PCI DSS and the A10 Solution

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "PCI DSS and the A10 Solution"

Transcription

1 White Paper A10 Thunder Series PCI DSS and the A10 Solution For cloud service providers, A10 s Thunder Series & AX Series appliances and SoftAX are the first step towards PCI compliance, allowing you to achieve a secure web infrastructure for your clients. October 2013 WP_PCIDSS

2 Disclaimer This document does not create any express or implied warranty about A10 Networks or about its products or services, including but not limited to fitness for a particular use and non-infringement. A10 Networks has made reasonable efforts to verify that the information contained herein is accurate, but A10 Networks assumes no responsibility for its use. All information is provided "as-is." The product specifications and features described in this publication are based on the latest information available; however, specifications are subject to change without notice, and certain features may not be available upon initial product release. Contact A10 Networks for current information regarding its products or services. A10 Networks products and services are subject to A10 Networks standard terms and conditions. Copyright 2013 A10 Networks, Inc. All rights reserved. A10 Networks, A10 Thunder, vthunder, ACOS, acloud, aflex, axapi, avcs, Virtual Chassis, SoftAX, and aflow are trademarks or registered trademarks of A10 Networks, Inc. in the United States and other countries. 2

3 The Challenge of PCI Compliance While the Payment Card Industry Data Security Standards (PCI DSS) pertain to secure processing and storage of cardholder data, these standards can apply to any cloud service provider (CSP) as a framework for constructing a safe cloud environment. Achieving the stamp of PCI compliance is an important advertisement to customers, as one of the biggest marketing challenges for CSPs is promising data security in the cloud. It also allows CSPs to set concrete security measures internally, giving them a way to specify procedures for quality assurance engineers and IT staff. However, in such dynamic environments where CSP-client boundaries can be fluid, CSPs can only achieve PCI compliance starting at the application infrastructure level. Given these goals, the question for most CSPs is this: how do they uphold security while maintaining rapid delivery of services to their clients? With the A10 solution, you won t have to compromise one for the other. Overview of PCI DSS The Payment Card Industry (PCI) Council was formed in 2006 by leading credit card companies (American Express, Discover, JCB International, MasterCard, and Visa), who established PCI DSS as a set of rules for payment industries to prevent credit card fraud, hacking, and other security threats. 1 These standards apply to any company that stores, processes, or transmits Primary Account Numbers (PANs), cardholder data, expiration codes, or service codes. These standards apply to all system components such as servers, network components, applications, and all virtualized parts (virtual machines [VMs], hypervisors, and so on). 2 Over time, these standards have also become a reference guide for IT professionals to devise procedures for building safe application infrastructures and ensuring sound data security practices. PCI DSS consists of 12 standards, of which certain sets of the 12 standards fall under general security requirements. In the 2013 revisions, PCI DSS was updated to include considerations and tools for cloud services, offering ways to measure PCI compliance for specific cloud layers and components. These standards (displayed in the table below) are intended to provide a general framework for discussion. Supplemental information on how CSPs can comply with these standards is provided in the PCI DSS Cloud Computing Guidelines. CSPs can refer to the supplemental guidelines for further tools to assess their PCI compliance. These tools include questions for defining requirements, which differ based on role (CSPs vs. their clients) at every cloud layer, outlined for various service models (SaaS, PaaS, or IaaS). 1 Source: Information Supplement: PCI DSS Cloud Computing Guidelines, PCI Council, February Pg Source: PCI DSS Requirements and Security Assessment Procedures, Version 2.0, PCI Council, October Pg

4 Table 1 PCI DSS Requirements and Standards. 3 Virtualization and the PCI Dilemma Importantly, the 2013 PCI Guidelines point out that different virtualization structures will demand different security solutions. 4 There is no one-size fits all solution to PCI compliance for CSPs, because the differing needs of private, public, and hybrid clouds demand customized approaches to security. Furthermore, full compliance is not possible without full cooperation of both the CSP and the client. This makes it necessary for CSPs to define the scope of security controls for the CSP vs. their client. Scope can vary, but as PCI DSS explains, there are some common considerations that hold for most CSPs. PCI DSS provides an explanation illustrating security controls for clients and CSPs at every cloud layer for different service models. As illustrated in the diagram below, certain trends emerge for CSPs to consider. One trend is that for all service models, it is a given that CSPs will be held accountable for full control of security starting from the physical data center level to the hypervisor level. For IT, this is a relatively straightforward component. It primarily involves selecting hardware with appropriate capacity, scalability, and data-loss prevention. The other trend is that SaaS and PaaS models will have to assume almost 100 percent control over security at the application-related cloud layers, as little is left up to client control. The application component is where we see the more fluid parts of the CSP model, which have made it difficult for IT to judge compliance in the past. 3 Source: PCI DSS Requirements and Security Assessment Procedures, Version 2.0, PCI Council, October Pg.5 4 Source: Information Supplement: PCI DSS Cloud Computing Guidelines, PCI Council, February Pg. 6 4

