the practitioners guide to cloud security - cloud expo europe 2013
DESCRIPTION
In this presentation, Co-founder and CEO of Dome9 Zohar Alon will explain the need to: • Take responsibility for server security • Harden authentication • Use a Web Application Firewall (WAF) to protect web services, sites, and applications and monitor requests • Log and analyze insights • Lockdown and Automate Server Firewalls with Dome9TRANSCRIPT
Dome9 – Secure Your Cloud™ Dome9 – Secure Your Cloud™
CloudExpo Europe – London, January 2013
The Practitioners Guide to
Cloud Security
London, January 2013
Zohar Alon
@zoharalon
Co-Founder & CEO
Dome9 – Secure Your Cloud™
Me, and my company
Zohar Alon – Co-Founder & CEO Creator of Check Point’s Provider-1 & SP product lines Over 20 years of security & IT experience.
Cloud Server Security Management Automate and centralize security across an unlimited
number of cloud, dedicated, and virtual private servers
Dome9 – Secure Your Cloud™
What’s this?
Dome9 – Secure Your Cloud™
1 day and 86,000 attempts later…
Dome9 – Secure Your Cloud™
There are more than 30 million
Cloud, VPS & Dedicated Servers
Most of these servers are vulnerable to attack – Admins leave ports open to connect to their servers
– Hackers use these same open ports to gain access
Most of these servers’ security is unmanageable – Sprawled across multiple private & public clouds
– Operating systems are a virtual buffet
Most of the ‘available’ security doesn’t work – Service providers lack expertise & focus to build it
– Security vendors have business models that don’t fit
and/or technology that doesn’t migrate and scale
Dome9 – Secure Your Cloud™
Who’s responsible for security?
Dome9 – Secure Your Cloud™
The Practitioners Guide
• Most don’t know who’s responsible for cloud security – 42% say they wouldn’t know
if their cloud was hacked
– 39% think their provider would tell them
• Security is everybody’s responsibility – accept and share it!
• Security is your responsibility – Deal with it!
Part 1 – Responsibility
31%
36%
33%
Customer Provider Both
Who’s Responsible?
Ponemon Cloud Security Research Study
Dome9 – Secure Your Cloud™
The Practitioners Guide
• If Anyone can login consider Multi-Factor authentication to harden access
• Simple mobile app integration, w/ QR code support & SMS backup
Part 2 – Authentication
Dome9 – Secure Your Cloud™
Dome9 – Secure Your Cloud™
Dome9 – Secure Your Cloud™
The Practitioners Guide
• WAF: Web Application Firewall – Protects Web services, sites and applications
– Monitor the requests to the web layer
– Brute-force Login, Span Bots, SQL injections, etc.
• Easy to enable – No Install! – Provides added security layer w/o overhead
• Every Web App Will Use one – CloudFlare, Incapsula or Akamai
– Bonus I – site is faster
– Bonus II – DDOS mitigation capabilities
Part 3 - WAF
Dome9 – Secure Your Cloud™
The Practitioners Guide
• You saw how many insights we get from the logs. You need to store and analyze them.
• We use several vendors for this – each for a different use-case:
– Splunk & SplunkStorm
– SumoLogic
– Loggly
– LogEntries
Part 4 – Log
Dome9 – Secure Your Cloud™
The Practitioners Guide
• Take Control on your security policies – You do much more when it comes to the office firewall
• Close All (admin) Ports – Open Dynamically – Open them only for whom, and for as long as is needed.
• Don’t rely on static scopes – Too much management overhead and risk.
• Aggregate & Centralize firewall management – Across regions, providers and applications
• At Dome9, we eat our own dog food – On Amazon, Verison’s Terrermark and Rackspace
Part 5 – Firewall
Dome9 – Secure Your Cloud™
What happened here?
Dome9 – Secure Your Cloud™
Dome9: How it Works Automated Cloud Server Security
Manage OS firewall (via Agent) and virtual firewall (via API) across all cloud servers
Enable on-demand, time-based secure access leases per server, source & time Automatically close server
access when lease expires
Stop attackers from targeting open admin ports via brute force attacks and exploits
Dome9 – Secure Your Cloud™
Multi-Cloud Management
Time-Based Controls
1-Click Secure Access
Dome9 Central Simplified Security Management
Dome9 – Secure Your Cloud™
Wrap Up
① Take Responsibility
②Harden Authentication
③Use a Web Application Firewall
④ Log, Log, Log, Log, Log… and Analyze
⑤ Lockdown and Automate the Server Firewalls… with Dome9!
Dome9 – Secure Your Cloud™
Q&A
Dome9 – Secure Your Cloud™
References and Links
• Firewall Management Service:
– http://www.dome9.com/
– https://secure.dome9.com/account/register?code=ecommerce
• MyDigipass 2 Factor Authentication Service:
– https://www.mydigipass.com/
• Log Management Services:
– Splunk Storm Service - https://www.splunkstorm.com/
– Loggly - http://loggly.com/
– LogEntries - https://logentries.com/
• WAF Services:
– CloudFlare - https://www.cloudflare.com/
– Incapsula - http://www.incapsula.com/
• Cloud Security Study: http://www.dome9.com/wp-content/uploads/2011/11/Ponemon-Cloud-Security-Study.pdf