Security Rules Are Enough For Cloud Instance's Security?

Tech giants like Google, Amazon, Microsoft etc are continuously working on the cloud computing platform and providing various services to users to make their job easy. If we talk about launching a web application on our own datacenter, we know that pain. Because we need to set up various tasks to launch a web application like:

1. Set up the VM.
2. Install server OS.
3. Set up the inbound and outbound rules
4. Users creation
5. Install the web server/application server and database server
6. Configure the web server and database server
7. Provide access to user
8. Deploy these web application code to server etc



It will take time to complete all above tasks, which can be 4 to 5 hours or if we take hosting, it may take 24 – 48 hours to launch our app and it may cost high as per requirements or resources. But these tasks can be done in a short time through Orchestration tools of cloud companies. Let’s talk about AWS orchestration service: AWS Cloudformation. AWS Cloudformation gives us the ability to model and provision the Infrastructure through the simple template files. In the template files, we just need to mention the Infrastructure resources that we need to launch for our web application. After that, Cloudformation will manage those resources as a single unit called Stack and take care of everything further. We can also see progress in stack’s console.

There is a service called Compute but Cloud providers gave a different name like AWS: EC2 or OCI: Compute or classic compute, but the functionality of this service is the same. With help of this service, we can launch VMs/Instances in a short time. We need to provide some configurations like:

1. Machine image
2. Network Configuration
3. Storage
4. Instance RAM & CPUs
5. Inbound & Outbound rules etc
6. SSH key and launch…:D

And in a few minutes, your instance will be up.



Now the question is “Security rules(Inbound & Outbound) are enough for Cloud instance’s security?”



I think no, because if we configure 22 port number for SSH and hackers got the public IP address of instance then it will be difficult to survive as they will start to access your instance through SSH and try every possibility to break your instance security to access that. They will start SSH attack every next second with different IPs. But we can survive for a time if we set up SSH keys to access the Instance because it is hard to break the keys.
But if Cloud providers found unusual traffic on your instance then Cloud providers will stop your services from their end even if your VM works fine. Obviously, this will take time and money to launch the new instance or maybe it will affect your users’ traffic. 

Now another question is “Are Cloud providers providing some solutions for instance security??”

Yes, Cloud providers provide the solutions for that like GuardDuty by AWS but those solutions will cost you. But if you don’t want to spend money on those services and want to secure your instance then these following steps will let you define some conditions or constraints:

1. Provide the passphrase in SSH key.
2. Integrate MFA(Multi-factor authentication) by using Authy or Google Authenticator.
3. Define the condition to prevent SSH attack like Block user after 3 invalid logins.
4. Allow a single user login at a time.
5. Making a non – sudo user to login using SSH

These above constraints/configurations will help you to prevent the SSH attacks. But these steps will work on Linux based instances.

If you are interested or looking for more information, please visit following URL:

http://www.itlearn360.com/self-paced-courses/cloud-instance-security/

For more information please reach us at training@itlearn360.com or call us at +1-800-543-5571


Source URL: http://www.itlearn360.com/security-rules-are-enough-for-cloud-instances-security/

Comments

Post a Comment

Popular posts from this blog

How To Learn Data Science In 8 Easy Steps

Image
Before starting the discussing on how to learn Data science & what are career paths, let’s talk what is data science? Data science is a buzzword but let me tell you it’s more than a buzzword it can take your career on to next level in very easy steps. It is a simple definition but must be easy to understand. But to become a Data Scientist, you have to learn 8 set of skill at-least and they are as follow: 1.Identifying Data And The Problem. 2.Programming Language 3.Database 4.Machine Learning 5.Visualization Tool 6.Big Data Basics 7.Problem Solving 8.Communication Skill ( Most Important) Yes! We know after reading this, you must be thinking how the hell it is easy it has a course itself in every point. Big Courses that is. Well, let us make a few points to make it easy for you. 1.Highest paying job 2.You don’t need all at once 3.You learn one by one each tool, Just learn and master it later 4.Communication… this part is most important which pe
Read more

Top 5 IT career options for NON-IT candidates

We all like to see some changes in our life for better career growth & for a better future. We look out the new job that can help us to build a good career as well as reduce the life load. A job with good pay is not enough for us, we also want a good environment, awesome teammates and appreciation & inspiration for good work. But it is hard to choose which job domains are good for us or in what skills we need expertise for a good career? We cannot compete in the job market with the only graduation. Besides, lack of skills you may lose a good job. We can find many short-term, affordable courses help us find a job. Besides, we should be able to choose the right domain, which can help us with long-term. The way, Organization are adopting IT services. It is generating jobs with decent pay in the IT industry with all things what we look in every job so we can wok there with a happy mind. But it is hard to Apart from the technical job, there are more career options In t
Read more

Why IT Certifications are Important to Launch Your Tech Career

Image
At this moment, Information technology is one of the fastest-growing industries. Jobseekers are trying to get their dream Job in IT industry whether they have IT background or they are from another education background(NOT-IT). Due to the fast changing and innovating mode of IT industry even professionals who are already in industry they have to adopt the new technologies, so they can have a positive impact on their career and earn good money obviously.  But the question is why job seekers are moving to the IT industry? 1. They can earn good money. 2. IT may be a challenging field, but once you adopt the things on what you are doing you will thrive not only in work but also in your personal life. 3. This gives you the opportunity to meet new colleagues and share ideas with them. 4. IT is a goal-oriented field, it constantly motivates you to achieve the highest standards. You will always learn new skills that can be challenging and this will increase your value
Read more