A Secure Cloud-Computing Platform Azure Partner Architects| 4/11/2011 David McGhee | Windows Azure Platform Technical Specialist | Microsoft ANZ [email protected] | +61 413 746 120 MICROSOFT CONFIDENTIAL Page 1 Agenda What is Azure? Azure Security Operations & Monitoring Additional Learning /questions MICROSOFT CONFIDENTIAL Page 2 Generational Shift Technology Economic Centralized compute & storage, thin clients Optimized for efficiency due to high cost PCs and servers for distributed compute, storage, etc. Optimized for agility due to low cost Large DCs, commodity HW, scale-out, devices Order of magnitude better efficiency and agility MICROSOFT CONFIDENTIAL Business High upfront costs for hardware and software Perpetual license for OS and application software Pay as you go, and only for what you use Page 3 Cloud Impact NEW ECONOMICS Pay for what you use Lower and predictable costs Shift from capex and opex Accelerate speed to value REDUCED MANAGEMENT No patching, maintenance Faster deployment Robust multi-layered security Reliability and faulttolerance MICROSOFT CONFIDENTIAL INCREASED PRODUCTIVITY Latest software for users Internet collaboration Anywhere access Instant self-provisioning Page 4 IT as a Service Software as a Service (SaaS) Business Requirements End User Config Platform as a Service (PaaS) Application Logic Data Schema Infrastructure as a Service (IaaS) Operating System Disaster Recovery Virus Control Database Management Load Balancing Identity/Authorisation Middleware Hardware Network Storage MICROSOFT CONFIDENTIAL Page 5 The Windows Azure Platform Windows Azure is an internet-scale cloud services platform hosted in Microsoft data centers around the world, proving a simple, reliable and powerful platform for the creation of web applications and services. MICROSOFT CONFIDENTIAL Page 6 Customer Security Concerns from Cloud- The Inevitable Questions Privileged User Access Who are the people managing my data? Regulatory Compliance Is my Data Centre compliant with all international certifications? Data Location Does my provider obey local privacy requirements on behalf of their customers? Data Segmentation How is my data separated and secure from others in a shared cloud environment? Recovery How does my cloud service provider support me in the case of data failure? Investigating Support What measures are taken by my cloud provider, if illegal activity is found within the Data Centre? Long Term Viability How can I get my data back, if the company who owns the Data Centre is absorbed or collapses? MICROSOFT CONFIDENTIAL Page 7 Security and Compliance DATA CENTER FOUNDATION ROBUST SECURITY PROGRAMS MICROSOFT CONFIDENTIAL WINDOWS AZURE "privacy by default" Page 8 Data Center Management Security Management Threat & Vulnerability Management, Monitoring & Response Data Access Control & Monitoring, File/Data Integrity User Account Mgmt, Training & Awareness, Screening Application Host Internal Network Network perimeter Facility Secure Engineering (SDL), Access Control & Monitoring, Anti-Malware Access Control & Monitoring, Anti-Malware, Patch & Config Mgmt Dual-factor Auth, Intrusion Detection, Vulnerability scanning Edge Routers, Firewalls, Intrusion Detection, Vulnerability scanning Physical controls, video surveillance, Access Control North America North Central US Eastern Europe West Europe Europe Asia East Asia South Central US Page 9 MICROSOFT CONFIDENTIAL South Asia The Microsoft Security Development Lifecycle (SDL) Helping to protect customers by reducing the number and severity of software vulnerabilities prior to Release Executive commitment SDL a mandatory policy at Microsoft since 2004 Education Technology and Process MICROSOFT CONFIDENTIAL Ongoing Process Improvements Accountability Page 10 Data Data Application Host Host Network Network Physical Physical Microsoft Customer Application Customer Platform as a Service Security Model Platform as a Service On Premises MICROSOFT CONFIDENTIAL Page 11 Windows Azure Security Layers Layer Defences Data • Strong storage keys for access control • SSL support for data transfers between all parties Application • Front-end .NET code running under partial trust • Windows account with least privileges Host • Stripped down version of Windows Server 2008 OS • Host boundaries enforced by external hypervisor Network • Host firewall limiting traffic to VMs • VLANs and packet filters in routers Physical • World-class physical security • ISO 27001and SAS 70 Type II certification for data centre processes MICROSOFT CONFIDENTIAL Page 12 1 Physical – Tailored to run applications MICROSOFT CONFIDENTIAL Page 13 2 Network - Access Paths MICROSOFT CONFIDENTIAL Page 14 3 Host – Execution Environment • • • Customer code run on dedicated virtual machines (VMs) VMs isolated by a Hyper-V based hypervisor All access to network and disk is mediated by a “root” virtual machine 1, 2, 4 or 8 CPUs, up to 14GB of memory R Stripped down, hardened version of Windows Server 2008 o o t Three virtual hard disks Limited number of device drivers Network connectivity restricted using host firewall Hyper-V based hypervisor V M G G G G G G u u u u u u e e e e e e s s s s s s t t t t t t V V V V V V M M M M M M Hypervisor Network/Disk MICROSOFT CONFIDENTIAL Page 15 4 Application - Identity and Access Management Active Directory Use of Active Directory identities In the nextwith release Integration 3rd of and groups through federation AppFabric Access party systems through Control (ACS WS-* and Services SAML 2.0 Enable seamless access 2.0), single sign-on open standards WS-* and experience other with popularwith Internet SAML corporate applications identity providers Other Providers tied to AD On Premises MICROSOFT CONFIDENTIAL Page 16 5 Data - Storage Services Security • Customer data stored on separate hardware from the Windows Azure Compute VMs, organized into storage accounts • Access to data in a specific account is only granted to entities having the secret key for that account – Storage access keys are randomly generated when the storage account is created (or later at the request of the customer) – A storage account may have two active keys at any given time to support key rollover • Data access can be protected using SSL encryption MICROSOFT CONFIDENTIAL Page 17 5 Data - Windows Azure Storage Reliability • Data is replicated within Windows Azure to three separate physical nodes for high availability Application Application X Azure Physical Storage Customer On-premises Storage MICROSOFT CONFIDENTIAL Page 18 Security Design considerations • • Practices: – – – Secure design Secure coding Threat management – – – Azure Connect Service Bus Access Control Design patterns MICROSOFT CONFIDENTIAL Page 19 Service Management MICROSOFT CONFIDENTIAL Page 20 Service Level Agreements Compute connectivity Instance monitoring and restart Storage availability Database availability Service bus and access control availability Content delivery network Your service is connected and reachable via web. Internet facing roles will have external connectivity All running roles will be continuously monitored If role is not running, we will detect and initiate corrective action Storage service will be available/ reachable (connectivity) Your storage requests will be processed successfully Database is connected to the internet gateway All databases will be continuously monitored Service bus and access control endpoints will have external connectivity Message operation requests processed successfully Service will respond to client requests and deliver the requested content without error >99.95% >99.9% >99.9% >99.9% >99.9% >99.9% MICROSOFT CONFIDENTIAL Page 21 Q&A? MICROSOFT CONFIDENTIAL Page 22 Overview We proactively monitor outbound access to detect common cases (port scans, spam) World-Class Support Carrier-Class Data Centers Operational Best Practices World-Class Security Application Specific Hardware World-Class Architecture MICROSOFT CONFIDENTIAL Page 23 23 Next steps to learn more about Windows Azure Platform Security Get involved in the Windows Azure Platform community Visit Microsoft.com/Azure to view the following whitepapers concerning security and the Windows Azure Platform • • • Windows Azure Security Overview Security Best Practices For Developing Windows Azure Applications Security Guidelines for SQL Azure Microsoft Security Development Lifecycle http://www.microsoft.com/security/sdl Microsoft Essentials Windows Azure Platform Security Essentials: Module 1 - Security Architecture Windows Azure Platform Security Essentials: Module 2 – Identity Access Management Windows Azure Platform Security Essentials: Module 3 – Storage Access Windows Azure Platform Security Essentials: Module 4 – Secure Development MICROSOFT CONFIDENTIAL Page 24 Thank You MICROSOFT CONFIDENTIAL Page 25
© Copyright 2024