Dome9 – Secure Your Cloud™Dome9 – Secure Your Cloud™

CloudExpo Europe – London, January 2013

The Practitioners Guide to Cloud Security

London, January 2013

Zohar Alon@zoharalonCo-Founder & CEO

Dome9 – Secure Your Cloud™

Me, and my company

Zohar Alon – Co-Founder & CEOCreator of Check Point’s Provider-1 & SP product linesOver 20 years of security & IT experience.

Cloud Server Security Management Automate and centralize security across an unlimited

number of cloud, dedicated, and virtual private servers

Dome9 – Secure Your Cloud™

What’s this?

Dome9 – Secure Your Cloud™

1 day and 86,000 attempts later…

Dome9 – Secure Your Cloud™

There are more than 30 millionCloud, VPS & Dedicated Servers

Most of these servers are vulnerable to attack

– Admins leave ports open to connect to their servers– Hackers use these same open ports to gain access

Most of these servers’ security is unmanageable

– Sprawled across multiple private & public clouds– Operating systems are a virtual buffet

Most of the ‘available’ security doesn’t work– Service providers lack expertise & focus to build it– Security vendors have business models that don’t fit

and/or technology that doesn’t migrate and scale

Dome9 – Secure Your Cloud™

Who’s responsible for security?

Dome9 – Secure Your Cloud™

The Practitioners Guide

• Most don’t know who’s responsible for cloud security– 42% say they wouldn’t know if

their cloud was hacked– 39% think their provider would

tell them

• Security is everybody’s responsibility– accept and share it!

• Security is your responsibility– Deal with it!

Part 1 – Responsibility

31%

36%

33%

Customer Provider Both

Who’s Responsible?

Ponemon Cloud Security Research Study

Dome9 – Secure Your Cloud™

The Practitioners Guide

• If Anyone can login consider Multi-Factor authentication to harden access

• Simple mobile app integration, w/ QR code support & SMS backup

Part 2 – Authentication

Dome9 – Secure Your Cloud™

Dome9 – Secure Your Cloud™

Dome9 – Secure Your Cloud™

The Practitioners Guide

• WAF: Web Application Firewall– Protects Web services, sites and applications– Monitor the requests to the web layer– Brute-force Login, Span Bots, SQL injections, etc.

• Easy to enable – No Install!– Provides added security layer w/o overhead

• Every Web App Will Use one– CloudFlare, Incapsula or Akamai – Bonus I – site is faster– Bonus II – DDOS mitigation capabilities

Part 3 - WAF

Dome9 – Secure Your Cloud™

The Practitioners Guide

• You saw how many insights we get from the logs. You need to store and analyze them.

• We use several vendors for this – each for a different use-case:– Splunk & SplunkStorm– SumoLogic– Loggly – LogEntries

Part 4 – Log

Dome9 – Secure Your Cloud™

The Practitioners Guide

• Take Control on your security policies– You do much more when it comes to the office firewall

• Close All (admin) Ports – Open Dynamically– Open them only for whom, and for as long as is needed.

• Don’t rely on static scopes– Too much management overhead and risk.

• Aggregate & Centralize firewall management– Across regions, providers and applications

• At Dome9, we eat our own dog food– On Amazon, Verison’s Terrermark and Rackspace

Part 5 – Firewall

Dome9 – Secure Your Cloud™

What happened here?

Dome9 – Secure Your Cloud™

Dome9: How it WorksAutomated Cloud Server Security

Manage OS firewall (via Agent) and virtual firewall (via API) across all cloud servers

Enable on-demand, time-based secure access leases per server, source & time Automatically close server

access when lease expires

Stop attackers from targeting open admin ports via brute force attacks and exploits

Dome9 – Secure Your Cloud™

Multi-Cloud Management

Time-Based Controls

1-Click Secure Access

Dome9 Central Simplified Security Management

Dome9 – Secure Your Cloud™

Wrap Up

① Take Responsibility

② Harden Authentication

③ Use a Web Application Firewall

④ Log, Log, Log, Log, Log… and Analyze

⑤ Lockdown and Automate the Server Firewalls… with Dome9!

Dome9 – Secure Your Cloud™

Q&A

Dome9 – Secure Your Cloud™

Thank You!

Zohar Alon, [email protected]

Dome9 – Secure Your Cloud™

References and Links

• Firewall Management Service:– http://www.dome9.com/– https://secure.dome9.com/account/register?code=ecommerc

e

• MyDigipass 2 Factor Authentication Service:– https://www.mydigipass.com/

• Log Management Services:– Splunk Storm Service - https://www.splunkstorm.com/– Loggly - http://loggly.com/– LogEntries - https://logentries.com/

• WAF Services:– CloudFlare - https://www.cloudflare.com/– Incapsula - http://www.incapsula.com/

• Cloud Security Study:http://www.dome9.com/wp-content/uploads/2011/11/Ponemon-Cloud-Security-Study.pdf