonen Senior Cloud architect, Security teemu.lehtonen@nordcloud.com +358 40 6329445 Nordcloud Finland
VMware Cloud on AWS. A Closer Look. Frank Denneman Senior Staff Architect Cloud Platform BU
VMware Cloud on AWS A Closer Look Frank Denneman Senior Staff Architect Cloud Platform BU Speed is the New Currency Cloud Computing We are in the 3 rd fundamental structural transition in the history of
AWS Security. Stephen E. Schmidt, Directeur de la Sécurité
AWS Security Stephen E. Schmidt, Directeur de la Sécurité 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express
Advanced CSR Lab with High Availability and Transit VPC
Advanced CSR Lab with High Availability and Transit VPC Fan Yang, Cisco, Engineer, Technical Marketing Nikolai Pitaev, Cisco, Engineer, Technical Marketing LTRVIR-3004 Agenda Slides (30 Min.): CSR 1000V
Oracle WebLogic Server 12c on AWS. December 2018
Oracle WebLogic Server 12c on AWS December 2018 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
Securely Access Services Over AWS PrivateLink. January 2019
Securely Access Services Over AWS PrivateLink January 2019 Notices This document is provided for informational purposes only. It represents AWS s current product offerings and practices as of the date
We are ready to serve Latest IT Trends, Are you ready to learn? New Batches Info
We are ready to serve Latest IT Trends, Are you ready to learn? New Batches Info START DATE : TIMINGS : DURATION : TYPE OF BATCH : FEE : FACULTY NAME : LAB TIMINGS : Storage & Database Services : Introduction
Sangoma VM SBC AMI at AWS (Amazon Web Services)
Sangoma VM SBC AMI at AWS (Amazon Web Services) SBC in a Cloud Based UC/VoIP Service. One of the interesting use cases for Sangoma SBC is to provide VoIP Edge connectivity between Softswitches or IPPBX's
AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS
AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS suneys@amazon.com AWS Core Infrastructure and Services Traditional Infrastructure Amazon Web Services Security Security Firewalls ACLs
Configuring High Availability
This section contains the following topics: Information about High Availability, on page 1 Error Messages for Amazon Web Services High Availability, on page 3 How to Configure High Availability, on page
Monitoring Serverless Architectures in AWS
Monitoring Serverless Architectures in AWS The introduction of serverless architectures is a positive development from a security perspective. Splitting up services into single-purpose functions with well-defined
Emulating Lambda to speed up development. Kevin Epstein CTO CorpInfo AWS Premier Partner
Emulating Lambda to speed up development Kevin Epstein CTO CorpInfo AWS Premier Partner What is Lambda? Scalable, Highly Available, Stateless, event driven computing Fully managed runtime environment Python
Filters AWS CLI syntax, 43 Get methods, 43 Where-Object command, 43
Index Symbols AWS Architecture availability zones (AZs), 3 cloud computing, 1 regions amazon global infrastructure, 2 Govcloud, 3 list and locations, 3 services compute, 5 management, 4 monitoring, 6 network,
EdgeConnect for Amazon Web Services (AWS)
Silver Peak Systems EdgeConnect for Amazon Web Services (AWS) Dinesh Fernando 2-22-2018 Contents EdgeConnect for Amazon Web Services (AWS) Overview... 1 Deploying EC-V Router Mode... 2 Topology... 2 Assumptions
Confirmed VPN Privacy Audit and Open Watch Analysis Summary Report and Documentation
Confirmed VPN Privacy Audit and Open Watch Analysis Summary Report and Documentation November 21, 2018 Document Revision History Version Modification Date Author 1.0 Created Report Tue, Nov 20, 2018 Ryan
Remote Desktop Gateway on the AWS Cloud
Remote Desktop Gateway on the AWS Cloud Quick Start Reference Deployment Santiago Cardenas Solutions Architect, AWS Quick Start Team April 2014 Last update: June 2017 (revisions) This guide is also available
Hosting DesktopNow in Amazon Web Services. Ivanti DesktopNow powered by AppSense
Hosting DesktopNow in Amazon Web Services Ivanti DesktopNow powered by AppSense Contents Purpose of this Document... 3 Overview... 3 1 Non load balanced Amazon Web Services Environment... 4 Amazon Web
FortiMail AWS Deployment Guide
FortiMail AWS Deployment Guide FORTINET DOCUMENT LIBRARY http://docs.fortinet.com FORTINET VIDEO GUIDE http://video.fortinet.com FORTINET BLOG https://blog.fortinet.com CUSTOMER SERVICE & SUPPORT https://support.fortinet.com
EXPRESSCLUSTER X 3.3. HA Cluster Configuration Guide for Amazon Web Services (Windows) 10/03/2016 2nd Edition
EXPRESSCLUSTER X 3.3 HA Cluster Configuration Guide for Amazon Web Services (Windows) 10/03/2016 2nd Edition Revision History Edition Revised Date Description 1 01/29/2016 New manual 2 10/03/2016 Corresponds
The Orion Papers. AWS Solutions Architect (Associate) Exam Course Manual. Enter
AWS Solutions Architect (Associate) Exam Course Manual Enter Linux Academy Keller, Texas United States of America March 31, 2017 To All Linux Academy Students: Welcome to Linux Academy's AWS Certified
Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect. Amazon.com, Inc. and its affiliates. All rights reserved.
Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect Amazon.com, Inc. and its affiliates. All rights reserved. Learning about Cloud Computing with AWS What is Cloud Computing and
Mapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd
Berlin Mapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd AWS Compliance Display Cabinet Certificates: Programmes:
AWS_SOA-C00 Exam. Volume: 758 Questions
Volume: 758 Questions Question: 1 A user has created photo editing software and hosted it on EC2. The software accepts requests from the user about the photo format and resolution and sends a message to
Overlay Engine. VNS3 Plugins Guide 2018
Overlay Engine VNS3 Plugins Guide 2018 Table of Contents Introduction 3 Overlay Engine Detail 7 Running the Overlay Engine Plugin 12 Overlay Engine Best Practices 20 Restrictions/Limitations 22 Resources
EXPRESSCLUSTER X 4.0. HA Cluster Configuration Guide for Amazon Web Services (Linux) April 17, st Edition
EXPRESSCLUSTER X 4.0 HA Cluster Configuration Guide for Amazon Web Services (Linux) April 17, 2018 1st Edition Revision History Edition Revised Date 1st Apr 17, 2018 New Guide Description Copyright NEC
AWS Agility + Splunk Visibility = Cloud Success. Splunk App for AWS Demo. Laura Ripans, AWS Alliance Manager
AWS Agility + Splunk Visibility = Cloud Success Splunk App for AWS Demo Laura Ripans, AWS Alliance Manager Disruptive innovation and business transformation starts with data I HAVE BEEN GIVEN AN AWS ACCOUNT!!!
AWS Solution Architect (AWS SA)
AWS Solution Architect (AWS SA) From Length: Approx 4-5 weeks/40+ hours Audience: Students with or without IT experience or knowledge Student Location To students from around the world Delivery Method:
Standardized Architecture for PCI DSS on the AWS Cloud
AWS Enterprise Accelerator Compliance Standardized Architecture for PCI DSS on the AWS Cloud Quick Start Reference Deployment AWS Professional Services AWS Quick Start Reference Team May 2016 (last update:
OptiSol FinTech Platforms
OptiSol FinTech Platforms Payment Solutions Cloud enabled Web & Mobile Platform for Fund Transfer OPTISOL BUSINESS SOLUTIONS PRIVATE LIMITED #87/4, Arcot Road, Vadapalani, Chennai 600026, Tamil Nadu. India
VNS3 IPsec Configuration. VNS3 to Cisco ASA ASDM 5.2
VNS3 IPsec Configuration VNS3 to Cisco ASA ASDM 5.2 Site-to-Site IPsec Tunnel IPsec protocol allows you to securely connect two sites together over the public internet using cryptographically secured services.
About Intellipaat. About the Course. Why Take This Course?
About Intellipaat Intellipaat is a fast growing professional training provider that is offering training in over 150 most sought-after tools and technologies. We have a learner base of 600,000 in over
Building a Self-Defending Border. Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS
Building a Self-Defending Border Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS www.cloudsec.com #cloudsec Building A Defending Borders Protect Your Web-facing Workloads
Extending Enterprise Security to Multicloud and Public Cloud
Extending Enterprise Security to Multicloud and Public Cloud Paul Kofoid Sr. Consulting Engineer: Security & Cloud This statement of direction sets forth Juniper Networks current intention and is subject