Tracking Activity Data in AWS
-
Upload
alertlogic -
Category
Technology
-
view
216 -
download
0
description
Transcript of Tracking Activity Data in AWS
> www.alertlogic.com
Alert Logic Log Manager CloudTrail Integration
Tracking Activity Data in AWS
> www.alertlogic.com 2
Lots of reasons, including…
Why Track Activity Data?
Compliance
To comply with PCI, HIPAA, GLBA, Sarbanes-Oxley and other regulations, you need to answer questions like “who gave that user access” and “who viewed this data”
Documentation
It’s not just a matter of collecting the data, auditors also need detailed documentation for this user activity data.
It’s shared…
Who’s Responsible in AWS?
AWS GlobalInfrastructure
FoundationServices
Multiple Availability
Zones
Globally Distributed
Regions
Compute Storage DB Network
VPC Networks
Hosts
• VPC provides Logically isolated environments• Security groups filter inbound/outbound • External DDoS, spoofing and scanning
prevented
• Hardened hypervisor• Promiscuous mode prevented• Deny-all default in security group• Root access provided to customer
• Access management• Patch management• Configuration hardening• Security monitoring• Log analysis
Apps
• Network threat detection
• Security monitoring
• Secure coding and best practices• Software and virtual patching• Configuration management
• Access management• Application level attack monitoring
Customer
Primary Responsibility
AWS provides the data.
Customer needs to manage it.
> www.alertlogic.com 4
Enabling AWS CloudTrail Logs
You can turn on AWS CloudTrail with just a few clicks from your AWS Management Console.
http://aws.amazon.com/cloudtrail/
> www.alertlogic.com 5
Accessing AWS CloudTrail Logs in Log Manager
> www.alertlogic.com 6
View Activity in Log Manager
WhatWhen WhoWhere How
> www.alertlogic.com 7
Why Log Manager for AWS?
Cloud-Based Security Log AnalysisAll Log Data, All Together Collect, archive and analyze log and machine data in real-time
from AWS CloudTrail and all your other data sourcesFast & Intuitive Search Query builder to uncover insight without learning new language
Automated Security Analysis Out of the box parsers, alerts and reports for key use cases
Key Compliance Coverage Support for numerous compliance standards including 10.6
AWS Friendly Designed for AWS workloads and reference architectures
> www.alertlogic.com
For more information on Log Manager or other Alert Logic security solutions for AWS
www.alertlogic.com/amazon-solutions