Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.

Slides:

Advertisements

Similar presentations

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Advertisements

Final Presentation Topics 1) Firewalls 1) Firewalls 2) Virtual Private Networks 2) Virtual Private Networks 3) Secure Socket Layer 3) Secure Socket Layer.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Firewalls and Intrusion Detection Systems

Controlling access with packet filters and firewalls.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

Security Awareness: Applying Practical Security in Your World

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Intranet, Extranet, Firewall. Intranet and Extranet.

FIREWALL Mạng máy tính nâng cao-V1.

Firewalls Paper By: Vandana Bhardwaj. What this paper covers? Why you need a firewall? What is firewall? How does a network firewall interact with OSI.

Chapter 6: Packet Filtering

By : Himanshu Mishra Nimish Agarwal CPSC 624.  A system designed to prevent unauthorized access to or from a private network.  It must have at least.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Chapter 13 – Network Security

1 Chapter 6: Proxy Server in Internet and Intranet Designs Designs That Include Proxy Server Essential Proxy Server Design Concepts Data Protection in.

1 The Firewall Menu. 2 Firewall Overview The GD eSeries appliance provides multiple pre-defined firewall components/sections which you can configure uniquely.

OV Copyright © 2013 Logical Operations, Inc. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

11 SECURING YOUR NETWORK PERIMETER Chapter 10. Chapter 10: SECURING YOUR NETWORK PERIMETER2 CHAPTER OBJECTIVES  Establish secure topologies.  Secure.

OV Copyright © 2011 Element K Content LLC. All rights reserved. Network Security  Network Perimeter Security  Intrusion Detection and Prevention.

Firewalls Nathan Long Computer Science 481. What is a firewall? A firewall is a system or group of systems that enforces an access control policy between.

Access Control List (ACL)

1 Chapter 7: NAT in Internet and Intranet Designs Designs That Include NAT Essential NAT Design Concepts Data Protection in NAT Designs NAT Design Optimization.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

What is the cloud ? IT as a service Cloud allows access to services without user technical knowledge or control of supporting infrastructure Best described.

Packet Filtering COMP 423. Packets packets datagram To understand how firewalls work, you must first understand packets. Packets are discrete blocks of.

Network Security Chapter 11 powered by DJ 1. Chapter Objectives  Describe today's increasing network security threats and explain the need to implement.

Securing the Network Infrastructure. Firewalls Typically used to filter packets Designed to prevent malicious packets from entering the network or its.

Module 10: How Middleboxes Impact Performance

ITGS Network Architecture. ITGS Network architecture –The way computers are logically organized on a network, and the role each takes. Client/server network.

Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:

Overview of Firewalls. Outline Objective Background Firewalls Software Firewall Hardware Firewall Demilitarized Zone (DMZ) Firewall Types Firewall Configuration.

Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.

What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.

Launch Amazon Instance. Amazon EC2 Amazon Elastic Compute Cloud (Amazon EC2) provides resizable computing capacity in the Amazon Web Services (AWS) cloud.

COSC513 Final Project Firewall in Internet Security Student Name: Jinqi Zhang Student ID: Instructor Name: Dr.Anvari.

SYSTEM ADMINISTRATION Chapter 10 Public vs. Private Networks.

Also known as hardware/physi cal address Customer Computer (Client) Internet Service Provider (ISP) MAC Address Each Computer has: Given by NIC card.

Unit 2 Personal Cyber Security and Social Engineering Part 2.

1 CNLab/University of Ulsan Chapter 19 Firewalls  Packet Filtering Firewall  Application Gateway Firewall  Firewall Architecture.

Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.

Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.

FIREWALLS An Important Component in Computer Systems Security By: Bao Ming Soh.

FIREWALLS By k.shivakumar 08k81f0025. CONTENTS Introduction. What is firewall? Hardware vs. software firewalls. Working of a software firewalls. Firewall.

25/09/ Firewall, IDS & IPS basics. Summary Firewalls Intrusion detection system Intrusion prevention system.

Advanced Network Labs & Remote Network Agent

CompTIA Security+ Study Guide (SY0-401)

Computer Data Security & Privacy

Prepared By : Pina Chhatrala

Firewall – Survey Purpose of a Firewall Characteristic of a firewall

Introduction to Networking

Network Services, Cloud Computing, and Virtualization

CompTIA Security+ Study Guide (SY0-401)

Lecture # 7 Firewalls الجدر النارية. Lecture # 7 Firewalls الجدر النارية.

* Essential Network Security Book Slides.

Firewalls Purpose of a Firewall Characteristic of a firewall

Cloud Security AWS as an example.

Cloud Security AWS as an example.

CSCD 434 Spring 2019 Lecture 16 Firewalls.

Presentation transcript:

Chapter 11 – Cloud Application Development

Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice. Chapter 10 2 Dan C. Marinescu

Motivation Some of the questions of interest to application developers:  How easy is it to use the cloud?  How knowledgeable should an application developer be about networking and security?  How easy is it to port an existing application to the cloud?  How easy is it to develop a new cloud application? The answers are different for the three cloud delivery models:  SaaS applications are designed for the end-users and are accessed over the Web; familiar with the API of a particular application is necessary  PaaS provides a set of tools and services designed to facilitate application coding and deploying.  IaaS provides the hardware and the software for servers, storage, networks, including operating systems and storage management software; the IaaS model poses the most challenges. Cloud Computing: Theory and Practice. Chapter 10 3 Dan C. Marinescu

A pyramid model of cloud computing paradigms; the infrastructure provides the basic resources, the platform adds an environment to facilitate the use of these resources, while software allows direct access to services. Cloud Computing: Theory and Practice. Chapter 10 4 Dan C. Marinescu

Connecting clients to instances through firewalls A firewall  a software system based on a set of rules for filtering network traffic; its function is to protect a computer in a local area network from unauthorized access. Firewalls  First generation  operated below the transport layer, and discarded packets based on the information in the headers of physical, data link, and network layer protocols.  Second generation  operate at the transport layer and maintain the state of all connections passing through them and opened the possibility of denial of service attacks.  Third generation  understand widely-used application layer protocols such as FTP, HTTP, TELNET, SSH, and DNS. These firewalls examine the header of application layer protocols and support intrusion detection systems (IDS). Cloud Computing: Theory and Practice. Chapter 10 5 Dan C. Marinescu

Firewalls screen incoming and sometimes outgoing traffic. The first obstacle encountered by the inbound or outbound traffic is a router firewall, the next one is the firewall provided by the host operating system; sometimes, the antivirus software provides a third line of defense. Cloud Computing: Theory and Practice. Chapter 10 6 Dan C. Marinescu

Connecting to a AWS instance A client must know the IP address of a virtual machine in the cloud, to be able to connect to it. A virtual machine running under EC2 has several IP addresses:  EC2 private IP address  the internal address of an instance; it is only used for routing within the EC2 cloud.  EC2 public IP address  network traffic originating outside the AWS network must use the public IP address or the elastic IP address of the instance. The public IP address is translated using the Network Address Translation (NAT) to the private IP address when an instance is launched and it is valid until the instance is terminated. Traffic to the public address is forwarded to the private IP address of the instance.  EC2 elastic IP address  the IP address allocated to an AWS account and used by traffic originated outside AWS. NAT is used to map an elastic IP address to the private IP address. Elastic IP addresses allow a cloud user to mask instance or availability zone failures by programmatically re-mapping a public IP addresses to any instance associated with the user's account. Cloud Computing: Theory and Practice. Chapter 10 7 Dan C. Marinescu