5 Either CSPs or clients will have to select the right security measures for safe application delivery. This makes it all the more necessary for these services, or their clients, to choose the best application delivery hardware, as elements of virtual network infrastructure, solution stack, applications, and interfaces are more vulnerable parts of a CSP model to security breaches. While PCI gives a general idea of what CSPs need to look for in selecting hardware/software solutions for virtualization, specific features are not described. 5 PCI standards suggest implementing firewalls, tenant isolation, and encryption, but for network architects, this can mean a variety of options. An easy solution is to select the right application delivery controller (ADC) which covers a sizeable component of PCI compliance. The A10 Solution What do you specifically need to create a PCI-compliant application infrastructure for cloud services with ADCs? You need a solution that can offer: Multi-tenancy Web Application Firewall (WAF) SSL/TLS and STARTTLS encryption DDoS protection Flexible scripting technology API management capability Admin and network separation Ability to work with third-party hypervisors Figure 1 Breakdown of security responsibilities by service model and cloud layer. A10 Networks carries several hardware and software solutions that can help ensure PCI compliance for your network infrastructure. Our Thunder Series and AX Series appliances as well as SoftAX are equipped with features that can help with tenant isolation and thwart network attacks, delivering advanced solutions beyond basic load balancing. 5 Source for table: Same. Pg. 8 5

6 Thunder Series & AX Series ADCs Our award-winning Advanced Core Operating System (ACOS), featured in our Thunder and AX Series appliances, essentially functions as an ADC virtual system, allowing easy deployment of Application Delivery Partitions (ADPs) to function as virtual components with ADC capability. ADPs meet PCI compliance by: Enforcing strict network and administration separation through Layer 3 virtualization (L3V) (via private partitions ) support (PCI Standards 7,8) Providing role-based access (RBA) control (PCI Standards 7,8,9) Additionally, all these solutions are equipped with: DDoS protection (PCI Standards 1,5,6) SSL and TLS encryption features, and STARTTLS for encryption (PCI Standards 3,4) WAF, for protection against SQL attacks, CSRF and XSS breaches, and other threats (PCI Standards 1,2,5,6) Application Access Management (AAM) for robust, flexible authentication and authorization of end-user traffic (PCI Standards 7,8,9) A10 ADCs are equipped with axapi to allow custom management of traffic reporting and integration with third-party applications. axapi uses a REST-style XML API for custom management and integration of third-party hypervisors. A10 ADCs also provide aflex, a feature for deep packet inspection and Layer 4-7 scripting, which allows easy integration of applications with the A10 load-balancing solution. SoftAX Virtual ADC You can use our SoftAX virtual ADC to deploy multiple virtual machines that run on a single hardware platform, offering complete device and service isolation with a third-party hypervisor. Our SoftAX ADC is compatible with a variety of third-party hypervisors. These include VMware ESXi, Microsoft Hyper-V, KVM and Citrix XenServer. SoftAX instances are strongly isolated and operate independently of one another. This isolation ensures maximum safety for client data. (PCI Standards 1,2) Security feature support for WAF, encryption, and DDoS protection on SoftAX are all similar to support for these features on Thunder and AX Series hardware-based appliances as well. (PCI Standards 1-6) Hence, you can take advantage of our multiple security features simply at the software level. Conclusion A10 Thunder & AX Series hardware appliances and SoftAX virtual appliances enable CSPs and their clients to be compliant with PCI standards 1-9, simply through their support at the load-balancing level. Hence, integrating A10 appliances within your network infrastructure can help with many of your security needs. For the remaining PCI standards (10-12), it is incumbent on the CSP to provide operational oversight and establish procedures for safe cloud building. However, A10 provides 24/7 technical assistance by phone for your A10 devices as part of our Gold Level Support. In short, building a PCI-compliant cloud has never been simpler than with A10 we deliver security without compromising performance. 6

PCI DSS and the A10 Solution

PCI DSS and the A10 Solution WHITE PAPER PCI DSS and the A10 Solution How Cloud Service Providers Can Achieve PCI Compliance with A10 Thunder ADC and vthunder Table of Contents The Challenge of PCI Compliance... 3 Overview of PCI

More information

White Paper A10 Thunder and AX Series Load Balancing Security Gateways

White Paper A10 Thunder and AX Series Load Balancing Security Gateways White Paper A10 Thunder and AX Series Load Balancing Security Gateways June 2013 WP_LB FW 062013 Disclaimer This document does not create any express or implied warranty about A10 Networks or about its

More information

White Paper A10 Thunder and AX Series Application Delivery Controllers and the A10 Advantage

White Paper A10 Thunder and AX Series Application Delivery Controllers and the A10 Advantage White Paper A10 Thunder and AX Series Application Delivery Controllers and the A10 Advantage June 2013 WP_ADC 062013 Disclaimer This document does not create any express or implied warranty about A10 Networks

