Chapter 10 - 02 - Understand Cloud Computing Fundamentals - 03_ocred_fax_ocred.pdf
Document Details
Uploaded by barrejamesteacher
null
OCRED
Tags
Related
- Chap 10 - 01 - Understand Virt Essential Concepts and OS Virt Security - 10_ocred.pdf
- Chapter 10 - 02 - Understand Cloud Computing Fundamentals - 01_ocred.pdf
- Chapter 10 - 02 - Understand Cloud Computing Fundamentals - 02_ocred.pdf
- Chapter 10 - 02 - Understand Cloud Computing Fundamentals - 03_ocred.pdf
- Chapter 10 - 02 - Understand Cloud Computing Fundamentals - 04_ocred.pdf
- Cloud and Virtualization Security PDF
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing...
Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing Cloud Deployment Models Public Cloud Private Cloud ijszro Services are rendered over a network that is Cloud infrastructure is operated for a single open for public use organization only a Users ltrmlnaun; the access m Legitimate, access path Public users accessing d v the cloud via network Boundary Controller o G o o — Computers in a network providing access i r— ‘.r ' —— e v—e—— — ~ v 2) : elz ) perimeter —. < X, o hardware : "’"’u": ;:::' perimet u""""“ —hardware J Users accessing cloud from within - the perimeter Outside subscriber’s facility Cloud Deployment Models (Cont’d) Community Cloud Hybrid Cloud @ Shared infrastructure between several organizations Combination of two or more clouds (private, from a specific community with common concerns community, or public) that remain unique entities (security, compliance, jurisdiction, etc.) but are bound together, thereby offering the benefits of multiple deployment models ‘ Security perimeters \ - ----- aesesnnane CTAED P Organization A~ ppeesesesesesesee : Organization A ————— Outsourced private cloud ‘ - s [T TG - 4 Al \ 1 i : '\--1;}:'{ ---,‘: 5\)‘"@"'-. :_‘.. _@‘ H e weer LAY R a2~ \-__C)...'.\:Q“", —— l\\ e S S ey Sawd : Outsice ¥ Outside J L‘)Mmh(buldwdwa ’ User that access the doud from \ Users remote doud (T._.' \ within their perimeters | 1 C i : ies that provid Community companies and r.onsume cloud resources that consume resources Public cloud Module 10 Page 1314 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing Deployment Cloud Deployment L | — Models (Cont’d) l M h hM OQO Dynamic heterogeneous environment that combines workloads across multiple cloud Multi Cloud. -: -. -; A3 vendors, managed via one proprietary interface to to achieve long term business goals o Miroso R Microsofl Azure O Sencadnll o Googa CleudPatfan Application Data Application Data LL Public cloud 'I |( Public cloud ] &= @& amazon «"amazon web sande ” m =i Application Data Application Data Application Data Application Data £32 || 232 | Public cloud | lI Private cloud A | Companies/users consuming cloud resources Copyright ©© by Copyright by EC-EC- iiLL All Al Rights Rights Reserved. Reserved. Reproduction Reproduction iss Strictly Prohibited Strictly Prohibited. Cloud Deployment Models Cloud deployment model selection is based on enterprise requirements. One can deploy cloud services in different ways, according to the factors given below: * Host location of cloud computing services = Security requirements = Sharing of cloud services =» Ability to manage some or all of the cloud services = Customization capabilities The five standard cloud deployment models are = Public Cloud Public In this model, the provider makes services such as applications, servers, and data storage available to the public over the Internet. Therefore, he is liable for the creation and constant maintenance of the public cloud and its IT resources. Public cloud services may be free or based on a pay-per-usag pay-per-usagee model (e.g., Amazon Elastic Compute Cloud (EC2), Google App Engine, Microsoft Azure, IBM Cloud). o Advantages: e Simplicity and efficiency e Low cost * Reduced time (when server crashes, needs to restart or reconfigure cloud) Module 10 Page 1315 Certified Cybersecurity Technician Copyright © by EG-Gouncil EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing e No maintenance (public cloud service is hosted off-site) ¢ No contracts (no long-term commitments) o Disadvantages: e Security is not guaranteed e Lack of control (third-party providers are in charge) e Slow speed (relies on Internet connections; the data transfer rate is limited) “ oz L - 4 x V. Users terminating the access - - - Users initiating Public users accessing S the cloud via network tresesne D L Users accessing local cloud +2> Users accessing local cloud resources resources - User User that that access access the the cloud cloud from from — within within