Are You Sure You Are Ready For The Cloud: Security

Cloud Security

For the last several months, we have been discussing ways to make sure you are ready for the next step in your IT evolution: Cloud.

When review the different steps of making sure you are ready, one that I have intentionally avoided was Security. I spoke to you about “Security of Business”, but not the actual securing of your cloud. It was a very simple reason why I did this: “No matter the IT environment, you must take precautions.

So, wanting to make sure we covered several of the other topics first (e.g. Design, Finance, Connectivity…), we move on to straight security. Although, isn’t that kind of an oxymoron statement? Why? Well, because security within an IT environment is multifaceted. It has move sides and needs than just simple authentication and authorization. And within and around a cloud, it is even more so. In the following example, I am going to use an onsite deployment scenario, and we can wade thru the levels one by one.

Perimeter Security

security

Lets start with our perimeter security. You have several layers, depending on your cloud management software. So, starting furthest from the center of your cloud, or in this case, we will call it a server Instance OS, we have the perimeter. This is normally a pair of firewalls setup in a fault tolerant or high availability (FT/HA) setup. It isn’t necessarily at the edge of your onsite cloud, in fact, most of the time it isn’t. It is at the edge of the datacenter, protecting all of it.

You have your firewalls at the perimeter, then, the next step down is probably another set of firewalls at the edge of the cloud. These firewalls should also be setup as FT/HA and restrict specific TCP/UDP ports traveling into and out of the cloud environment. But here, they may also divide up their responsibilities. They may provide protection for just the physical aspects of the cloud, which would be the Compute and Infrastructure nodes, or exposing an API interface from an internal port, they may provide protection for the virtual machines (VM) communicating to/from within or outside the cloud.

Security Tools

security-mail

Now, continuing on inside the cloud, and moving away from the physical infrastructure, your security becomes far more robust. Now, you will take advantage as things like LDAP or Microsoft AD for your user authentication and authorization at the VM level. Most cloud management tools also allow you to take advantage of other security tools, such as virtual firewalls, virtual edge routers and access to storage areas.

Now, lets spin it around and go back out away from your VMs. You have security in your OS. You then have it on each user based on either internal or external authentication and authorization. Then you go back through a possible virtual firewall and or an edge router. Then back through your physical kit. But remember, based on your cloud management software, you may have far more levels of security that is not based on the VMs or the physical routers and firewalls. Next month, we will dig into the SDN or Software Defined Network world of cloud.

By Richard Thayer

Answer To Everything.png
Hair Loss.png
Twitbook.png
Data Fallout.png
Oxylabs
A conversation with Aleksandras Šulženko – Product owner at Oxylabs.io In a global economy where change happens by the second, one of the best ways to keep up with industry information, including your competitors, is ...
Ramanan GV
Using Conversational AI In the era of speed and consistency, many service providers in the connectedness industry deal with a significant number of calls related to network outages. Their inability to predict these outages and ...
Gary Bernstein
Using Data to Gain Advantages Data collection is now omnipresent in every sector of the global economy. Several aspects of modern economic activity would not be possible without it, just as it would not be ...
The all-new Stellar Repair for MS SQL – an Efficient Tool to Fix SQL Database Corruption
Efficient Tool to Fix SQL Database Corruption SQL database corruption is not uncommon. There are many reasons for SQL database corruption, such as virus infection, bugs in the SQL Server, errors during updates, abrupt system ...
JK Chelladurai
Maintain telecom tax compliance The Telecommunications industry is one of the most heavily taxed service industries. In countries such as the United States, providers have to keep on top of Federal, State, and District taxes, ...