This link has been bookmarked by 2 people . It was first bookmarked on 14 Dec 2009, by Krishnan Subramanian.
-
14 Dec 09
-
Security for cloud-based applications is actually a multifaceted problem, with distinct threats and responses for network security, operating system security, data security, and virtualization security
-
I have chosen to use an encrypted TCP port forwarding strategy to extend the customer’s network security envelope into the cloud. Specifically, I use an implementation of the ssh protocol that performs bi-directional TCP traffic forwarding across encrypted, compressed connections between cloud-based virtual instances and customer machines behind their corporate firewalls. The encryption strength is configurable, and is at least as secure as any corporate VPN encryption. This is another way of saying that it does not introduce any new network threats beyond what a customer already faces with their existing VPN technologies
-
For my enterprise application, I recommend that all ports except the ssh port (port 22) are to be blocked by firewall, patches are to be updated periodically and rolled into new virtual images, and antivirus software is to be installed; these measures collectively ensure that the virtual instances face no new OS-level threats beyond what a customer already faces with their existing hardware.
-
Would you like to comment?
Join Diigo for a free account, or sign in if you are already a member.