Rocheston Certified Cloud Network Defender (RCND)

We have come a long way from the 7-layer Open Systems Interconnect (OSI) stack networking systems to building faster cloud networks handling huge volumes of data today. With enterprises and businesses reaching out for the Cloud, a digital revolution has been underway. Both, the cloud service provider as well as the cloud service user stand to enjoy benefits of accessing networks, servers, storages, applications and services on demand from any location, any time, using any device.

The Cloud Revolution

Cloud has come to be an integral part of IT systems in organizations today and will continue to be so in the foreseeable future:

Running businesses through distributed networks is faster, resources and information is better managed and internal and external processes are executed at a low cost with cloud enabled IT infrastructure.
Organizations can host internal and external applications and share infrastructure to support their applications.
Organizations can store data and build dynamic web-hosting and data backup solutions.
With resources and information being shared over devices, data management has become a crucial part of cloud computing involving data pre-processing, formatting, storage, analysis and optimization.
In Cloud, resources can be shared, monitored and controlled effectively.
The most cost-effective factor of multi-tenancy is supported with better security, privacy and performance.

How Cloud computing is disrupting digital technology

Cloud services have been revolutionizing computing and making technology affordable and easy to access. The comprehensive emergence of cloud computing include:

Software-as-a-service (SaaS) - brings in its trail IT and business applications running on cloud infrastructure accessible through browsers from different devices.
Platform-as-a-service (PaaS) - provides platforms for hosting business applications, storage spaces, domains and enables development of apps and interfaces at low cost.
Communication-as-a-service (CaaS) - has ushered in an era of VOIP, instant messaging, video streaming and conferencing.
Infrastructure-as-a-Service (IaaS) - supports software, servers, inter-cloud networks and storage and controls operating systems, applications and networking systems.
Network-as-a-Service (NaaS) - is an important service that provides transport and inter-cloud connectivity services.

Cloud computing security threats:

Data breach
Insecure APIs
Insider threats
Ransomeware attacks
DDoS attacks
Malware infection of BYOD devices
Data loss
Denial of Service
Cryptojacking
Advanced persistent threats
Account Hijacking
Insecure APIs
Insider threats
Spectre and Meltdown
Kernel attacks

Key learning features of Cloud networking and its emerging trends in technology

Assessing software and hardware infrastructure fundamentals with attention to Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP)
Private, public, hybrid cloud infrastructure and multi cloud architecture with CNCF Reference architecture
Data security for storing, monitoring and transmitting data and acquaint with Fluentd, Jaeger of Uber technologies, gRPC protocol of Google, Safe harbor accepted by Cloud native computing foundation, TUF specification, Blue Coat’s Cloud Visibility and Intelligence solutions, ETCD in Kubernetes, Vitess database system, TiKV open source distributed Key-Value database, Falco monitoring agent and others
Virtualization on cloud platforms for Amazon Web Services, Google Cloud Platform, Azure, Openstack and Vmware
Various Cloud network providers: AWS, Photon, vSphere, IBM Cloud Kubernetes, Service Baidu Cloud Container Engine, Tencent Kubernetes Engine, Azure, CloudStack, GCE, OpenStack, OVirt and their repositories
Cloud Identity and access management (CIAM) from Akamai, Oracle, Google Cloud and others
Cloud terminologies and platforms with Cloud Workload Protection tools of Google, Nutanix Beam, Azure, InsightVM (Nexpose), Symantec and so on
Vulnerability management and patching processes and Security-as-a-Service (SECaaS) model service providers Oracle Cloud Access Security Broker (CASB), Proofpoint, Qualys, White Hat and so on
Regulations and Compliances: HIPAA Compliance, Google Cloud Compliance, European Union Data Protection Act, PCI DSS, SOC 2 TYPE II and SOC 3 TYPE II Certifications, Multi-factor authentications, etc

Cloud risk analysis management by Deloitte and AWS, Netscope, SAP, Cloud Security Alliance Cloud Controls Matrix (CCM), ENISA framework and so on
Docker and Kubernetes - Docker platform provides for running and deployment of Docker containers with cloud-based collaboration services. Kubernetes is supported by major cloud environments to offer a common platform for distributed systems. This ensures orchestration of storage, services, container resource management and automated deployment during production as in IBM Kubernete Service, Oracle application development
Containerization with Kubernetes and how it works for automating operations of application containers across clusters with NodeLocal DNSCache performance
Container Networking Interface like Linux Container Network Model (CNM) and Container Network Interface (CNI) along with network plugins
Cloud provider vaults with Azure and HashiCorp Vault
Identity and access management in cloud-based systems
Software testing with SAST, DAST, IAST, and RASP comprising white box testing, blackbox testing, interactive and runtime application testing

Hardened Cloud provided services to ensure the cloud environment security and resilience to provide real-time data, regulatory compliance and centralized logging for systems
SDLC and DevOps for network access transport to enable faster programming, quality assurance and data sharing for efficient operations
AWS security challenges are directly proportional to the increase in the number of cloud applications. Security risks include deciding on the right protection strategy for sensitive data and workloads while assigning accountability in case of security incidents. Handling compliance regulations in multi tenant infrastructures is also a security challenge
Infrastructure and network security in AWS - A robust IT architecture can be deployed with the help of the AWS infrastructure including AWS network, AWS trained teams and other cloud systems required for efficient security management
Google Cloud Platform and their tools in Functions-as-a- Service (FaaS) for computing, hosting and building cloud-based environments
Infrastructure and network security to support applications and service connectivity features with appropriate monitoring tools and built-in security validation systems, as in Google Cloud Platform and Azure

What are the cloud security risks faced by companies?

