AWS Network Security Deep Dive: Providing Network Protection for AWS Cloud

Presented by

Randy Franklin Smith, Publisher, | Tim Woods, FireMon | Sanjay Raja, Lumeta

About this talk

Running workloads in the cloud makes provisioning and setup easier—just spin up a VM. But you might be surprised by how many firewalls you’ll end up with in the cloud if you follow best practices. Cloud providers are clear on this point. Amazon says, “Security and Compliance is a shared responsibility between AWS and the customer… The customer assumes responsibility and management of the guest operating system (including updates and security patches), other associated application software as well as the configuration of the AWS provided security group firewall.” In short, cloud security is in your court. In this deep dive into network security in the AWS cloud, some of the security features we’ll explore are: •Security groups — Act as a firewall for associated Amazon EC2 instances, controlling both inbound and outbound traffic at the instance level •Network access control lists — Act as a firewall for associated subnets, controlling both inbound and outbound traffic at the subnet level •Flow logs — Capture information about the IP traffic going to and from network interfaces in your VPC •AWS WAF — Provides firewall protection for web applications (Web Application Firewall) •AWS Firewall Manager — Provides centralized management of AWS WAF •VPC Peering Connections — Enables networking connection between two VPCs so that you can route traffic between them •VPC Endpoints — Enables users to connect with AWS services that are outside the VPC through a private link •AWS VPN Connections — Allows you to connect your Amazon VPC to remote networks via VPN •AWS Direct Connect — Serves as a dedicated, private connection from a remote network to your VPC We will help you understand how networking security works within the Amazon cloud and with connections to the outside world. We will also discuss the need to keep all this straight, understood, consistent and configure to reflect your security intent accurately.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (41)
Subscribers (3431)
FireMon delivers continuous security for hybrid enterprises through a powerful fusion of vulnerability management, continuous compliance and orchestration. Since creating the first-ever network security management solution, FireMon solutions have continued to deliver visibility into and control over complex network security infrastructure, policies and risk for more than 1,700 customers around the world.