My visit to the Amazon Web Services (AWS) Summit 2014 in NYC was both a rewarding and an exhausting experience. The Summit organizers did a fantastic job filling an entire day with non-stop keynote speakers, guest speakers, hands-on labs, with basic and advanced sessions, a large selection of cloud oriented vendor booths and even some entertainment. Although I did not manage to win the new Perrot AR 2.0 drone raffle, I did get my share of fantastic tech T-Shirts, and I enjoyed interacting with a vendor robot (see here). Arriving 30 minutes late due to client commitments, presented me with a long line of fellow attendees, all desperately attempting to get a seat at the massive hall for the Keynote speeches, but despite the vast venue, it was completely full. Luckily, AWS had overflow rooms from which live feeds of the speeches were streamed (see the Rob Reiner photo).

The day started with Werner Vogels, Amazon’s Chief Technology Officer who introduced a number of new AWS offerings in the sharing, mobile, systems, and reporting spaces.  He was followed by presenters from FINRA, Novartis, Siemens, and Conde Nast, who exalted the benefits of using the cloud for various projects.  FINRA discussed the need for processing in order to analyze the immense number of market events (30 billion daily) they have, while Novartis gave an impressive presentation of their use of AWS to cut 40 years of drug interactions calculations, which using their physical servers infrastructure would cost of hundreds of millions of dollars,  to a mind blowing nine hours and only $5,000 with AWS. Conde Nast also entertained everyone when they shared photos of pallets loaded with their retired datacenter servers, now that they have fully transferred their sever infrastructure to AWS.

AWS is one of the popular PCI certified cloud services and it receives much attention. As a visitor on behalf of Nettitude US’s GRC (Governance, Risk, Compliance) services I recognized the increasing client focus around cloud based security and compliance. The AWS summit dedicated a couple of breakout sessions to security and compliance issues and the discussions which captured my attention the most were around the AWS CloudHSM, VPC peering, and PCI DSS. AWS offers a solution in collaboration with Safenet, named CloudHSM, which  provides functions such as database encryption, Digital Rights Management, and Public Key Infrastructure. Speaking from experience, clients hesitate when confronted with the upfront setup fee required by CloudHSM.

I was also pleased to meet Ariel Dan of Porticor, who presented me with an impressive solution which is PCI certified, available on the AWS marketplace, and reasonably priced. It is important to mention that CloudHSM works in VPC only. Speaking of VPC, Yinal Ozkan, AWS’ Principal Solutions Architect gave a dramatic presentation of the evolution of the VPC to VPC networking and the current architectural implementation, VPC Peering, which enables routing traffic between different VPC’s (in the same region) using private IP addresses.VPC peering requires using more than one AWS account, and in effect makes it possible to peer VPCs across two or more accounts and create a file sharing network, or to enable other VPCs to access resources in a different VPC. Mark Nunnikhoven of TrendMicro also touched on four PCI requirements briefly, focusing on the AWS CloudTrail – a web service which records AWS API calls and delivers the logging tracking system with log files. The CloudTrail log contains the identity of the API caller, the time of the API call, the source IP address of the API caller, the request parameters, and the response returned by the AWS service. This new service enables security analysis, resource change tracking, and compliance auditing.

AWS instances, if configured correctly, can certainly deliver solid security and compliance tools for those who lose sleep over such matters. New services and constant improvements by the AWS team demonstrate a strong commitment to the market’s needs, which is good  news indeed.

Hey it’s Rob Reiner! Or is it? (at the overflow room)

VPC Peering
VPC Peering

NYC AWS Summit
Mark Nunnikhoven of TrendMicro (directing traffic in the cloud)

 
AWS CloudTrail
AWS CloudTrail and auditing

To contact Nettitude’s editor, please email media@nettitude.com