[colug-432] Cloud services and security
Jason Marshall
jason.marshall at gmail.com
Mon Feb 7 13:04:42 EST 2011
Travis,
I would beg to differ on a couple of points below. This weekend I finished
configuring a mail server out on Amazon EC2, and I have an Elastic IP
assigned to it with Reverse DNS. I think the reverse DNS is a relatively
recent feature addition, however.
Jason
On Mon, Feb 7, 2011 at 12:31 PM, Travis Sidelinger <
travissidelinger at gmail.com> wrote:
> Anyone,
>
> Any colug'ers have experience with maintaining security with cloud
> services? We firewall everything inbound and outbound for our DMZ
> systems, but, this has been getting increasingly difficult with cloud
> services that like to change their IP address often. An example is
> Amazon's cloud. They are not using static IP addresses and you can't
> use reverse DNS lookups to validate their service. A firewall rule
> can be good for about a day before it changes. We are planning to
> upgrade our firewall to a Cisco product, which I'm hoping has a
> feature that can check URL's. If that doesn't work, I may need to
> build a special proxy service for these that can provide URL based
> ACLs.
>
> ~Travis Sidelinger
>
> --
> "A careful reading of history clearly demonstrates ...
> that people don't read history carefully.”
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.colug.net/pipermail/colug-432/attachments/20110207/c91f7dbb/attachment.html
More information about the colug-432
mailing list