Security enabling at amazon cloud (presntation)
Download as PPTX, PDF0 likes376 views
This document outlines a basic cloud EHR deployment architecture on AWS. It includes the use of EC2 servers, S3 storage, VPC networking, EBS volumes, security settings like MFA, IAM roles, and SSL certificates. Specific security measures are described like limiting access to resources using SNS, configuring firewalls, encrypting communication with SSL, and using a GovCloud region to comply with HIPAA regulations. Pricing comparisons are provided between normal and GovCloud EC2 instances for hosting the EHR application.
Security enabling at amazon cloud (presntation)
- 1. By Ghazanfar Latif (Gabe) [email protected] *Security Enabling for Cloud
- 2. Availability Zone A Amazon S3 VPC EBS 3 EBS 2 EBS 1 EC2 Server Kerberos MIT tools Web EHR App Apache X509 PHP Amazon Management Console Security Setting, SNS, Elastic IP, MFA www.abc.com US West Region Cloud EHR Deployment Architecture (Basic)
- 3. Availability Zone A Amazon S3 VPC EBS 3 EBS 2 EBS 1 EC2 Server Kerberos MIT tools Web EHR App Apache X509 PHP Amazon Management Console Security Setting, SNS, Elastic IP, MFA www.abc.com US West Region MFA: Will use Multi Factor Authentication device to Access the AWS Console in a more secure way. SNS: We will use SNS Service to provide limited rights of the AWS Management Console to the different Developers. GPO Settings: We setup the policies for the different users of the server according to their requirements which will make server and data more secure Instance Security Settings: We will setup the limited access of the EC2 instance to the users by allowing and blocking different ports of the instance. VPC: We will setup VPC for the establishment of local area network within the different EC2 instance running in a particular AWS Region which will make them one step secure. Windows Firewall Settings: We will enable windows firewall to access of the server resources externally which will also make EHR one step more secure. S3 Access: We will setup S3 Permissions for the limited access of S3 Buckets. Security Enabling for Cloud GovCloud: We will use GovCloud EC2 Instance for the Cloud HER Deployment which is more secure and fully comply HIPAA Regulations. CloudWatch: We will setup alarms for the resources usage. SSL Certificate: We will use SSL Certificate for Secure and encrypted communication between client and EC2 Server IAM: This service can be used to provide limited access of the Amazon Management Console to different users.
- 4. AWS Pricing Normal EC2 Server (Large Instance) 7.5 GB memory 2 virtual core with 4 ECU Processor 64-bit platform 850 GB of Storage Space Per Month Charges $345.6 150 GB Storage Space 50 GB Network Out Cost for S3 $25 Net Cost $370.6 Gov. EC2 Server (Large Instance) 7.5 GB memory 2 virtual core with 4 ECU Processor 64-bit platform 850 GB of Storage Space Per Month Charges $ 417.6 150 GB Storage Space 50 GB Network Out Cost for S3 $25 Net Cost $442.6 Benefits: Comply with HIPAA regulations Completely. The Large Instance (6:00 AM, 10:55 PM) $295.8/month The Instance will remains Live (10:55 PM to 6:00 AM)
Editor's Notes
- #4: Design 1, When we go to from Micro instance to Large Instance?