GoGrid Blog > Security

Posts Tagged ‘Security’

« Older Entries
 

Software Defined Networking on the Edge

Thursday, March 14th, 2013 by Rupert Tagnipes

One of the recent trends in technology is the movement toward software-defined networks (SDN). With SDN, networking is no longer tied to a specific proprietary device but rather integrated via software. GoGrid has adopted this software defined networking architecture for its new product offerings starting with Dynamic Load Balancers and now with our new Firewall Service.

SDN typically means that the control plane is separated from the forwarding plane and is centralized. This setup is easier to manage and enables a more distributed system. In addition, management of the network is typically programmatic with SDN. In GoGrid’s architecture, for example, management is centralized while the activities are distributed. This design allows for greater resiliency and self-healing capabilities, meaning there’s always a way to return a failed distributed node to its previously stable state. We also enable access to these services via our management console and a public RESTful API.

Although most people think of SDN as it applies to the core (switches and routers), GoGrid’s strategy has been to start at the edge and then work toward the core. Dynamic Load Balancers and the Firewall Service are considered to be on the network edge. However, other services closer to the core, such as Private Network Automation (PNA), have adopted this architecture as well. Details about the Dynamic Load Balancer are explained in this previous blog post.

Firewall Service

GoGrid is introducing a new Firewall Service designed to be self-healing and available to all customers in all our data centers. Customers can deploy this service through the management console or API. Having a Firewall Service available to all our customers is an important step in further securing infrastructure in the cloud. Although GoGrid has secured its data centers and has built-in security measures to protect our customers’ infrastructure, our customers want greater granular control of port access for their individual servers. Our new Firewall Service is designed to meet and exceed those needs by making it easy to set up security wherever Cloud Servers are located.

This service comes with several key features: (more…) «Software Defined Networking on the Edge»

Tags: , , , , , , ,
Posted in API, Cloud Computing, Cloud Security, Features, GoGrid, Public Cloud, Release, Security | No Comments »

Are These Really Mysteries? Solving Forbes’ “7 Great Unsolved Mysteries of Cloud Computing”

Wednesday, February 6th, 2013 by Michael Sheehan

From time to time, I come across an article that I feel compelled to respond to. Yesterday, I read “7 Great Unsolved Mysteries of Cloud Computing” written by Joe McKendrick (an author and independent researcher covering IT trends and markets) in Forbes.com. Although McKendrick definitely offers some thought-provoking questions in the form of “cloud mysteries,” part of me feels these mysteries were already solved a long time ago.

Forbes-article

What follows are the questions that McKendrick asks, my interpretation of his descriptions, and my responses to these mysteries. I’d love to hear your feedback on these mysteries and my responses, so be sure to leave a comment.

7 Great “Unsolved” Mysteries of Cloud Computing

McKendrick alludes to the 2010s as a “cloud computing migration.” A “migration” connotes a feeling of evolution, and I do believe that cloud computing is evolving through a natural progression (see “Riding the Gartner Hype Cycle Roller Coaster: Hang on to your Magic Quadrants!”) toward mainstream adoption.

But let’s take a look at the “unsolved” mysteries.

(more…) «Are These Really Mysteries? Solving Forbes’ “7 Great Unsolved Mysteries of Cloud Computing”»

Tags: , , , , , , , , , ,
Posted in Cloud Computing, General, GoGrid, Industry, Public Cloud | No Comments »

How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)

Tuesday, January 29th, 2013 by Mario Duarte

This is Part 2 of a GoGrid security blog series on identifying and recovering from a Linux security breach. Part 1 provided general guidelines for conducting a security analysis on a compromised Linux server and forming strategic teams to address and resolve the breach.

In this article, we’ll review some recommended steps for recovering from a breach.

