Explain cloud computing and give an example of how you would use it and elaborate on any issues that pertain to security.

Explain cloud computing and give an example of how you would use it and elaborate on any issues that pertain to security. 250wrds

Unit Lesson

Intrusion Detection Systems

There are many organizations that use logistics firms to move goods and services from distribution centers to

retail stores to be sold to consumers. Distribution centers support stores by replenishing inventory to

supported store locations on a consistent basis so store shelves are not empty. In this example, a half-millionsquare-foot

distribution center exists to support three hundred store locations and runs twenty-four hours a

day, seven days a week. This specific warehouse runs multiple servers that create orders for over seven

hundred workers. The enterprise system for the warehouse includes a cabling infrastructure for servers and

wireless devices to communicate with a warehouse management system for employees. The home office

generates orders and sends them to this warehouse for workers to begin creating shipments to the supported

stores. The issue here is that there is no intrusion detection system, which could be detrimental to the

organization; a hacker could do harm to the production environment of the warehouse. Intrusion detection

systems primarily detect networking activity. It can be software that resides on a server or it can even be an

appliance that does nothing more than monitor an entire enterprise network. With this type of technology in

place to detect any type of intrusion activity, it gives the distribution center team the advantage of making the

better overall data-driven decisions as to what needs to occur if malicious activity is observed. If malicious

activity goes unnoticed within this distribution center environment, if servers are breached, it could mean 700

employees being idle. Once again, being able to capitalize on information from an intrusion detective system

in place within this organization is a proactive approach to monitoring network traffic for any inconsistencies or

anything potentially malicious to the organizational production environment.

UNIT VI STUDY GUIDE

Intrusion Detection and Prevention Systems/

Virtual Machines and Cloud Computing

SEC 3301, Security Application Development 2

UNIT x STUDY GUIDE

Title

Intrusion Prevention System

Intrusion prevention systems are hardware/software based solutions that monitor networks for any

inconsistencies in traffic that is not considered normal within the organization enterprise network. Using the

same logistics, the distribution center example with intrusion detection systems, the difference between an

intrusion detection system and an intrusion prevention system is that the intrusion prevention system not only

detects movement within the enterprise network but it will also try to block suspicious movement traveling

over the enterprise infrastructure that could potentially cause harm, to computers and servers. Another aspect

of intrusion prevention systems is that these systems will also report suspicious activity on a network as well

as detect and try to block its traffic. Within this specific example intrusion prevention systems are considered

a necessity as well as added value in providing structured information security. There is not just one avenue

of approach for securing and protecting information. It is usually a cumulative effort of many different avenues

of opportunity to promote information security. An intrusion prevention system is an example of one

opportunity but alone, it is not the best recommendation. It is only one piece of the defense put in place by the

information technology department of any organization. It is part of a layered approach to protecting and

preserving the integrity of information and infrastructure in any organization. Being able to monitor is not

enough. Being able to monitor, potentially block, and report malicious activity is added value in defensive

measures concerning intrusions and breaches.

Virtual Machines

In industry, virtual machines, such as virtual servers and virtual desktop computers, exist to make many

things, such as testing and deployment, easier on information technology departments. For example,

organization A may be an ecommerce driven entity where it solely relies upon the Internet for revenue

generation. If any updates, such as patches are applied to any production servers, this may be bring down

servers where potential consumers may not have access to paying for goods or services online. In this

specific instance it is best to create a testing environment, one that is virtual where the information technology

department within this ecommerce organization can test updates and patches to server operating systems

and server ecommerce applications so it will not interfere with the production or revenue generation side of

the organization.

In looking at virtual desktops, an example could be using this medium to teach an operating systems course

to students in higher education. For instance, students taking this type of course need exposure to as many

different operating systems as possible prior to working in the field, especially if they will be repairing

computers as a career path. In most instances it would be considered totally inefficient if students were to

load different operating systems in a classroom where meeting times and days are limited. In this instance, an

instructor could use virtualization software. Virtualization software is platform medium where one could

potentially install and run different operating systems on different virtual desktop machines just to get

exposure to the different operating systems. All one would have to do with virtual software is create a virtual

machine with the virtual software and select which operating system they would like to install. It is also

considered that having a computer within a computer is virtual. The only disadvantage of running multiple

virtual machines on one physical machine is that have to share resources such as RAM and hard drive space.

Other than this one disadvantage, students could create numerous virtual desktops, gaining experience with

the many operating systems such as Linux, Microsoft Windows 7 and 8, Ubuntu, Fedora, Leopard, Tiger and

others.

Cloud Computing

Cloud computing is, in so many words, computing over the Internet. It is also communication in real time with

many different types of software. For example, let’s say a school district hosts a student information system

in-house where the infrastructure may be considered unstable, meaning that the server is frequently “down”.

This would mean that teachers, administrators, parents, and students would have issues in accessing

information potentially twenty-four hours a day, seven days a week. To use cloud computing as a solution to

this infrastructure issue, the student information system would be housed in the cloud, meaning that is it

hosted elsewhere, over the Internet with secured access to sensitive student information, such as social

security numbers. This is a realistic option, especially since this school district probably does not have

qualified staff in-house to provide the optimum security needed to protect sensitive information that fall under

the guidelines of FERPA and HIPAA. This solution, once in place, could resolve issues concerning availability

and reliability in accessing information twenty-four hours a day, seven days a week. In this specific example,

the school district could subscribe to a hosting service that allows the school district employees access to