More information

Healthcare Security and HIPAA Compliance with A10

Healthcare Security and HIPAA Compliance with A10 WHITE PAPER Healthcare Security and HIPAA Compliance with A10 Contents Moving Medicine to the Cloud: the HIPAA Challenge...3 HIPAA History and Standards...3 HIPAA Compliance and the A10 Solution...4 164.308

More information

A10 Thunder and AX Series

A10 Thunder and AX Series WHITE PAPER A10 Thunder and AX Series Evolution of ADCs: The A10 Advantage over Legacy Load Balancers Table of Contents A10 Thunder ADC: Application Delivery Evolved... 3 Business Challenges Solved by

More information

Load Balancing Security Gateways WHITE PAPER

Load Balancing Security Gateways WHITE PAPER Load Balancing Security Gateways WHITE PAPER Table of Contents Acceleration and Optimization... 4 High Performance DDoS Protection... 4 Web Application Firewall... 5 DNS Application Firewall... 5 SSL Insight...

More information

Driving Down the Cost and Complexity of Application Networking with Multi-tenancy

Driving Down the Cost and Complexity of Application Networking with Multi-tenancy White Paper AX Series Driving Down the Cost and Complexity of Application Networking with Multi-tenancy February 2013 WP_ADC_ADP_012013.1 Table of Contents 1 Introduction... 3 2 Application Delivery Partition

More information

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive

Cloud Security Through Threat Modeling. Robert M. Zigweid Director of Services for IOActive Cloud Security Through Threat Modeling Robert M. Zigweid Director of Services for IOActive 1 Key Points Introduction Threat Model Primer Assessing Threats Mitigating Threats Sample Threat Model Exercise

More information

PCI Compliance Updates

PCI Compliance Updates PCI Compliance Updates E-Commerce / Cloud Security Adam Goslin, Chief Operations Officer AGoslin@HighBitSecurity.com Direct: 248.388.4328 PCI Guidance Google: PCI e-commerce guidance https://www.pcisecuritystandards.org/pdfs/pci_dss_v2_ecommerce_guidelines.pdf

More information

Security Overview and Cisco ACE Replacement

Security Overview and Cisco ACE Replacement Security Days Geneva 2015 Security Overview and Cisco ACE Replacement March, 2014 Tobias Kull tobias.kull@eb-qual.ch A10 Corporate Introduction Headquarters in San Jose 800+ Employees Offices in 32 countries

More information

Orchestrating the next generation data center

Orchestrating the next generation data center Customer Driven Innovation A10 Networks Orchestrating the next generation data center WHD 2014 Do not distribute/edit/copy without the written consent of A10 Networks 2 About A10 3 Customer Driven Innovation

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP solution brief PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP AWS AND PCI DSS COMPLIANCE To ensure an end-to-end secure computing environment, Amazon Web Services (AWS) employs a shared security responsibility

More information

Cloud Security Who do you trust?

Cloud Security Who do you trust? Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud

More information

Dynamic L4-L7 Service Insertion with Cisco ACI and A10 Thunder ADC REFERENCE ARCHITECTURE

Dynamic L4-L7 Service Insertion with Cisco ACI and A10 Thunder ADC REFERENCE ARCHITECTURE Dynamic L4-L7 Service Insertion with Cisco and A10 Thunder ADC REFERENCE ARCHITECTURE Reference Architecture Dynamic L4-L7 Service Insertion with Cisco and A10 Thunder ADC Table of Contents Executive Summary...3

More information

Can PCI DSS Compliance Be Achieved in a Cloud Environment?

Can PCI DSS Compliance Be Achieved in a Cloud Environment? royal holloway Can Compliance Be Achieved in a Cloud Environment? Organisations are considering whether to run -based systems in a cloud environment. The security controls in the cloud may be sufficient

More information

Thunder ADC: 10 Reasons to Select A10 WHITE PAPER

Thunder ADC: 10 Reasons to Select A10 WHITE PAPER Thunder ADC: 10 Reasons to Select A10 WHITE PAPER Table of Contents 10 Reasons to Select A10 Thunder Application Delivery Controllers (ADCs)...3 The Right Choice...3 1 ACOS Peformance and Scalability...3

More information

PCI DSS 3.0 Compliance

PCI DSS 3.0 Compliance A Trend Micro White Paper April 2014 PCI DSS 3.0 Compliance How Trend Micro Cloud and Data Center Security Solutions Can Help INTRODUCTION Merchants and service providers that process credit card payments

More information

Cloud Security Who do you trust?