their their perimeters perimeters \ [ Users accessing remote cloud Users accessing remote cloud resources resources 5 < ] | J ] Community companies Community companies that that provide provide Community Community companies companies and consume consume cloud cloud resources resources that that consume consume resources resources and Figure 10.24: Community cloud deploymen deploymentt model ** Hybrid Hybrid Cloud Cloud ItIt isis aa cloud cloud environment environment comprised comprised of two or or or more more clouds clouds (private, (private, public, public, or community) together to offer the to offer benefits of the benefits of community) that that remain remain unique entities but are bound together multiple available and makes available organization makes and multiple deployment deployment models. models. InIn this the organization model, the this model, manages resources externally (e.g., externally (e.g., manages some some resources resources in-house in-house and other resources provides other and provides Microsoft Microsoft Azure, Azure, Zymr, Zymr, Parangat, Parangat, Logicalis). Logicalis). Example: Example: AnAn organization organization performs performs its activities critical activities its critical on the private on the (e.g., cloud (e.g., private cloud operational customer operational customer data) data) and non-critical activities and non-critical the activities onon the public cloud. public cloud. oo Advantages: Advantages: *e High High scalability scalability (contains (contains both both public public and clouds) private clouds) and private ee Offers Offers both both secure secure and and scalable scalable public resources public resources *e High High level level ofof security security (comprises cloud) private cloud) (comprises private *e Allows Allows toto reduce reduce and and manage manage the cost according the cost requirements according toto requirements o o Disadvantages: Disadvantages: e e Communicati Communication on atat the the network network level may bebe conflicted level may uses both conflicted asas it ituses and public and both public private clouds private clouds ¢ e Difficult Difficulttotoachieve achieve data data compliance compliance Module 10 Page 1318 CybersecurityTechnician CertifiedCybersecurity Certified Copyright© © by EC-Council TechnicianCopyright Module 10 Page 1318 by EG-Gouncil Prohibited. is StrictlyProhibited. All Rights Reserved. Reproduction onis Strictly All Rights Reserved. Reproducti Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing e Organization reliant on the internal IT infrastructure in case of outages (maintain redundancy across data centers to overcome) e Complex service level agreements (SLAs) - - - ," \\\ r ------------- ‘E /.. [ ‘fl - ? RS, E - \\ g , pj I:y:"."\-_ [ ke 0D ~. L T ‘ On-site private cloud Outsourced private cloud » a..u;,-..-‘-------------_ { i Yo sYi 3 : -( ‘e, :. l’\o - -~ :. ,——~,~\E PN —— bl ~ \ 4 (\__L:_"}...’.\: ¢ >. ;)-__/nN &e Y o On-site community cloud Outsourced community cloud L Public cloud Figure 10.25: Hybrid cloud deployment model = Multi Cloud It is a dynamic heterogeneous environment that combines workloads across multiple cloud vendors that are managed via one proprietary interface to achieve long-term business goals. The multi cloud uses multiple computing and storage services from different cloud vendors. It distributes cloud assets, software, applications, etc. across various cloud-hosting environments. Multi cloud environments are mostly all-private, all-public or a combination of both. Organizations use multi cloud environments for distributing computing resources, thereby increasing computing power and storage capabilities, and limiting the data loss and downtime risk to a great extent (e.g., Microsoft Azure Arc, AWS Kaavo IMOD, Google Cloud Anthos). o Advantages: e High reliability and low latency e Flexibility to meet business needs e Cost-performance optimization and risk mitigation e Low risk of distributed denial-of-service (DDoS) attacks e Increased storage availability and computing power e Low probability of vendor lock-in o Disadvantages: e Multi-cloud system failure affects business agility Module 10 Page 1319 Certified Cybersecurity Technician Copyright © by EC-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Virtualization and Cloud Computing e Using more than one provider causes redundancy e Security risks due to complex and large attack surface e QOperational overhead ;' i == Microsoft O o AZU re Google Cloud Platform Google Cloud Application Data Application Data [ Public cloud ] [ Public cloud ] &=