application security in the cloud - best practices
TRANSCRIPT
Application Security in the Cloud
Best Practices
May 20, 2010
Your Panel Today
Presenting:
Bernard Golden – CEO, HyperStratus
Steve Riley – Sr. Technical Program Manager, Amazon Web
Services
Michael Crandell – CEO, RightScale
Q&A line:
Tony Spataro – Security Specialist, RightScale
Andrew DeMille – Sr. Account Manager, RightScale
Please use the questions window to ask
questions anytime!
Agenda
Welcome
We‟re all in this Together
Overview of AWS Security
Overview of RightScale Security
Introduction to Security Best Practices for AWS
Q&A
Please use the questions window to ask
questions anytime!
Security Is The Biggest Issue
Slowing Cloud Deployment
Number one concern
Confusion: who‟s
responsible?
Lack of
guidance/best
practices
What You’ll Learn In
This Webinar
Application security: Six key
best practices areas
Techniques for layered &
application group security
Amazon: infrastructure and
security framework
RightScale: management to
automate security consistently
HyperStratus
In The Enterprise
World class education & consulting
Amazon & RightScale partner
Contributor to AWS practices & code
Proven methodologies
„6 Security Essentials‟
Security is a Shared
Responsibility
Integrates application with infrastructure
and management security framework
Implements consistent and
automated security practices
Best Practices
Security Framework
You
Traditional security model
Control
Secure Not secure
Ownership
Mine Not mine
Location
Here Not here
Layers of trust
Myhardware(root)
Mysoftware
Mypeople
Perimeters separate trusted (owned, local)from untrusted (other, remote)
The model is breaking
Control
Secure Not secure
Ownership
Mine Not mine
Location
Here Not here
Seriously?
The model is breaking
Control
Secure Not secure
Ownership
Mine Not mine
Location
Here Not here
Seriously?
New security model
Control
Encryption and
signatures
Service level
agreementsAuditable security
standards
Ownership vs. control
Ownershipnot required
To maintain control
LAN/WAN
• Pipe
• Data
VPN
• Data
On-premise
• Compute
• Storage
• Data
Cloud
• Data
Amazon EC2Amazon S3Amazon CloudFront
Amazon EC2Amazon S3Amazon CloudFront
Amazon S3Amazon SimpleDB
Amazon EBSAmazon RDS
Amazon EC2
++
++
++
Hypervisor layer
Physical interfaces
AWS firewall
Customer 1security groups
Customer 2security groups
Customer nsecurity groups
Customer 1virtual interfaces
Customer 2virtual interfaces
Customer nvirtual interfaces
Customer 1 Customer 2 Customer n…
…
…
AWS admins onlySSH via bastionsAudits reviewed
Customer onlyInbound flowsDefault deny
Customer onlySSH, ID/pw, X.509Root/admin control
0 0000 0
0 0 0 0 0
0 0 0 0 0
/ /// / /
/ / / / /
/ / / / /
Amazon EBS
all others
EC2
• EC2 ephemeral• Other services
Your corporate network
AmazonWeb ServicesCloud
Your VPC
Your corporate network
AmazonWeb ServicesCloud
Your VPC
Currently• EC2 on-demand and reserved• EBS• CloudWatch• Linux/Unix and Windows• US-East, EU-West
Upcoming• >1 router, >1 AZ• Outbound Internet• Elastic IPs• Elastic Load Balancing• Autoscaling• DevPay• Inter-subnet security groups
Compliance
Sarbanes-Oxley Act• Ongoing
HIPAA• Current customer deployments
• Whitepaper describes the specifics
SAS 70 type II• Complete
• Physical security, access controls, change management, operations
ISO 27001• In progress
Righ
tScaleRightScale Cloud Management Platform
RightScale Lifecycle Management
RightScale Security
Account Permissions
Resource Partitioning
Credential Management
Automation
Alerts and Monitoring
35
Management Structure for Separation of privileges
IT personnel have only the access they need to
perform their job function:
• “Designer” role: Developers and Testers
• “Observer” role: Managers, Support Reps, Auditors
• “Actor” role: Operations Personnel
Account Permissions
Best Practices: • Grant access only as required
to perform business function
• Especially limit Actor and
Admin privileges
• One user account per person
(no sharing)
Account Permissions
Resource Partitioning
Use two AWS/RS accounts; one for test/dev
and one for production
• Developers have unrestricted access to dev account
• Be more restrictive and granular with access to the
production account (only ops personnel, privileges only
as-needed)
Best Practices:
• When ServerTemplates are ready to deploy, share them
with your production account
• Ensures consistent testing and deployment procedures;
auditor-friendly access control rules
Resource Partitioning
Resource Partitioning
Allow Internet traffic
Allow cloud traffic
Security Groups
Credential Management
• Mediate users' consumption of cloud resources
• Input your AWS credential to the dashboard
• Ability to launch and bring down cloud resources ordained
through “Roles” given in RightScale
• Safeguard Application passwords
• With dashboard credentials users don‟t need to know passwords
RightScale Automation
• Security Patch Rollout
• Rolling out to all servers in deployment w/ push of button
• Inject key material into instances at boot time
• Use without ever storing it on disk
• Machine builds are consistent and auditable
25 Top Information Managers: 2010
Dave Powers, Eli Lilly & Co.
