Security on a cloud

TheBigDog · November 03, 2015, 12:44:06 PM

Hi

At the moment I am trying to come up with a proposal for a college project. What I have in mind is to implement security on a private cloud.

The aim of my project will be to implement a private cloud. During my implementation of the cloud my overall goal will be to cover a number of security design features that will make my private cloud more secure when deployed. A number of these features will include:
•   Security foundation considerations
•   Infrastructure security considerations
•   Platform security considerations
•   Software security considerations
•   Service delivery security considerations
•   Management security considerations
•   Client security consideration
•   Legal considerations
I aim also to talk about the challenges there is for private cloud security.

Some general tips and suggestions would be appreciated ! I am being recommended to use a public cloud and what are your thoughts about using that instead of a private cloud ?

dlots · November 03, 2015, 01:14:01 PM

Public clouds are nice cause your just paying rent on them for your devices, the down side is you have to deal with their decisions and limitations. In general if you have a large IT department I would do private, if you just need a few small servers that don't need messed with much I would go for a public cloud.

Be sure you consider up-time, at least for us AWS doesn't guarantee enough up-time so we are doing multiple cloud providers.

TheBigDog · November 03, 2015, 01:20:54 PM

Never thought of considering up time ( must have slipped my mind ). Public cloud sounds more what I have in mind. But how would one start with implementing a public cloud for a college project ?

icecream-guy · November 03, 2015, 02:37:56 PM

start here
https://aws.amazon.com/ec2/purchasing-options/

TheBigDog · November 03, 2015, 02:41:45 PM

Cheers bud. Any reason in particular why you choose AWS ?

dlots · November 03, 2015, 02:46:43 PM

AWS is one of the big names these days (it's what I would go with), and if your careful you can do something small for free
https://aws.amazon.com/free/

TheBigDog · November 03, 2015, 02:59:37 PM

I know this might sound stupid but could I use system center 2012 R2, windows server 2012 R2, Hyper-V and AWS to build a cloud ?

deanwebb · November 03, 2015, 07:02:04 PM

Yes. A cloud is only centralized storage that is available from any location with Internet connectivity. The server pieces of it are easily assembled. Keeping them secure, ah, that's the tricky part!

icecream-guy · November 04, 2015, 11:18:37 AM

Quote from: TheBigDog on November 03, 2015, 02:41:45 PM
Cheers bud. Any reason in particular why you choose AWS ?

no reason in particular.

TheBigDog · November 14, 2015, 03:43:53 PM

I found this article that outlines the building of a private cloud , http://blogs.technet.com/b/keithmayer/archive/2013/04/01/build-your-private-cloud-in-a-month-new-article-series.aspx

Any recommendations on security features that I could add to it or any general recommendations ?

Thanks

deanwebb · November 14, 2015, 04:28:23 PM

When you connect, you'll be encrypted. Make sure the encryption is at the highest standard possible. You don't want to go down like some punk for using an MD5 hash with DES-56 encryption. All the cool kids are using SHA-256 and AES-128 or 256. Roll your own Windows certs from your server CA and use those guys instead of self-signed certs on your gear.

TheBigDog · November 15, 2015, 08:00:13 AM

Really appropriate your feedback there ! Would it be much more complicated to roll out your own server CA ?

deanwebb · November 15, 2015, 10:48:30 AM

I imagine that there would be some trial and error involved... but it's learning well worth having.

TheBigDog · November 15, 2015, 03:09:01 PM

Any articles you suggest reading up on for rolling out your own window certs ?

TheBigDog · November 15, 2015, 04:19:52 PM

I am also reading online saying that you shouldn't roll out your own ones because you should go for established ones ...