According to analyst firm Forrester, the cloud computing market across the world is set to grow to $191 billion by the end of the year 2020.
Cloud computing has various advantages that include increased employee productivity, faster market penetration and lower cost.

A Ponemon study has identified nine cloud risks that caused high-profile breaches of cloud platforms such as LastPass, Adobe Creative Cloud and Evernote.

Intellectual Property: About 21% of files that are uploaded to a cloud-sharing service are sensitive files that include intellectual property, according to an analysis by Skyhigh. Cyber criminals can breach a cloud service to gain access to sensitive data.
Regulatory control: Information of companies is mandated by some sort of compliance such as FERPA for student records, HIPAA for private health information and others. Companies should be aware of how their data is being protected and who is able to access it. In the case of BYOC (Bring Your Own Cloud), companies face a serious risk of non-compliance.
Inability to control end-user actions: When an employee who is a cloud service user resigns, he is capable of uploading sensitive information to his own cloud service which might be beneficial to competitors. This is one of the common insider threats today.

Targeted Malware Infections: Cloud services can be used for targeted data exfiltration. Skyhigh detected a unique exfiltration technique where video files were encoded with sensitive data which were then uploaded to YouTube. The Dyre malware variant used file sharing services to spread malware using targeted phishing attack techniques.
Diminished Goodwill: Data breaches can affect the goodwill of a company. When cyber criminals stole over 40 million customer credit and debit card numbers from Target, customers stayed away from the store, in turn affecting the revenue.
Breach of Contract: Organization often have contracts with other parties on how data is managed. When confidential data is moved to the cloud without permission, contracts can be breached and could result in legal action.
Customer Retention: If customer data is not secured with enterprise-grade controls, they would shift to a company they can trust. Critics can also play a role in advising customers to avoid companies who do not have robust customer privacy regulations.

How does the PREVENT - DETECT - RESPONSE strategy work?

If the age-old quote was “prevention is better than cure”, the new-age quote associated with cybersecurity is “prevention may be ideal but, detection is a must”!

Needless to add that once detection is done there should be a responsive action with the increase in the number of data networks. The prevent-detect-response strategy helps in uninterrupted monitoring and continuous improvement in network defence. For the strategy to work, there must be adequate network security awareness, proper security controls to protect critical and sensitive data from unauthorized access/disclosure.

In the PREVENT stage, the security controls and policies must be executed and awareness seminars must be conducted. In the DETECT stage, any security lapse or compromise is detected to defend against threats at different network layers. Intrusion detection systems (IDS) can help in the monitoring and detection. The RESPONSE stage is a well-planned consequence of effective prevention and detection stages.

A good Computer Security Incident Response Team (CSIRT) can ensure appropriate responses are implemented against incidents. This combined strategy is the best option to ensure critical network defense.

Who can become a Rocheston Certified Network Defender?

Engineers with adequate experience in network administration are qualified for the RCND program. Network administrators aware of the network components, performance, topology, security policies and utilization, can also be trained as a RCND. Security analysts and operators can also become RCNDs.

What are the technologies applicable to Cloud Security functionalities?

With increase in the number of organizations hopping onto the Cloud for their business needs, it becomes mandatory for the network administrators to ensure the technologies for cloud security are up-to-date. For accurate cloud security configuration including set of controls and policies, there are several technologies that help:

Hardware authentication
User-behaviour analysis
Data loss prevention tools
Deep learning

Syn cookies and restricting the number of users in the cloud system, would help in preventing distributed denial of service (DDoS) attacks. The secure socket layer (SSL) technology can help in overcoming the ‘man-in-the-middle’ attack in the cloud system network. Multi factor authentication offered by the Amazon Web Services (AWS) is the best technique for cyber data security.

What makes the RCND program unique?

The Trustwave Global Security report published two years ago stated that “it takes an average of 65 days for an organization to detect a breach”. In the past decade breaches have increased by 1.4 %.

Considering the challenge ahead, the Rocheston Certified Network Defender program helps the network engineers to prevent breaches and assist organizations from being compromised.

The RCND program focuses on the protect-detect-respond strategy in preventing and responding to network threats.
This course is completely hands-on with excellent instruction sets for maintaining network security.
The network defenders are empowered to help businesses to focus more on cybersecurity and thereby reduce the financial burden.
Assists in training the network defenders to be the first line of defense when it comes to network and cybersecurity.
Exposure to network & firewall solutions.
The RCND program also provides core network security skills training in addition to tactical network administration training.

Additionally, the trainees are exposed to the latest best practices and safety tools with relevant whitepapers.

RCND Course Outline

The program covers cybersecurity technologies from these products. The RCND program is highly advanced based on Linux OS. The programs cover tons of cloud technologies like these. You will learn how to plan, integrate, build, operate and deploy cloud solutions using Rocheston Rosé Linux OS.