Cloud Security Who do you trust? Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud

More information

AX ADC Application Delivery Controller

AX ADC Application Delivery Controller DATASHEET AX Application Delivery Controller Supported Platforms AX physical appliance agalaxy centralized management Overview A10 AX Series is a family of hardware appliances ready to match your deployment

More information

Cloud Courses Description

Cloud Courses Description Courses Description 101: Fundamental Computing and Architecture Computing Concepts and Models. Data center architecture. Fundamental Architecture. Virtualization Basics. platforms: IaaS, PaaS, SaaS. deployment

More information

SSL Insight Certificate Installation Guide

SSL Insight Certificate Installation Guide SSL Insight Certificate Installation Guide For A10 Thunder Application Delivery Controllers DEPLOYMENT GUIDE Table of Contents Introduction...3 Generating a CA Certificate...3 Exporting a Certificate from

More information

Effective End-to-End Cloud Security

Effective End-to-End Cloud Security Effective End-to-End Cloud Security Securing Your Journey to the Cloud Trend Micro SecureCloud A Trend Micro & VMware White Paper August 2011 I. EXECUTIVE SUMMARY This is the first paper of a series of

More information

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 Part Number: E69079-01. April 2016

Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 Part Number: E69079-01. April 2016 Oracle Hospitality OPERA Cloud Services Security Guide Release 1.20 Part Number: E69079-01 April 2016 Copyright 2016, Oracle and/or its affiliates. All rights reserved. This software and related documentation

More information

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments H Y T RUST: S OLUTION B RIEF Solve the Nosy Neighbor Problem in Multi-Tenant Environments Summary A private cloud with multiple tenants such as business units of an enterprise or customers of a cloud service

More information

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS Char Sample Security Engineer, Carnegie Mellon University CERT Information Security Decisions TechTarget Disclaimer Standard Disclaimer - This talk

More information

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services

Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Secure Clouds - Secure Services Trend Micro best-in-class solutions enable data center to deliver trusted and secure infrastructures and services Udo Schneider Trend Micro Udo_Schneider@trendmicro.de 26.03.2013

More information

Thank you for joining us today! The presentation will begin shortly. Thank you for your patience.

Thank you for joining us today! The presentation will begin shortly. Thank you for your patience. Thank you for joining us today! The presentation will begin shortly. Thank you for your patience. Copyright 2012-2015. SDNCentral LLC. All Rights Reserved September 11, 2015 Webinar Logistics Enable pop-ups

More information

INSTALLATION GUIDE. A10 Thunder TM Series vthunder for AWS

INSTALLATION GUIDE. A10 Thunder TM Series vthunder for AWS INSTALLATION GUIDE A10 Thunder TM Series vthunder for AWS 2/18/2014 A10 Networks, Inc. - All Rights Reserved Information in this document is subject to change without notice. Patents Protection A10 Network

More information

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard

Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard Partner Addendum Trend Micro VMware Solution Guide Summary for Payment Card Industry Data Security Standard The findings and recommendations contained in this document are provided by VMware-certified

More information

Security Issues in Cloud Computing

Security Issues in Cloud Computing Security Issues in Computing CSCI 454/554 Computing w Definition based on NIST: A model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources

More information

A10 Networks LBaaS Driver for Thunder and AX Series Appliances

A10 Networks LBaaS Driver for Thunder and AX Series Appliances DEPLOYMENT GUIDE A10 Networks LBaaS Driver for Thunder and AX Series Appliances Table of Contents Introduction... 2 Implementation... 2 Network Architecture... 3 SNATED... 3 VLAN... 3 Installation steps...

More information

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud

Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Architecting and Building a Secure and Compliant Virtual Infrastructure and Private Cloud Rob Randell, CISSP Principal Systems Engineer Security Specialist Agenda What is the Cloud? Virtualization Basics

More information

Security That Ensures Tenants Do Not Pose a Risk to One Another In Terms of Data Loss, Misuse, or Privacy Violation

Security That Ensures Tenants Do Not Pose a Risk to One Another In Terms of Data Loss, Misuse, or Privacy Violation White Paper Securing Multi-Tenancy and Cloud Computing Security That Ensures Tenants Do Not Pose a Risk to One Another In Terms of Data Loss, Misuse, or Privacy Violation Copyright 2012, Juniper Networks,

More information

Where every interaction matters.

Where every interaction matters. Where every interaction matters. Peer 1 Vigilant Web Application Firewall Powered by Alert Logic The Open Web Application Security Project (OWASP) Top Ten Web Security Risks and Countermeasures White Paper

More information

Avoid Microsoft Lync Deployment Pitfalls with A10 Thunder ADC

Avoid Microsoft Lync Deployment Pitfalls with A10 Thunder ADC WHITE PAPER Avoid Microsoft Lync Deployment Pitfalls with A10 Thunder ADC Table of Contents Introduction...3 Executive Summary...3 High Availability...3 Advanced Load Balancing...4 Global Server Load Balancing...4

More information

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP SOLUTION BRIEF PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP The benefits of cloud computing are clear and compelling: no upfront investment, low ongoing costs, flexible capacity and fast application

