VMware’s NSX™ Distributed Firewall, Intrusion Prevention and Intrusion Detection System.

The security breaches usually occur when the organization does not sufficiently restrict communication inside network perimeter or does not implement lateral security controls, which allow hackers to target the priority systems or infiltrate information. The following article talks about VMware’s NSX™ Distributed Firewall, Intrusion Preventions, and Intrusion Detection System.

Note: Article in Progress. The following is only a basic skeleton for the more comprehensive overview.

[Read more…]

IT Compliance and Auditing in Canada

The following post is intended to explain some of the IT audit standards, control process and associated laws and regulations currently used in Canada. Even though, the 2012 research showed that only 16% of Canadian Businesses were not aware of privacy or security-related standards and we could say, that Canadian IT companies have moderate to high awareness of the compliance standards.

Note: This article is a work in progress. [Read more…]

Cloud-based Application Design for Availability and Reliability

According to Amazon’s guide to Cloud Best Practices (2017), “If you design for failure, nothing will fail.”. The recommendation given is to “Be a pessimist when designing architectures in the cloud; assume things will fail. In other words, always design, implement and deploy for automated recovery from failure.”

Jinesh Varia, Lead Technology Evangelist at Amazon AWS, took it further by specifying a total of 12 design patterns (best practices) that all businesses should consider when designing highly available and reliable cloud applications (Figure 1).

Figure 1 – Building Powerful Web Applications in the AWS Cloud (Varia, 2011). [Read more…]

Open Cloud Management Platforms: Apache CloudStack & HP Helion Eucalyptus

Two of the most popular cloud management platforms from the open-source space are OpenStack and OpenNebula. Both of them provide an open source scalable software platform that allows cloud service vendors and enterprises to provision and orchestrate large deployments of virtual machines, as well as manage and control networking, processing and storage resources in a data center. Both also offer a web based dashboard, as well as command line and API services to better control all of the interrelated components, in IaaS private cloud. However, even though OpenStack and OpenNebula are certainly among the most recognized open source cloud management platforms, in this post I introduce two other CMPs that in my opinion deserve to be explored, namely the CloudStack and Eucalyptus open cloud management platforms.  [Read more…]

Cross-Region Replication and Geo-Redundancy in Amazon, Microsoft and Google Cloud

As we all know, most large IT cloud companies offer some way to do the Cross-Region Replication for their data storage. As they are expanding across the globe in a race to provide the best disaster recovery and also their ability to use storage in different regions I wanted to spend 5 seconds to look at the options offered by Amazon, Microsoft, and Google.  [Read more…]

Introduction to CSA, Cloud Governance and Operational Domain of Encryption & Key Management

In this post, I will introduce Cloud Security Alliance (CSA) and the governance and operation domains through which they promote the best security practices in the cloud. I also briefly look at the Encryption and Key Management as one of the parts of the operational domains; and look at the general security concerns, as well as specific concerns of this particular domain. [Read more…]