Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Network Security on AWS

Network Security on AWS

Michael Wittig

May 17, 2018

More Decks by Michael Wittig

Other Decks in Technology


  1. Hello! I am Michael Wittig The author of Amazon Web

    Services in Action (Manning). Co-founder of widdix, an independent AWS consultancy. You can find me at: @hellomichibye https://cloudonaut.io
  2. VPC ▷ Virtual network ◦ Subnets ◦ Route tables ◦

    NACLs ▷ Network isolation ▷ Private address ranges ◦ ◦ ◦ ▷ Peering ◦ VPC to VPC ◦ VPN ◦ Direct Connect
  3. VPC Public Subnet 2 Public Subnet 1

    Typical (minimal) VPC Private Subnet 1 Private Subnet 2
  4. VPC Flow Logs Records network traffic in ~5 minutes chunks

    Not enabled by default Record Schema version account-id interface-id srcaddr dstaddr srcport dstport IANA protocol number (6 := TCP) packets bytes start in Unix seconds end in Unix seconds action status
  5. VPC Public Subnet B Public Subnet A

    Example Private Subnet A Private Subnet B VPC Public Subnet A Private Subnet A https://github.com/widdix/learn-network-security
  6. Thanks! You can find me at: @hellomichibye https://cloudonaut.io Special thanks

    to: ▷ Presentation template by SlidesCarnival ▷ Photographs by Pexels