AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Deciphering the DoD Cloud Broker Process Mark Fox DoD Sales Executive [email protected]
14
Embed
DoD Enterprise Cloud Services Broker - AWS Symposium 2014 - Washington D.C.
This session will discuss the DoD Enterprise Cloud Services Broker model and the process for engagement with DISA in their role as the ECSB. This session will also review the DoD Cloud Security Model (CSM) and its security container levels.
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
DoD Commercial Cloud – Commonly Asked Questions
1. Can I run DoD workloads in the Commercial Cloud?– Are you FedRAMP Compliant? – What is the IA Process? (DIACAP/RMF…?)– How do I work with the DISA Cloud Broker? FOCUS OF TODAY’S
SESSION– Can I get a private cloud?
2. Where is/are your Data Center(s)?– How are they different than DoD Data Centers and DECC’s (CDC’s)?– How is AWS different from other “Cloud” providers? – Does my data stay in the US?
3. How much do you cost? Where is your “Rate Card”?
4. How do I get started using a CSP?
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
Cloud Services ProviderDoD Cloud Security Model (CSM) - ATO Process
Increasing Security and
Operating Requirements
DoD Cloud Security Model(Administered via DISA)
14 FedRAMP Compliant CSP’s1
FedRAMP Authority to OperateCSM ATO Levels 1-2
(Public)
CSM ATO Levels 3-5
(NIPR)
CSM ATO Level 6 (SIPR)
12
34
56
Providers are a mix of IaaS, PaaS, SaaS(Initial Focus is on IaaS)
ProvisionalAuthorization
granted1
0 Provisional Authorization
granted2
100’s of Cloud Service Providers
(CSP)
System-Specific
ATO
John DoeDoD DAA
The DoD provisionally authorized
commercial CSP offering is eligible to be included in the Enterprise Cloud Service
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
AWS Commercial Platform
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014
The following services are in the accreditation boundary for FedRAMP:
Enables you to securely control access to AWS services and resources for your users. Using IAM, you can create and manage AWS users and groups and use permissions to allow and deny their access to AWS resources.
Amazon EC2
Provides resizable compute capacity in the cloud. It is designed to make web-scale computing easier for developers.
Amazon VPC
Provides the ability for you to provision a logically isolated section of AWS where you can launch AWS resources in a virtual network that you define.
Amazon S3
Provides a simple web services interface that can be used to store and retrieve any amount of data, at any time, from anywhere on the web.
Amazon EBS
Provides highly available, highly reliable, predictable storage volumes that can be attached to a running Amazon EC2 instance and exposed as a device within the instance.
Amazon Redshift
A fast, fully managed, petabyte-scale data warehouse service that makes it simple and cost-effective to efficiently analyze all your data using your existing business intelligence tools.