Painting Rainbows: Building Bridges in the Cloud

Painting Rainbows: Building Bridges in the Cloud

Bridging the Clouds: Cloud computing resources are different from traditional datacenter assets. They are more volatile, and their tenancy is much higher. We’ll explore the implications from a network security point of view, and the challenges that rise when you want to use multiple clouds together.

592c29d1042d5f0da1524ff17bbe25da?s=128

Gabriel Grant

March 25, 2012
Tweet

Transcript

  1. None
  2. HELLO

  3. dotCloud.com

  4. NETWORK SECURITY

  5. APP LEVEL

  6. ENCRYPTION

  7. PAIN

  8. DYNAMIC IP ADDRESSES

  9. SOURCE CONTROL

  10. ELASTIC IP ADDRESSES

  11. ELASTIC IP ADDRESSES

  12. SECURITY GROUPS

  13. SECURITY GROUPS

  14. SECURITY GROUPS

  15. SECURITY GROUPS

  16. ETHERNET ACCESS

  17. VRRP

  18. ELASTIC IP REMAPPING

  19. ELB

  20. None
  21. ELB

  22. BROADCAST MULTICAST

  23. DISCOVERY

  24. PRIVATE ADDRESSING

  25. WHO AM I?

  26. WHO I AM!

  27. WHO I AM!

  28. IP ADDRESS ALIASING

  29. SSL

  30. SNI

  31. ELB

  32. PROTOCOLS

  33. PROTOCOLS

  34. CHOICES

  35. VENDOR API

  36. GOOD

  37. BAD

  38. UGLY

  39. ABSTRACTION

  40. LOWEST COMMON DENOMINATOR

  41. LOVE

  42. OPENVPN

  43. SMALL

  44. MEDIUM

  45. MEDIUM

  46. LARGE

  47. LARGE

  48. VDE + SSH

  49. VDE + SSH

  50. STUFF

  51. USERLAND

  52. USERLAND

  53. STUNNEL

  54. WRAP ALL THE THINGS

  55. WHY?

  56. WHY?

  57. ROUND-ROBIN DNS

  58. HOW?

  59. HEALTH CHECK

  60. EXAMPLE

  61. EXAMPLE

  62. github.com/dotcloud/autodnsfailover

  63. HOPE

  64. THANKS! @GabrielMGrant

  65. None