“Alongside the elastic cloud approach, Lilly is leveraging
RightScale's infrastructure management interface and
services against appliance/application stacks in a "vending
machine" concept that allows self-service to infrastructure and
up to three tiers of applications as needed.”
RightScale Alerts and Monitoring
Security Analytics
• Network bandwidth (Denial of Service)
• Disk/CPU usage (spam bot activity)
Intrusion Detection
• Alert when # logged-in users > 0
• Alert when network connections happen
Intrusion Prevention
• Escalate by unmounting encrypted volumes
• Escalate by shutting down machine or closing firewall
Alerts & Automation at work
Load exceeds threshold
Additional servers operational
Load drops below thresholdAdditional servers terminated
Security is a Shared
Responsibility
Integrates application with infrastructure
and management security framework
Implements consistent and
automated security practices
Best Practices
Security Framework
You
6 Crucial Areas
For Complete Security
1. Security groups
2. Key management
3. Network security
4. Storage protection
5. Intrusion detection
6. Application code management
Default Security Group Partitioning
Amazon Web Services
Web
Application
Storage
Default (22, 80, 8080, 3306)
Default (22, 80, 8080, 3306)
Default (22, 80, 8080, 3306)
Default
group is
closed
Default
overloading
Overloading
presents
security risk
A Better Option: Security Group
Partitioning By Application Role
Port 22
Single IP AddressPorts 80, 8080
Port 22
Single IP Address
Port 22
Single IP Address
Ports 80, 8080
Ports 3306, 8080
Ports 3306, 8080
Web
Application
Storage
Best Practice: Security Group
Partitioning By Application Stage
Dev Stage Production
Dev Sec Group
Dev Sec Group
Dev Sec Group
Stage Sec Group
Stage Sec Group
Stage Sec Group
Prod Sec Group
Prod Sec Group
Prod Sec Group
Amazon, Rightscale &
HyperStratus Together
Key to security is
thoroughness and consistency
AWS provides robust security
framework
RightScale automates and
implements consistency
Application applies security
practices to reduce risk
HyperStratus brings it all
together
Recommendations
Identify application security requirements
Understand AWS security framework
Define application security requirements
implemented and automated via RightScale
Integrate application security best practices with
RightScale and AWS security framework
Ensure application project management and IT
processes reinforce top-to-bottom security
architecture
Today’s Webinar Offer:Free “6 Security Essentials” Assessment
from Hyperstratus
Free for
30 days!
Compare your security to Cloud
Application Security Best Practices
Cover all six key areas
Only takes an hour
For more info:
www.hyperstratus.com/drupal/securitychecklist
Or call 925.209.4609
Q & A Free for
30 days!
Free “6 Security Essentials” Assessment
from Hyperstratus
www.hyperstratus.com/drupal/securitychecklist
Or call 925.209.4609
More information:
www.RightScale.com http://aws.amazon.com/
Webinar Recordings:
www. RightScale.com/Webinars
Thank You!