[colug-432] Cloud services and security

Travis Sidelinger travissidelinger at gmail.com
Mon Feb 7 12:31:19 EST 2011


Anyone,

Any colug'ers have experience with maintaining security with cloud
services?  We firewall everything inbound and outbound for our DMZ
systems, but, this has been getting increasingly difficult with cloud
services that like to change their IP address often.  An example is
Amazon's cloud.  They are not using static IP addresses and you can't
use reverse DNS lookups to validate their service.  A firewall rule
can be good for about a day before it changes.  We are planning to
upgrade our firewall to a Cisco product, which I'm hoping has a
feature that can check URL's.  If that doesn't work, I may need to
build a special proxy service for these that can provide URL based
ACLs.

~Travis Sidelinger

-- 
"A careful reading of history clearly demonstrates ...
that people don't read history carefully.”



More information about the colug-432 mailing list