The Fundamentals of AWS Security Groups

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
you my professor will this is our first lesson in the introduction mm security management series this lesson will focus on the fundamentals of AWS security groups so you're moving to the cloud and you're starting to use the AWS environment to run your instances to run your computers and you need to secure them so the first thing you want to do when you're using the AWS firewall is to realize that a central concept in the AWS firewall is a security group security group is something like this it's what you would normally call a policy if you're used to other firewall vendors it's a collection of rules it's a list of rules so here we see some rules for the PCP on 4:22 so SH and unity o 4.23 so NTP and they're ordered in this way if you look at this and you're used to other bar walls then you can see that things are missing the first thing is MIT that's missing is the action there's no action to say if this rule is allowing with dropping the traffic that's because our AWS firewalls the action is always allowed you cannot write deny rules all the rules are positive rules they all allow the traffic that you specified the second thing that you can see is missing is that there is no destination there is a source where the traffic is allowed to come from in this case from one one one but there's no destination and the reason is that in the AWS firewall the destination is always me it is always the instance on which this particular service security group is applied to so you can write a single security group and apply it to multiple instances and the security group will adapt itself and will allow the traffic to the IP address of that instance where it's applied so this is convenient and as I said you can the same security group to multiple instances much like you apply is the same policy on a traditional firewall to multiple fibers you can apply the same policy in multiple firewalls you can apply the same security group to multiple instances this is more or less something that we're used to however when you're in the Amazon environment Amazon has done something that we're less used to and that is you can actually apply multiple security groups to a single instance so you actually have a many-to-many relationship you can add multiple security groups associated with multiple instances and the way it works is that an instance can inherit the rules from all the security groups that are associated with it so for instance here I have in this example two security groups one for Linux services this is suitable for instances running the Linux operating system so allowing management remote management of those computers and I have another system web Sam another security group that's suitable for web services for web services so if you have instances that are functioning as a web servers a web server regardless of the operating system then you need to allow HTTP HTTPS to reach that web server so you have a functional group of rules for web servers and you have another functional list of rules based on the operating system and you can mix and match them so you can have apply the little services security group to all the little space instances and you can apply the blue web services security group to all the instances that function as web servers so regardless of the operating system that they're running and you can see that for instance this instance inherits both these security groups because it's running the Linux operating system and it's functioning as a web service and you can use this type of arrangement to have multiple security groups each focused on a particular function or operating system or campaign or what have you and then you can mix and match them and apply them to the instances to suit your needs thank you for your attention and see you next time in the next class
Info
Channel: AlgoSec
Views: 31,081
Rating: undefined out of 5
Keywords: Amazon Web Services (Website), network security, firewalls, security, security groups, aws, firewall policy management, firewall management, public cloud, hybrid cloud, hybrid environment
Id: nVnhFYsdBr0
Channel Id: undefined
Length: 4min 58sec (298 seconds)
Published: Wed May 06 2015
Related Videos
AWS Networking Fundamentals
Amazon Web Services
360K
AWS Security Groups
Rohan Arora
44K
AWS re:Inforce 2019: The Fundamentals of AWS Cloud Security (FND209-R)
Amazon Web Services
129K
AWS Security Tutorial | AWS Tutorial For Beginners | Simplilearn
Simplilearn
29K
AWS Tutorial For Beginners | AWS Full CoursešŸ”„ | AWS Solutions Architect Certification | Simplilearn
Simplilearn
393K
AWS Architecture - tips for creating a VPC, subnets, route tables, and security groups
AviVerma
108K
A Security Practitioners Guide to Best Practice GCP Security (Cloud Next '18)
Google Cloud Tech
39K
Cloud Security Fundamentals | Cloud Computing Tutorial | Simplilearn
Simplilearn
52K
Closing Network Security Gaps with Micro-Segmentation
AlgoSec
256
AWS - Security Groups DEMO - Inbound and Outbound Rules - Security on Cloud
knowledgeindia AWS Azure GCP tutorials
84K
Security & Compliance: First Steps to Best Practices (Level 100)
Amazon Web Services
12K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.