Amazon Web Services

Amazon Web Services (AWS)

Amazon Web Services (AWS)


Solutions & services to optimise and secure your Amazon Web Services (AWS) assets



The Challenge
Organisations are under ever increasing pressure to reduce IT costs. One of the cost reduction methods is to move applications into the cloud. Cloud-based computing provides organisations with cost savings over time, instead of the upfront costs associated with traditional datacentre equipment. By moving from a capital expenditure (CAPEX) model to an operational expenditure (OPEX) model, organisations are able to reduce costs associated with hardware and cooling in datacentres. There are other benefits like increased productivity based on reduced administrative burden, a result of the self-service nature of cloud computing, and the ability to almost instantly provision to meet service requirements.

When moving an application into the cloud, there are design considerations that must be taken into account. Cloud computing architecture is quite different compared to traditional physical or virtual environments. For example Amazon Web Services (AWS) persistent storage is disassociated from the Amazon Machine Image (AMI), and virtual machine instances are simply disposable.



Solutions, Features & Benefits
> Hosted Solutions

> Security

> Testing
> Data Backup & Archiving

> Email Management

> Optimise your AWS



Why solutions on AWS

 It’s not hard to see why there is such demand in AWS where you get the ability to scale up or down, without any of the overhead to manage physical servers.

Provides Amazon customers with the billing flexibility they are used to by accommodating pay-as-you-grow security services, billed by the hour at the end of the month.

> Flexible licensing models

> Pay-As-You-Go or Bring-Your-Own-License (BYOL)

 > Again visibility across on-premises and cloud environments

 > Visibility across Amazon Web Services (AWS), including EC2, RDS, S3, ELB, and Auto-Scaling.



HOSTING SERVICES

> Design & Implement AWS services

> Manage and Support services

> Oracle cloud-based solutions  
Ranging from single database instances through to full Oracle environments.

AWS Services:
    • Database in the Cloud (Amazon RDS)
    • Compute power (Amazon EC2)
    • Cloud Storage (Amazon S3 / EBS)
    • Networking (Elastic Load Balancing, Amazon VPC, AWS Direct Connect)
    • Security (Amazon Identity & Access Management)


      SECURITY

      Security for AWS Environments 
      More and more enterprises are turning to Amazon Web Services to extend their internal data centers into to the public cloud and make their server infrastructure more elastic. Virtual security appliances enable critical firewall, intrusion prevention, and web application security for AWS instances in the public cloud where hardware solutions cannot be deployed. AWS users can leverage the same enterprise-class network security controls in AWS as they deploy in the internal data center or private cloud. 

      > Analyse AWS Data Traffic  

      Passively analyse transactions passing between virtualised components of the application, including critical storage transactions that are not monitored by other tools.
      • Detect potential security issues, such as users accessing S3 buckets and files contrary to policy.
      • Fully control where your collected data is stored such that it never leaves instances you own.



      > Centralised Anti-Malware
      Offloads anti-virus functions away from each of your virtual machine instances to a dedicated service hosted provider in each Amazon EC2 region.
      > Anti-Virus
      > IPSec and SSL VPN
      > Anti-spyware / Anti-spam
      > Firewall
      > Security filtering for web URL and databases
      > Intrusion Detection
      > Reverse proxy security for applications
      > Intrusion Prevention (IPS)
      > Authentication for 
      Single-Sign-On
      > SQL injection and zero-day middleware and database protection
      > Log analytics and real-time compliance auditing



      > Security Policy Management 
      Centrally manage all on-premise firewalls policies alongside Amazon security groups to provide full visibility across the entire enterprise environment in a single console.



      > Vulnerability Scanning Services for AWS  
      Remote Vulnerability Management and Web Application Scanning services provide world-class vulnerability scanning for your cloud-based architecture.

      Dedicated vulnerability management team provides 24x7 monitoring and scanning of your cloud infrastructure, eliminating your administration and maintenance.


      > Test Your Cloud Security
      Testing can help your understand your security profile, reducing risk and achieve compliance.

