Analyst & Research Reports

O'Reilly Modern Defense in Depth

Issue link:

Contents of this Issue


Page 38 of 53

CHAPTER 4 How to Achieve the Integrated Approach In this chapter, we cover the concept of cloud edge and cloud core and what technologies reside within each. Because you will hear these terms often when working with cloud environments, it makes sense to cover these terms first. The purpose of this discussion sur‐ rounding edge and core is to understand that you cannot effectively protect the core without adequately protecting the edge first. But how can organizations achieve integration with all the defensive lines previously discussed in Chapter 3? And what are the pros and cons of on-premises security operation centers (SOCs) versus out‐ sourced SOCs? Let's take a look at the terms "cloud edge" and "cloud core" first, before moving on to the discuss how to achieve integra‐ tion. Then, we end with a comparison of SOC approaches. Cloud Edge and Cloud Core When looking from the perspective of a visitor (or attacker) who wants to gain access to your public-facing web applications, the traf‐ fic first arrives at what we again call the cloud edge. Today, there are cloud providers that have built their cloud edge from the ground up, implementing all the security technologies listed here: • Edge routers • DDoS defenses • Managed DNS 29

Articles in this issue

view archives of Analyst & Research Reports - O'Reilly Modern Defense in Depth