Security Policy Management with
Professor Wool
Best Practices for Amazon Web Services Security
Best Practices for Amazon Web Services (AWS) Security is a whiteboard-style series of lessons that examine the challenges of and provide technical tips for managing security across hybrid data centers utilizing the AWS IaaS platform.
Lesson 1
In this lesson Professor Wool provides an overview of Amazon Web Services (AWS) Security Groups and highlights some of the differences between Security Groups and traditional firewalls. The lesson continues by explaining some of the unique features of AWS and the challenges and benefits of being able to apply multiple Security Groups to a single instance.
The Fundamentals of AWS Security Groups
Lesson 2
Outbound traffic rules in AWS Security Groups are, by default, very wide and insecure. In addition, during the set-up process for AWS Security Groups the user is not intuitively guided through a set up process for outbound rules – the user must do this manually. In this lesson, Professor Wool, highlights the limitations and consequences of leaving the default rules in place, and provides recommendations on how to define outbound rules in AWS Security Groups in order to securely control and filter outbound traffic and protect against data leaks.
Protect Outbound Traffic in an AWS Hybrid Environment
Lesson 3
Once you start using AWS for production applications, auditing and compliance considerations come into play, especially if these applications are processing data that is subject to regulations such as PCI, HIPAA, SOX etc. In this lesson, Professor Wool reviews AWS’s own auditing tools, CloudWatch and CloudTrail, which are useful for cloud-based applications. However if you are running a hybrid data center, you will likely need to augment these tools with solutions that can provide reporting, visibility and change monitoring across the entire environment. Professor Wool provides some recommendations for key features and functionally you’ll need to ensure compliance, and tips on what the auditors are looking for.
Change Management, Auditing and Compliance in an AWS Hybrid Environment
Lesson 4
In this lesson Professor Wool examines the differences between Amazon's Security Groups and Network Access Control Lists (NACLs), and provides some tips and tricks on how to use them together for the most effective and flexible traffic filtering for your enterprise.
Using AWS Network ACLs for Enhanced Traffic Filtering
Lesson 5
AWS security is very flexible and granular, however it has some limitations in terms of the number of rules you can have in a NACL and security group. In this lesson Professor Wool explains how to combine security groups and NACLs filtering capabilities in order to bypass these capacity limitations and achieve the granular filtering needed to secure enterprise organizations.
Combining Security Groups and Network ACLs to Bypass AWS Capacity Limitations
Lesson 6
In this whiteboard video lesson Professor Wool provides best practices for performing security audits across your AWS estate.
The Right Way to Audit AWS Policies
Lesson 7
How to Intelligently Select the Security Groups to Modify When Managing Changes in your AWS
Lesson 8
Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com
.png)