Previously, we discussed in very high level about different threat vectors which enterprises need to be able to address cloud services problems and using Skyhigh to address those problems. The role of IT is changing from provider to enabler and service broker. We want to remove the stigma of Shadow IT which implies people are doing something … Continue reading Skyhigh Cloud Security Part2: Let There be Light
I believe we all agree cloud adoption grows exponentially at 2015. We can agree almost every businesses using cloud services - as a service in any form. Yet still the number one CIO's concern for cloud adoption is security according to various researchers and surveys. If the security is the number one concern of cloud … Continue reading Skyhigh Cloud Security Part 1: Let there be light
Security Challenge on Azure
There are few common security related questions when we start planning migration to Azure:
- How can we restrict the ingress and egress traffic on Azure ?
- How can we route the traffic on Azure ?
- Can we have Firewall kit, Intrusion Prevention System (IPS), Network Access Control, Application Control and Anti – Malware on Azure DMZ ?
This blog post intention is to answer above questions using following Azure features combined with Security Virtual Appliance available on Azure Marketplace:
- Azure Virtual Network (VNET)
- Azure Network Security Groups (NSGs)
- Azure Network Security Rule
- Azure Forced Tunelling
- Azure Route Table
- Azure IP Forwarding
- Barracuda NG Firewall available on Azure Marketplace
One of the most common methods of attack is The Script Kiddie / Skiddie / Script Bunny / Script Kitty. Script Kiddies attacks frequency is one of the highest frequency and still is. However the attacks have been evolved into something more…
View original post 1,023 more words
This blog post is the follow up and hopefully will provide more details for Amazonians attending Sydney AWS User Group running on 5th August 2015. We started the session with Ashley Madison story which inspired the title of the session: Life is Short Have an Affair when You get Hacked We don't know where the Ashley Madison … Continue reading Life is Short When You Get Hacked – Sydney AWS User Group
The cyber crime has taken a new landscape to the cloud. Many businesses have not taken notice the shared responsibility model when they start migrating their production and critical workloads to the cloud. I wrote a blog regarding this on Kloud blog. 2014 data breach has reached the highest point all time. Because of the public availability … Continue reading Offensive Security on AWS Part 1
At TechEd Europe 2014, Microsoft announced the General Availability of Network Security Groups (NSGs) which add security feature to Azure’s Virtual Networking capability. Network Security Groups provides Access Control on Azure Virtual Network and the feature that is very compelling from security point of view. NSG is one of the feature Enterprise customers have been waiting for. What … Continue reading Secure Azure Virtual Network and create DMZ on Azure VNET using Network Security Groups (NSG)
At TechEd Europe 2014, Microsoft announced the General Availability of Network Security Groups (NSG) which add security feature on Azure Virtual Network (VNET). The feature is very compelling from security point of view. NSG is one of the Azure security feature I always use everytime I design solution using Azure. I have blogged this last … Continue reading Secure Azure Virtual Network (VNET) and Create DMZ on Azure using Network Security Groups (NSG) – Azure Security Part II
Public Cloud is all about trust which security is key pillar to keep the customer trust. There is a misconception about Cloud Security. This post will be part of my Azure Security blog post series. In this series we will dispell some of the myths and discuss how to mitigate the risks. Based on Gartner 2014 survey, … Continue reading Secure Azure VM from day Zero with Azure Security Extension – Azure Security Part 1
Simple but important tips on your Amazon Instance. So You have deployed your Amazon Instance, checked. The Instance is running and when You try to RDP - Failed. You are confused and wondering why. Probably the answer is simple. You haven't allowed RDP Port on your instance. Really simple, Go to your Network and Security … Continue reading Allowed Inbound on Amazon Instance
It should be no surprise to anyone involved in IT especially in security operations and architecture that organizations have big plans for public cloud. What may be the surprise is, how quickly organizations plan to embrace public cloud for critical application deployment by this time next year. Based on the results of many site surveys, … Continue reading Public Cloud Security