Jun 30, 2015
https://openvpn.net/
http://www.openldap.org/
https://www.duosecurity.com/
http://www.ossec.net/
https://www.snort.org/
http://www.daemon-tools.cc/
https://openvpn.net/
Snort IDS instance
EC2 Instance
eth0 tap0
http://www.clamav.net/
Customer Master Key (CMK)
• I would recommend a unique CMK for each data record
type (one to encrypt sensitive configuration files, one to
protect SSL private keys, etc.)
• The CMK is used to generate Data Encryption Keys.
Returns
• Generate the DEK using the AWS SDK to call AWS
KMS. It will return cipherText which you must store with
the record and a plaintext string which is the encryption
key you will encrypt the record with.
• Pass an Encryption Context value when creating DEK to
map the key against the record you’re encrypting. This
value will appears in AWS KMS audit logs.
• Each record should have a unique DEK generated for it.Returns
Returns
Returns
Returns
Please give us your feedback on this session.
Complete session evaluations and earn re:Invent swag.
http://bit.ly/awsevals