Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice.

Published byRodney Neal Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice."— Presentation transcript:

1 Chapter 11 – Cloud Application Development

2 Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice. Chapter 10 2 Dan C. Marinescu

3 Motivation Some of the questions of interest to application developers:  How easy is it to use the cloud?  How knowledgeable should an application developer be about networking and security?  How easy is it to port an existing application to the cloud?  How easy is it to develop a new cloud application? The answers are different for the three cloud delivery models:  SaaS applications are designed for the end-users and are accessed over the Web; familiar with the API of a particular application is necessary  PaaS provides a set of tools and services designed to facilitate application coding and deploying.  IaaS provides the hardware and the software for servers, storage, networks, including operating systems and storage management software; the IaaS model poses the most challenges. Cloud Computing: Theory and Practice. Chapter 10 3 Dan C. Marinescu

4 A pyramid model of cloud computing paradigms; the infrastructure provides the basic resources, the platform adds an environment to facilitate the use of these resources, while software allows direct access to services. Cloud Computing: Theory and Practice. Chapter 10 4 Dan C. Marinescu

5 Connecting clients to instances through firewalls A firewall  a software system based on a set of rules for filtering network traffic; its function is to protect a computer in a local area network from unauthorized access. Firewalls  First generation  operated below the transport layer, and discarded packets based on the information in the headers of physical, data link, and network layer protocols.  Second generation  operate at the transport layer and maintain the state of all connections passing through them and opened the possibility of denial of service attacks.  Third generation  understand widely-used application layer protocols such as FTP, HTTP, TELNET, SSH, and DNS. These firewalls examine the header of application layer protocols and support intrusion detection systems (IDS). Cloud Computing: Theory and Practice. Chapter 10 5 Dan C. Marinescu

6 Firewalls screen incoming and sometimes outgoing traffic. The first obstacle encountered by the inbound or outbound traffic is a router firewall, the next one is the firewall provided by the host operating system; sometimes, the antivirus software provides a third line of defense. Cloud Computing: Theory and Practice. Chapter 10 6 Dan C. Marinescu

7 Connecting to a AWS instance A client must know the IP address of a virtual machine in the cloud, to be able to connect to it. A virtual machine running under EC2 has several IP addresses:  EC2 private IP address  the internal address of an instance; it is only used for routing within the EC2 cloud.  EC2 public IP address  network traffic originating outside the AWS network must use the public IP address or the elastic IP address of the instance. The public IP address is translated using the Network Address Translation (NAT) to the private IP address when an instance is launched and it is valid until the instance is terminated. Traffic to the public address is forwarded to the private IP address of the instance.  EC2 elastic IP address  the IP address allocated to an AWS account and used by traffic originated outside AWS. NAT is used to map an elastic IP address to the private IP address. Elastic IP addresses allow a cloud user to mask instance or availability zone failures by programmatically re-mapping a public IP addresses to any instance associated with the user's account. Cloud Computing: Theory and Practice. Chapter 10 7 Dan C. Marinescu

Download ppt "Chapter 11 – Cloud Application Development. Contents Motivation. Connecting clients to instances through firewalls. Cloud Computing: Theory and Practice."

Similar presentations

Firewalls By Tahaei Fall 2012. What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.

Firewalls By Tahaei Fall What is a firewall? a choke point of control and monitoring interconnects networks with differing trust imposes restrictions.
Final Presentation Topics 1) Firewalls 1) Firewalls 2) Virtual Private Networks 2) Virtual Private Networks 3) Secure Socket Layer 3) Secure Socket Layer.

Final Presentation Topics 1) Firewalls 1) Firewalls 2) Virtual Private Networks 2) Virtual Private Networks 3) Secure Socket Layer 3) Secure Socket Layer.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.

FIREWALLS. What is a Firewall? A firewall is hardware or software (or a combination of hardware and software) that monitors the transmission of packets.
FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.

FIREWALLS The function of a strong position is to make the forces holding it practically unassailable —On War, Carl Von Clausewitz On the day that you.
Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.

Network Security Topologies Chapter 11. Learning Objectives Explain network perimeter’s importance to an organization’s security policies Identify place.
Firewalls and Intrusion Detection Systems

Firewalls and Intrusion Detection Systems
Controlling access with packet filters and firewalls.

Controlling access with packet filters and firewalls.
NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.

NAT (Network Address Translator) Atif Karamat In the name of God the most merciful and the most compassionate.
Security Awareness: Applying Practical Security in Your World

Security Awareness: Applying Practical Security in Your World
Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.

Network Security. Network security starts from authenticating any user. Once authenticated, firewall enforces access policies such as what services are.
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.

FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. 6 Packet Filtering By Whitman, Mattord, & Austin© 2008 Course Technology.
1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.

1 Lecture 20: Firewalls motivation ingredients –packet filters –application gateways –bastion hosts and DMZ example firewall design using firewalls – virtual.
Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.

Firewalls Marin Stamov. Introduction Technological barrier designed to prevent unauthorized or unwanted communications between computer networks or hosts.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.

FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.

BY- NIKHIL TRIPATHI 12MCMB10.  What is a FIREWALL?  Can & Can’t in Firewall perspective  Development of Firewalls  Firewall Architectures  Some Generalization.
CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.

CS426Fall 2010/Lecture 361 Computer Security CS 426 Lecture 36 Perimeter Defense and Firewalls.
Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.

Packet Filtering. 2 Objectives Describe packets and packet filtering Explain the approaches to packet filtering Recommend specific filtering rules.
Intranet, Extranet, Firewall. Intranet and Extranet.

Intranet, Extranet, Firewall. Intranet and Extranet.
FIREWALL Mạng máy tính nâng cao-V1.

FIREWALL Mạng máy tính nâng cao-V1.

Similar presentations

Ads by Google