More information

VMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3

VMware Solution Guide for. Payment Card Industry (PCI) September 2012. v1.3 VMware Solution Guide for Payment Card Industry (PCI) September 2012 v1.3 VALIDATION DO CU MENT Table of Contents INTRODUCTION... 3 OVERVIEW OF PCI AS IT APPLIES TO CLOUD/VIRTUAL ENVIRONMENTS... 5 GUIDANCE

More information

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified

Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Standard: Data Security Standard (DSS) Requirement: 6.6 Date: February 2008 Information Supplement: Requirement 6.6 Code Reviews and Application Firewalls Clarified Release date: 2008-04-15 General PCI

More information

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP

Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Using SUSE Cloud to Orchestrate Multiple Hypervisors and Storage at ADP Agenda ADP Cloud Vision and Requirements Introduction to SUSE Cloud Overview Whats New VMWare intergration HyperV intergration ADP

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Application Reviews and Web Application Firewalls Clarified. Information Supplement: PCI Data Security Standard (PCI DSS) Requirement:

Application Reviews and Web Application Firewalls Clarified. Information Supplement: PCI Data Security Standard (PCI DSS) Requirement: Standard: Version: Date: Requirement: Author: PCI Data Security Standard (PCI DSS) 1.2 October 2008 6.6 PCI Security Standards Council Information Supplement: Application Reviews and Web Application Firewalls

More information

Keyword: Cloud computing, service model, deployment model, network layer security.

Keyword: Cloud computing, service model, deployment model, network layer security. Volume 4, Issue 2, February 2014 ISSN: 2277 128X International Journal of Advanced Research in Computer Science and Software Engineering Research Paper Available online at: www.ijarcsse.com An Emerging

More information

Application Deliver Control Next Generation Load balancing

Application Deliver Control Next Generation Load balancing Customer Driven Innovation Application Deliver Control Next Generation Load balancing Thomas Hedströmmer Senior Sales Engineer +46 733 35 95 91 Thomas.hedstrommer@a10networks.com Do not distribute/edit/copy

More information

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect

More information

Virtualization Impact on Compliance and Audit

Virtualization Impact on Compliance and Audit 2009 Reflex Systems, LLC Virtualization Impact on Compliance and Audit Michael Wronski, CISSP VP Product Management Reflex Systems Agenda Introduction Virtualization? Cloud? Risks and Challenges? Compliance

More information

access convergence management performance security

access convergence management performance security access convergence management performance security 2010 2009 2008 2007 WINNER 2007 WINNER 2008 WINNER 2009 WINNER 2010 AX Series Advantage A10 Networks was created to solve business problems through the

More information

A10 Device Package for Cisco Application Centric Infrastructure (ACI)

A10 Device Package for Cisco Application Centric Infrastructure (ACI) DEPLOYMENT GUIDE A10 Device Package for Cisco Application Centric Infrastructure (ACI) Step by Step Instructions for Deploying Rich Application Delivery and Security Capabilities in a Shared Infrastructure

More information

Lecture 02b Cloud Computing II

Lecture 02b Cloud Computing II Mobile Cloud Computing Lecture 02b Cloud Computing II 吳 秀 陽 Shiow-yang Wu T. Sridhar. Cloud Computing A Primer, Part 2: Infrastructure and Implementation Topics. The Internet Protocol Journal, Volume 12,

More information

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation

Cloud Security. Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs. peterjopling. 2011 IBM Corporation Cloud Security Peter Jopling joplingp@uk.ibm.com IBM UK Ltd Software Group Hursley Labs peterjopling 2011 IBM Corporation Cloud computing impacts the implementation of security in fundamentally new ways

More information

CLOUD COMPUTING OVERVIEW

CLOUD COMPUTING OVERVIEW CLOUD COMPUTING OVERVIEW http://www.tutorialspoint.com/cloud_computing/cloud_computing_overview.htm Copyright tutorialspoint.com Cloud Computing provides us a means by which we can access the applications

More information

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities

More information

Security April 2015. Solving the data security challenge with our enhanced private and hybrid cloud services

Security April 2015. Solving the data security challenge with our enhanced private and hybrid cloud services Security April 2015 Secure cloud solutions with guaranteed UK data sovereignty. Solving the data security challenge with our enhanced private and hybrid cloud services This paper enables discussion around

More information

Cloud Courses Description

Cloud Courses Description Cloud Courses Description Cloud 101: Fundamental Cloud Computing and Architecture Cloud Computing Concepts and Models. Fundamental Cloud Architecture. Virtualization Basics. Cloud platforms: IaaS, PaaS,

More information

CHEAT SHEET: PCI DSS 3.1 COMPLIANCE

CHEAT SHEET: PCI DSS 3.1 COMPLIANCE CHEAT SHEET: PCI DSS 3.1 COMPLIANCE WHAT IS PCI DSS? Payment Card Industry Data Security Standard Information security standard for organizations that handle data for debit, credit, prepaid, e-purse, ATM,

