[colug-432] Cloud services and security

Travis Sidelinger travissidelinger at gmail.com
Mon Feb 7 14:27:46 EST 2011 

That's good to know they are capable of doing it.


On Mon, Feb 7, 2011 at 2:16 PM, Jason Marshall <jason.marshall at gmail.com> wrote:
> It's an Amazon term. You can have IP addresses that are allocated to you
> that you can move around between instances as needed. Good for failover if
> needed.
>
> I can hold onto the address for as long as I needed it, and I have updated
> my DNS zones to include that address.
>
> Jason
>
> On Mon, Feb 7, 2011 at 1:44 PM, Travis Sidelinger
> <travissidelinger at gmail.com> wrote:
>>
>> I've heard of static and dynamic, but what is an "Elastic IP"?
>>
>>
>> On Mon, Feb 7, 2011 at 1:04 PM, Jason Marshall <jason.marshall at gmail.com>
>> wrote:
>> > Travis,
>> >
>> > I would beg to differ on a couple of points below. This weekend I
>> > finished
>> > configuring a mail server out on Amazon EC2, and I have an Elastic IP
>> > assigned to it with Reverse DNS. I think the reverse DNS is a relatively
>> > recent feature addition, however.
>> >
>> > Jason
>> >
>> > On Mon, Feb 7, 2011 at 12:31 PM, Travis Sidelinger
>> > <travissidelinger at gmail.com> wrote:
>> >>
>> >> Anyone,
>> >>
>> >> Any colug'ers have experience with maintaining security with cloud
>> >> services?  We firewall everything inbound and outbound for our DMZ
>> >> systems, but, this has been getting increasingly difficult with cloud
>> >> services that like to change their IP address often.  An example is
>> >> Amazon's cloud.  They are not using static IP addresses and you can't
>> >> use reverse DNS lookups to validate their service.  A firewall rule
>> >> can be good for about a day before it changes.  We are planning to
>> >> upgrade our firewall to a Cisco product, which I'm hoping has a
>> >> feature that can check URL's.  If that doesn't work, I may need to
>> >> build a special proxy service for these that can provide URL based
>> >> ACLs.
>> >>
>> >> ~Travis Sidelinger
>> >>
>> >> --
>> >> "A careful reading of history clearly demonstrates ...
>> >> that people don't read history carefully.”
>> >>
>> >> _______________________________________________
>> >> colug-432 mailing list
>> >> colug-432 at colug.net
>> >> http://lists.colug.net/mailman/listinfo/colug-432
>> >
>> >
>> > _______________________________________________
>> > colug-432 mailing list
>> > colug-432 at colug.net
>> > http://lists.colug.net/mailman/listinfo/colug-432
>> >
>> >
>>
>>
>>
>> --
>> "A careful reading of history clearly demonstrates ...
>> that people don't read history carefully.”
>>
>> _______________________________________________
>> colug-432 mailing list
>> colug-432 at colug.net
>> http://lists.colug.net/mailman/listinfo/colug-432
>
>
> _______________________________________________
> colug-432 mailing list
> colug-432 at colug.net
> http://lists.colug.net/mailman/listinfo/colug-432
>
>



-- 
"A careful reading of history clearly demonstrates ...
that people don't read history carefully.”

More information about the colug-432 mailing list