Defining Cloud Computing IT Resources and Services that Are Abstracted from the Underlying Infrastructure and Provided ―On Demand‖ and At Scale‖ in a Multitenant and Elastic Environment
A Style of Computing Where Massively Scalable IT-Enabled Capabilities Are Delivered ―As a Service‖ to Multiple External Customers Using Internet Technologies Source: Gartner “Defining and Describing an Emerging Phenomenon” June 2008
– Dynamic environment, static barriers are no longer sufficient – Resource preservation becomes critical – Compliance requirements – What about auditing? Solving these issues will force us to:
– Adapt our existing security models to this new world – Change how security is deployed – Dramatically change how we do security management!
Security issue #3: VM Security Equipment is Physical Wires and cables. Routers and switches. Servers on racks. Storage arrays and disks. Memory and CPUs. Machines stay put. Security is in place.
BEFORE
AFTER
?
? ?
?
?
Equipment is Virtual How do we watch the network? Where are VMs located?. Are they moving around? What’s our change control policy? Are VMs patched? Is the hypervisor secure? Who’s responsible for security?
Security issue #5: Moving to the Cloud Who Controls What? BEFORE
AFTER ?
? ?
? We Have Control It’s located at X It’s stored in server’s Y, Z We have backups in place Our admins control access Our uptime is sufficient The auditors are happy Our security team is engaged
?
Who Has Control? Where is it located? Where is it stored? Who backs it up? Who has access? How resilient is it? How is it audited? How does our security team engage?
Securing Clouds – Where to begin? As with any security area, organizations should adopt a risk-based approach to moving to the cloud and selecting security options (*)
– Identify the asset for the cloud deployment – Evaluate the asset – Map the asset to potential cloud deployment models – Evaluate potential cloud service models and providers – Sketch the potential data flow – Conclusion/Decison * Cloud Security Alliance Whitepaper v2.1
It’s Private ;-) You have control of everything You decide the security policy No need for total seperation of resources (some exceptions apply) – Need to secure virtual machines and services (see later) Can take existing Data Center security designs and adapt them to the Cloud Computing model, see also new updated Design Guides available on www.cisco.com/go/datacenter
–An attacker gaining unauthorized access to the hypervisor and taking control of the physical server and related virtual servers Rogue VMs
–Has a guest operating system been compromised? –Virtual Server Mobility Inter-VM traffic visibility and security
–Traffic between two virtual machines can flow across the bus inside the hosting physical server and not be required to be switched on an external network where traditional tools can be used
vnet adapters
Uplink Ports
Shared File system between VMs VMFS and VMotion
Virtual Machine LAN Security Be aware of security affinities DMZ Web Server
Application Server
Database Server
–Would you place all your applications on the same VLAN? Challenging troubleshooting and monitoring environment
!!
!!
!!
ESX vSwitch lacks ―standard‖ network functions
–No SNMP and Netflow instrumentation to monitor flows between VMs –No ACLs and PVLAN to limit inter-VM traffic –No SPAN to enable forensic analysis of inter-VM traffic Recommendation: Do not consolidate servers with unlike security affinities onto a single VLAN
– NetFlow is like a phone bill while Packet capture is like a wiretap This level of granularity allows NetFlow to scale for very large amounts of traffic
– We can see who’s talking to whom, over what protocols and ports, for how long, at what speed, for what duration, etc. – NetFlow is a form of telemetry pushed from the routers/switches — each one can be a sensor Note! NetFlow is replacing Syslog on high end devices
Layer 2 Security in virtual environments Virtual environments are usually implemented using Layer 2 technologies (VLAN) Opens up for L2 attacks which have already been solved using Port Security and Private VLAN’s in physical switches Examples (*):
What about applying Security services in a virtual environment?
Usually, virtual machines are associated with Security services like firewalls, load balancers and other security services How do we ensure that these services are still doing their job when VM’s are instantiated or are moved?
– Manual configuration – Full integration into virtual environments (virtualization of the services) – Automated configuration
Opsummering Cloud Computing is already happening and it is going through a enormous ‖hype‖ trend Security is struggling to keep up but if you manage to keep your head cool, it is actually possible to ensure proper security in Cloud environments Trust, SLA’s and the ability to assure compliance to customer requirements will become a major distinction factor between serious and non-serious Cloud Providers