More information

THUNDER ADC Next-generation Application Delivery Controller

THUNDER ADC Next-generation Application Delivery Controller DATASHEET THUNDER ADC Next-generation Application Delivery Controller Supported Platforms ADC physical appliance HVA hybrid virtual appliance v virtual appliance agalaxy centralized management Overview

More information

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks

全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks 全 球 資 安 剖 析, 您 做 確 實 了 嗎? Albert Yung Barracuda Networks Agenda Challenges and PCI DSS 3.0 Updates Personal Information Protection Act Strategy to Protect against leak of Confidential Personal and Corporate

More information

DEPLOYMENT GUIDE. SAML 2.0 Single Sign-on (SSO) Deployment Guide with Ping Identity

DEPLOYMENT GUIDE. SAML 2.0 Single Sign-on (SSO) Deployment Guide with Ping Identity DEPLOYMENT GUIDE SAML 2.0 Single Sign-on (SSO) Deployment Guide with Ping Identity Table of Contents SAML Overview...3 Integration Topology...3 Deployment Requirements...4 Configuration Steps...4 Step

More information

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master

Securing The Cloud. Foundational Best Practices For Securing Cloud Computing. Scott Clark. Insert presenter logo here on slide master Securing The Cloud Foundational Best Practices For Securing Cloud Computing Scott Clark Agenda Introduction to Cloud Computing What is Different in the Cloud? CSA Guidance Additional Resources 2 What is

More information

SERENA SOFTWARE Serena Service Manager Security

SERENA SOFTWARE Serena Service Manager Security SERENA SOFTWARE Serena Service Manager Security 2014-09-08 Table of Contents Who Should Read This Paper?... 3 Overview... 3 Security Aspects... 3 Reference... 6 2 Serena Software Operational Security (On-Demand

More information

Vyatta Network OS for Network Virtualization

Vyatta Network OS for Network Virtualization Complete Security and Compliance for Virtual Environments Vyatta takes the concept of virtualization beyond just applications and operating systems and allows enterprise IT to also virtualize network components

More information

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security Technical Paper Plain talk about security When it comes to Cloud deployment, security is top of mind for all concerned. The Infor CloudSuite team uses best-practice protocols and a thorough, continuous

More information

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security

Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security WHITE PAPER August 2011 Passing Compliance Audit: Virtualize PCI-compliant Workloads with the Help of HyTrust and Trend Micro Deep Security HYTRUST AND TREND MICRO DEEP SECURITY TOC Contents Virtualization

More information

A Survey on Cloud Security Issues and Techniques

A Survey on Cloud Security Issues and Techniques A Survey on Cloud Security Issues and Techniques Garima Gupta 1, P.R.Laxmi 2 and Shubhanjali Sharma 3 1 Department of Computer Engineering, Government Engineering College, Ajmer Guptagarima09@gmail.com

More information

Conquering PCI DSS Compliance

Conquering PCI DSS Compliance Any organization that stores, processes or transmits information related to credit and debit card payments has a responsibility to protect each cardholder s personal data. To help accomplish this goal,

More information

Connectik Platform. Security and Reliability. November, 2016

Connectik Platform. Security and Reliability. November, 2016 Connectik Platform Security and Reliability November, 2016 The information in this document may be subject to change without notice. All statements, information, and recommendations in the document are

More information

Peak Hosting, founded in 2001, provides comprehensive ITas-a-service

Peak Hosting, founded in 2001, provides comprehensive ITas-a-service Cloud Service and Managed Hosting Provider Delivers Customer Value with High-performance Multi-tenant Application Delivery web properties in the world. Peak Hosting, founded in 2001, provides comprehensive

More information

Meeting the Challenges of Virtualization Security

Meeting the Challenges of Virtualization Security Meeting the Challenges of Virtualization Security Coordinate Security. Server Defense for Virtual Machines A Trend Micro White Paper August 2009 I. INTRODUCTION Virtualization enables your organization

More information

From Secure Virtualization to Secure Private Clouds

From Secure Virtualization to Secure Private Clouds From Secure Virtualization to Secure Private Clouds Gartner RAS Core Research Note G00208057, Neil MacDonald, Thomas J. Bittman, 13 October 2010, RV2A108222011 As enterprises move beyond virtualizing their

More information

Datacenter Transformation

Datacenter Transformation Datacenter Transformation Consolidation Without Compromising Compliance and Security Joe Poehls Solution Architect, F5 Networks Challenges in the infrastructure I have a DR site, but the ROI on having

More information

Achieve Single Sign-on (SSO) for Microsoft ADFS

Achieve Single Sign-on (SSO) for Microsoft ADFS DEPLOYMENT GUIDE Achieve Single Sign-on (SSO) for Microsoft ADFS Leverage A10 Thunder ADC Application Access Manager (AAM) Table of Contents Overview...3 SAML Overview...3 Integration Topology...4 Deployment

