Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Enterprise Cloud Security and Governance Efficiently set data protection and privacy principles

Product type Paperback

Published in Dec 2017

Publisher Packt

ISBN-13 9781788299558

Length 410 pages

Edition 1st Edition

Tools

Ansible

Concepts

Cloud Security

Author (1):

Zeal Vora

View More author details

Table of Contents (11) Chapters

Preface

1. The Fundamentals of Cloud Security FREE CHAPTER

2. Defense in Depth Approach

3. Designing Defensive Network Infrastructure

4. Server Hardening

5. Cryptography Network Security

6. Automation in Security

7. Vulnerability, Pentest, and Patch Management

8. Security Logging and Monitoring

9. First Responder

10. Best Practices

Virtual Private Network

VPN acts somewhat similarly to the proxy that takes in the requests of client and forwards it to the instances on the private subnet. Like bastion, VPN server needs to be on the public subnet so that users can access it.

This is the basic diagram showing how VPN fits into a typical environment:

Although it might look similar to what we had in bastion host, the purpose of VPN is wider than that of bastion hosts. Bastion hosts typically work with SSH and they do key forwarding and all that magic, but it is not meant for protocols other than SSH.

Let's take a use case. There is an application server running on port 8080 on the Private Subnet. The user wants to open the application in the browser, typically via http://Server–IP:8080/.

Since the server is on Private Subnet with a private IP, you won't be able to connect directly.

So, in this...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at €18.99/month. Cancel anytime

Authors (1)

Vora

Zeal Vora works as a DevSecOps Engineer primarily in the area of Defensive Security. He spends his days protecting and implementing security controls to help mitigate attacks both on the Cloud and servers. He is actively involved in security consultation, helping various startups which have been breached to overcome the breach and start again with a secure infrastructure.

See other products by Vora