April 2019
Intermediate to advanced
52 pages
1h 7m
English
Content preview from Modern Defense in Depth
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
Chapter 4. How to Achieve the Integrated Approach
In this chapter, we cover the concept of cloud edge and cloud core and what technologies reside within each. Because you will hear these terms often when working with cloud environments, it makes sense to cover these terms first. The purpose of this discussion surrounding edge and core is to understand that you cannot effectively protect the core without adequately protecting the edge first. But how can organizations achieve integration with all the defensive lines previously discussed in Chapter 3? And what are the pros and cons of on-premises security operation centers (SOCs) versus outsourced SOCs? Let’s take a look at the terms “cloud edge” and “cloud core” first, before moving on to the discuss how to achieve integration. Then, we end with a comparison of SOC approaches.
Cloud Edge and Cloud Core
When looking from the perspective of a visitor (or attacker) who wants to gain access to your public-facing web applications, the traffic first arrives at what we again call the cloud edge. Today, there are cloud providers that have built their cloud edge from the ground up, implementing all the security technologies listed here:
Edge routers
DDoS defenses
Managed DNS
Reverse proxies
Bot management
Web application firewalls
API defenses
Caching
Conversely, in cloud environments, you will often hear the term cloud core. The cloud core is where the web applications reside. Inside the core, you will often find compute, storage, connectivity, ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.