More information

Proactively Secure Your Cloud Computing Platform

Proactively Secure Your Cloud Computing Platform Proactively Secure Your Cloud Computing Platform Dr. Krutartha Patel Security Engineer 2010 Check Point Software Technologies Ltd. [Restricted] ONLY for designated groups and individuals Agenda 1 Cloud

More information

PCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com

PCI Compliance - A Realistic Approach. Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com PCI Compliance - A Realistic Approach Harshul Joshi, CISM, CISA, CISSP Director, Information Technology CBIZ MHM hjoshi@cbiz.com What What is PCI A global forum launched in September 2006 for ongoing enhancement

More information

Cloud Computing in a Restaurant Environment

Cloud Computing in a Restaurant Environment WHITE PAPER Cloud Computing in a Restaurant Environment Cloud Computing in a Restaurant Environment How Restaurants Leverage New Cloud Computing Technologies to Achieve PCI Compliance By Bradley K. Cyprus

More information

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015. Preparing an RFI for Protecting cardholder data is a critical and mandatory requirement for all organizations that process, store or transmit information on credit or debit cards. Requirements and guidelines

More information

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments

HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments HOW TO PROTECT YOUR VIRTUAL DESKTOPS AND SERVERS? Security for Virtual and Cloud Environments OVERVIEW This document explains the functionality of Security for Virtual and Cloud Environments (SVCE) - what

More information

Addressing Security for Hybrid Cloud

Addressing Security for Hybrid Cloud Addressing Security for Hybrid Cloud Sreekanth Iyer Executive IT Architect IBM Cloud (CTO Office) Email : sreek.iyer@in.ibm.com Twitter: @sreek Blog: http://ibm.co/sreek July 18, 2015 Cloud is rapidly

More information

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management

More information

Cloud and Data Center Security

Cloud and Data Center Security solution brief Trend Micro Cloud and Data Center Security Secure virtual, cloud, physical, and hybrid environments easily and effectively introduction As you take advantage of the operational and economic

More information

Deployment Options for Microsoft Hyper-V Server

Deployment Options for Microsoft Hyper-V Server CA ARCserve Replication and CA ARCserve High Availability r16 CA ARCserve Replication and CA ARCserve High Availability Deployment Options for Microsoft Hyper-V Server TYPICALLY, IT COST REDUCTION INITIATIVES

More information

Achieving PCI Compliance: How Red Hat Can Help. Akash Chandrashekar, RHCE. Red Hat Daniel Kinon, RHCE. Choice Hotels Intl.

Achieving PCI Compliance: How Red Hat Can Help. Akash Chandrashekar, RHCE. Red Hat Daniel Kinon, RHCE. Choice Hotels Intl. Achieving PCI Compliance: How Red Hat Can Help Akash Chandrashekar, RHCE. Red Hat Daniel Kinon, RHCE. Choice Hotels Intl. Agenda Understanding Compliance Security Features within Red Hat Backporting Choice

More information

Top 10 PCI Concerns. Jeff Tucker Sr. Security Consultant, Foundstone Professional Services

Top 10 PCI Concerns. Jeff Tucker Sr. Security Consultant, Foundstone Professional Services Top 10 PCI Concerns Jeff Tucker Sr. Security Consultant, Foundstone Professional Services About Jeff Tucker QSA since Spring of 2007, Lead for the Foundstone s PCI Services Security consulting and project

More information

dotdefender PCI Compliance and You

dotdefender PCI Compliance and You dotdefender Web Application Security PCI Compliance and You Co-authored with STI Group 1 What is PCI? PCI refers to the Payment Card Industry Data Security Standard (PCI DSS). This standard was originally

More information

SOLUTION BRIEF THE CA TECHNOLOGIES SOLUTION FOR PCI COMPLIANCE. How Can the CA Security Solution Help Me With PCI Compliance?

SOLUTION BRIEF THE CA TECHNOLOGIES SOLUTION FOR PCI COMPLIANCE. How Can the CA Security Solution Help Me With PCI Compliance? SOLUTION BRIEF THE CA TECHNOLOGIES SOLUTION FOR PCI COMPLIANCE How Can the CA Security Solution Help Me With PCI Compliance? SOLUTION BRIEF CA DATABASE MANAGEMENT FOR DB2 FOR z/os DRAFT CA Technologies

More information

Top virtualization security risks and how to prevent them

Top virtualization security risks and how to prevent them E-Guide Top virtualization security risks and how to prevent them There are multiple attack avenues in virtual environments, but this tip highlights the most common threats that are likely to be experienced

More information

Overview of F5 Networks. Fatih Bilger Senior Systems Engineer, Prolink. fatih.bilger@prolink.com.tr

Overview of F5 Networks. Fatih Bilger Senior Systems Engineer, Prolink. fatih.bilger@prolink.com.tr Overview of F5 Networks Fatih Bilger Senior Systems Engineer, Prolink fatih.bilger@prolink.com.tr Company Snapshot Leading provider of Application Delivery Networking products that optimize the security,