      Vulnerability Assessments
      A consulting assessment that validates configurations to get an accurate account of the vulnerabilities in your AWS cloud environment that pose a real risk to your organisation.

      Penetration Tests 
      Help meet compliance requirements going further than vulnerability assessments providing network testing, validating configuration and patch management, and identifying the steps you can take to improve security in any environment.

      Simulates real-world attacks against an organisation, challenging its defences against electronic and social exploits to identify gaps in security that are not readily apparent from conducting standard technical tests.

      Web API Testing        
      Experienced testers with a strong knowledge of coding techniques and the packages used in delivering applications and services will determine if there are API vulnerabilities and exposures.


      > Web Application Firewall (WAF)

      Virtual appliance for AWS
      Web Application Firewall detects all inbound web traffic and blocks SQL injections, Cross-Site Scripting, malware uploads, volumetric & application DDoS, or any other attacks against your web applications. It also inspects the HTTP responses from the configured back-end servers for Data Loss Prevention (DLP). The integrated access control engine enables administrators to create granular access control policies for Authentication, Authorisation & Accounting (AAA), which gives organisations strong authentication and user control. The on-board L4/L7 Load Balancing capabilities enable organisations to quickly add back-end servers to scale deployments as they grow. Its application acceleration capabilities, including SSL Offloading, caching, compression, and connection pooling, ensure faster application delivery of web application content.



       > Email Protection

      • Anti-virus, and Anti-malware with behavioural analysis
      • Email Filtering (attachment and content)
      • Protect all inbound and outbound email traffic from email-borne threats and data leaks.

      • Email Encryption
      • Anti Spam, Anti Phising and Anti Virus engine
      • Policy filtering for Data Loss Prevention (DLP) – block or encrypt messages.
      • Complete email management solution. Leverage the AWS cloud to serve email if your primary mail servers become unavailable.



      DATA ARCHIVE & BACKUP
      to Amazon AWS S3 storage or Amazon Glacier

      > Archive data for compliance and regulations
      Leverage AWS to replace traditional tape and third party storage processes for Disaster Recovery backup requirements.

      > Hypervisor-based replication

       > Granular, VM-level protection

      > Data de-duplication  
      Deduplication of data for AWS cloud targets for less bandwidth requirements and lower data storage costs.

      > Index & catalog your data
      Easily search and retrieve data down to the file level.

      > Disaster recovery readiness
      Migrate data and applications to Amazon AWS for DR testing and readiness.

      AWS Cloud’s pay-as-you-go model means you are not bearing the expense of maintaining dedicated, under-utilised infrastructure at ‘hot sites’.

      OPTIMISE AWS PERFORMANCE

      Optimise performance across your AWS, cloud, WAN, global users and private datacentre locations.

       Go beyond Amazon's 'cloud watch' service

      Unlike traditional cloud monitoring tools that provide simple resource utilisation metrics (CPU, memory, disk I/O, and bandwidth), we provide solution to see transactional-level metrics that help IT teams answer questions about what is really happening with their AWS workloads.
      • Identify workloads to migrate to AWS and then optimize their performance in the cloud.
      • Track the efficiency of AWS services and provide application owners with performance-based SLAs.


      > Real-time network optimisation techniques to maximise application performance across the cloud

      > Optimise workload performance in the cloud

       > Load Balancing

      > WAN Optimisation
      Track the efficiency of AWS services and provide application owners with performance-based SLAs.



      HYBRID SOLUTION PLATFORMS 
      Seamless hybrid deployment and security posture management with a single console: available in virtual machines, physical appliance, or Amazon Machine Image (AMI).



      +44(0)7714 20 99 27
      info@securenetconsulting.co.ukinfo@securenetconsulting.co.uk
      http://eepurl.com/GKx25
      https://www.linkedin.com/in/paul-rummery-0b89535
      https://plus.google.com/116898209106255177774
      		http://www.fhttps/www.facebook.com/pages/SecureNet-Consulting/188102854572105