Recovering from the Breach

Lock the doors

Now that you’ve confirmed that there are no intruders logged in and you’ve identified the established connections, it’s time to “lock the doors.” Locking the doors largely depends on who is managing your firewall. Contact GoGrid in the event that we’re managing your firewall or perform the following actions if you manage your firewall:

  • Modify your system’s iptables configuration to restrict all remote console connections such as SSH to your office network
  • Modify your system’s iptables configuration to block all previously identified suspicious connections from and to your system.
  • Modify your system’s iptables to block all other services from the public Internet to your server. Doing so will effectively bring down your website or services, but you want to avoid compromising your customers or web site visitors.

Install and run a rootkit analyzer

(more…) «How to Recover from a Linux Security Breach – Recovery & Hardening (Part 2)»

Tags: , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Cloud Computing, Cloud Security, General, GoGrid, How To, Linux, Public Cloud, Security | 1 Comment »

How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)

Monday, January 28th, 2013 by Mario Duarte

This 2-part GoGrid security blog series provides general guidelines for conducting a security analysis on a compromised Linux server and for recovering from a breach. Before you begin the security analysis, you need to consider two important factors:

1. The type of data your compromised server is storing or transmitting,
2. How important the server’s function is to your business

The data type—Personally Identifiable Information (PII) or Protected Health Information (PHI), for example—is important because your organization could be legally required to notify external parties and local or federal government agencies in the event of a breach. The compromised server’s function is important because its criticality may drive the recovery timeline.

You also may want to consider engaging a third-party that specializes in security forensics.

This series will cover 3 important items:

1) Understanding & assessing the breach
2) Setting up forensics & recovery teams
3) Recovering from the breach

Although this series won’t replace what a competent security firm can accomplish, it does provide an overview of some core processes, procedures, and activities you can do to potentially recover from a breach. And because each incident varies based on your computer system, be sure to conduct additional analysis and consult with experts to double-check your breach identification and resolution plan. (more…) «How to Recover from a Linux Security Breach – Forensics, Analysis, & Building Teams (Part 1)»

Tags: , , , , , , , , , , , , , , , , , , , , , , ,
Posted in Cloud Computing, Cloud Security, General, GoGrid, How To, Linux, Public Cloud, Security | No Comments »

Security and Adaptability: Unlocking the Full Potential of Big Data and the Cloud

Tuesday, December 18th, 2012 by Oren Falkowitz

Enthusiasm for and investment in Big Data and the Cloud is spurring innovation in a suite of new technologies that seek to transform information into knowledge at reduced costs. But the potential of Big Data and the Cloud is threatened by security, privacy, legal and regulatory constraints which prevent data integration and information sharing.

While the costs to capture, store and exploit data are declining, the costs of mishandling data are rising for every enterprise; and threaten to extend the data-poor environments in which we have long operated, forcing continued inferences and limits on data insights.

sqrrl_Oren

Technology leaders like Google,Facebook and Target have reshaped their industries using Big Data, but each is facing increased scrutiny over data handling. The result has created an atmosphere of concern and trepidation and has deterred many in the Fortune 1000 from embracing Big Data.

The relationship between Big Data security and Big Data innovation is not zero-sum, but rather they are mutually reinforcing concepts. Traditional data security approaches, which have proven inadequate, deal with disequilibrium by seeking counterbalance. In this case more security, more privacy, and more constraints lead to limited data access, continued fragmentation of data sets, and missed opportunities.

Instead of addressing these challenges as an afterthought or applying solutions around the edges, solutions that bake in and address security, privacy, legal and regulatory constraints from the onset enable new insights, while simultaneously building trust and transparency. Such a data-centric security model promotes adaptability and re-conceptualizes the relationship among data, users and applications and reduces administrative burdens and risks. Simultaneously it unlocks the potential for innovation and serves as a mechanism for supporting the integration of disparate data sets and for more complete information sharing.

(more…) «Security and Adaptability: Unlocking the Full Potential of Big Data and the Cloud»

Tags: , , , , , , , ,
Posted in Big Data, Cloud Computing, General, GoGrid, Guest, Industry, Public Cloud, Security | No Comments »

« Older Entries