More information

PCI Requirements Coverage Summary Table

PCI Requirements Coverage Summary Table StillSecure PCI Complete Managed PCI Compliance Solution PCI Requirements Coverage Summary Table January 2013 Table of Contents Introduction... 2 Coverage assumptions for PCI Complete deployments... 2

More information

Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds

Virtual Private Cloud-as-a-Service: Extend Enterprise Security Policies to Public Clouds What You Will Learn Public sector organizations without the budget to build a private cloud can consider public cloud services. The drawback until now has been tenants limited ability to implement their

More information

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By:

PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: PCI Compliance and the Cloud: What You Can and What You Can t Outsource Presented By: Peter Spier Managing Director PCI and Risk Assurance Fortrex Technologies Agenda Instructor Biography Background On

More information

Achieving PCI Compliance with Red Hat Enterprise Linux. June 2009

Achieving PCI Compliance with Red Hat Enterprise Linux. June 2009 Achieving PCI Compliance with Red Hat Enterprise Linux June 2009 CONTENTS EXECUTIVE SUMMARY...2 OVERVIEW OF PCI...3 1.1. What is PCI DSS?... 3 1.2. Who is impacted by PCI?... 3 1.3. Requirements for achieving

More information

Security Considerations for Cloud Computing. Steve Ouzman Security Engineer

Security Considerations for Cloud Computing. Steve Ouzman Security Engineer Security Considerations for Cloud Computing Steve Ouzman Security Engineer AGENDA Introduction Brief Cloud Overview Security Considerations ServiceNow Security Overview Summary Cloud Computing Overview

More information

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility. FME Cloud Security Table of Contents FME Cloud Architecture Overview Secure Operations I. Backup II. Data Governance and Privacy III. Destruction of Data IV. Incident Reporting V. Development VI. Customer

More information

Ensuring PCI DSS Compliance in the Cloud

Ensuring PCI DSS Compliance in the Cloud Cognizant 20-20 Insights Ensuring PCI DSS Compliance in the Cloud A simple approach based on ownership control and shared responsibility can help organizations more effectively migrate PCI DSS compliance

More information

What s Holding Back the Cloud?

What s Holding Back the Cloud? MAY 2012 Peer Research What s Holding Back the Cloud? Intel Survey on Increasing IT Professionals Confidence in Cloud Security Why You Should Read This Document This report captures key findings from a

More information

WhitePaper. Private Cloud Computing Essentials

WhitePaper. Private Cloud Computing Essentials Private Cloud Computing Essentials The 2X Private Cloud Computing Essentials This white paper contains a brief guide to Private Cloud Computing. Contents Introduction.... 3 About Private Cloud Computing....

More information

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com

Introduction to Cloud Computing. Srinath Beldona srinath_beldona@yahoo.com Introduction to Cloud Computing Srinath Beldona srinath_beldona@yahoo.com Agenda Pre-requisites Course objectives What you will learn in this tutorial? Brief history Is cloud computing new? Why cloud computing?

More information

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1)

Configuring Virtual Switches for Use with PVS. February 7, 2014 (Revision 1) Configuring Virtual Switches for Use with PVS February 7, 2014 (Revision 1) Table of Contents Introduction... 3 Basic PVS VM Configuration... 3 Platforms... 3 VMware ESXi 5.5... 3 Configure the ESX Management

More information

Architectural Implications of Cloud Computing

Architectural Implications of Cloud Computing Architectural Implications of Cloud Computing Grace Lewis Research, Technology and Systems Solutions (RTSS) Program Lewis is a senior member of the technical staff at the SEI in the Research, Technology,

More information

IT Security Conference Romandie - Barracuda Securely Publishing Web Application a field dedicated to expert only?

IT Security Conference Romandie - Barracuda Securely Publishing Web Application a field dedicated to expert only? IT Security Conference Romandie - Barracuda Securely Publishing Web Application a field dedicated to expert only? Antoine Donzé Sales Engineer Switzerland & North Africa Mid-market organizations are increasingly

More information

VMware vcloud Air Security TECHNICAL WHITE PAPER

VMware vcloud Air Security TECHNICAL WHITE PAPER TECHNICAL WHITE PAPER The Shared Security Model for vcloud Air The end-to-end security of VMware vcloud Air (the Service ) is shared between VMware and the customer. VMware provides security for the aspects

More information

EMA Radar for Private Cloud Platforms: Q1 2013

EMA Radar for Private Cloud Platforms: Q1 2013 EMA Radar for Private Cloud Platforms: Q1 2013 By Torsten Volk ENTERPRISE MANAGEMENT ASSOCIATES (EMA ) Radar Report March 2013 BMC Software EMA Radar for Private Cloud Platforms: Q1 2013 (IaaS, PaaS, SaaS)

More information