Hi
At the moment I am trying to come up with a proposal for a college project. What I have in mind is to implement security on a private cloud.
The aim of my project will be to implement a private cloud. During my implementation of the cloud my overall goal will be to cover a number of security design features that will make my private cloud more secure when deployed. A number of these features will include:
• Security foundation considerations
• Infrastructure security considerations
• Platform security considerations
• Software security considerations
• Service delivery security considerations
• Management security considerations
• Client security consideration
• Legal considerations
I aim also to talk about the challenges there is for private cloud security.
Some general tips and suggestions would be appreciated ! I am being recommended to use a public cloud and what are your thoughts about using that instead of a private cloud ?
Public clouds are nice cause your just paying rent on them for your devices, the down side is you have to deal with their decisions and limitations. In general if you have a large IT department I would do private, if you just need a few small servers that don't need messed with much I would go for a public cloud.
Be sure you consider up-time, at least for us AWS doesn't guarantee enough up-time so we are doing multiple cloud providers.
Never thought of considering up time ( must have slipped my mind ). Public cloud sounds more what I have in mind. But how would one start with implementing a public cloud for a college project ?
start here
https://aws.amazon.com/ec2/purchasing-options/
Cheers bud. Any reason in particular why you choose AWS ?
AWS is one of the big names these days (it's what I would go with), and if your careful you can do something small for free
https://aws.amazon.com/free/
I know this might sound stupid but could I use system center 2012 R2, windows server 2012 R2, Hyper-V and AWS to build a cloud ?
Yes. A cloud is only centralized storage that is available from any location with Internet connectivity. The server pieces of it are easily assembled. Keeping them secure, ah, that's the tricky part!
Quote from: TheBigDog on November 03, 2015, 02:41:45 PM
Cheers bud. Any reason in particular why you choose AWS ?
no reason in particular.
I found this article that outlines the building of a private cloud , http://blogs.technet.com/b/keithmayer/archive/2013/04/01/build-your-private-cloud-in-a-month-new-article-series.aspx
Any recommendations on security features that I could add to it or any general recommendations ?
Thanks
When you connect, you'll be encrypted. Make sure the encryption is at the highest standard possible. You don't want to go down like some punk for using an MD5 hash with DES-56 encryption. All the cool kids are using SHA-256 and AES-128 or 256. Roll your own Windows certs from your server CA and use those guys instead of self-signed certs on your gear.
Really appropriate your feedback there ! Would it be much more complicated to roll out your own server CA ?
I imagine that there would be some trial and error involved... but it's learning well worth having.
Any articles you suggest reading up on for rolling out your own window certs ?
I am also reading online saying that you shouldn't roll out your own ones because you should go for established ones ...
An established cert gives you credibility to third parties. A cert generated within the domain for domain members only, however, is something that you can control and where an outsider can't enter your system because he has no access to it.
However, you want to be sure that your Windows policy does not allow for exporting of private keys.