SlideShare una empresa de Scribd logo

Techniques for scaling application with security and visibility in cloud

Descargar como PPTX, PDF
Akshay Mathur
Akshay Mathur
Tecnología
1 de 36
Techniques for Scaling Application with Security and Visibility in Cloud Akshay Mathur @akshaymathu of @appcito
Let’s Know Each Other • Do you Manage applications? • Hosting providers? • Priorities? • Tools? • Why are you attending? • What are your Goal? • Happy Users, Happy DevOps, Happy Servers 2@akshaymathu
Akshay Mathur • 15+ years in IT industry • Currently Product Manager at Appcito • Mostly worked with Startups • From Conceptualization to Stabilization • At different functions i.e. development, testing, release, marketing, devops • With multiple technologies • Founding Team Member of • ShopSocially (Enabling “social” for retailers) • AirTight Neworks (Global leader of WIPS) @akshaymathu 3
Ground Rules • Tweet now: #TechNext @akshaymathu @appcito • Disturb Everyone later • Not by phone rings • Not by local talks • By more information and questions @akshaymathu 4
How Applications are Changing
Traditional Application • Monolithic components • All application layers in a box • Complex objects • Box specific sessions • Designed for vertical scale • Self managed deployment @akshaymathu 6
New Age Scalability @akshaymathu 7
Cloud Computing Landscape @akshaymathu 8
Architectural Mind-shift @akshaymathu 9
Modern Application • Light weight services • Application layers designed for network communication • Cloud deployment • Designed for horizontal scale @akshaymathu 10
@akshaymathu 11
Growing Applications
Growth Phase 1: Load Balancing • Replicate the box • Have a load balancer @akshaymathu 13
Questions before Growing Further • About Insights: • Are all server instances healthy? • When should I add more servers? • What is the traffic volume and its pattern? • What areas of application are used most? • What are problematic areas? • Who access my application? • What devices, browsers, apps are in use? • About Optimization: • How can I serve more traffic using existing servers? • Does all the serves must be of same type, running same code? • Can the content be compressed, cached? • What to do for optimizing content for various devices? • Do I really need to redirect traffic to a different URLs for specific servings? • Does managing so many URLs for same functionality makes sense? • Can someone take care of SSL termination? @akshaymathu 14
Growth Phase 2: Insights • Google Analytics, Statcounter etc. only provide information after page load • Information about programmatic access is missing • Access logs provide true information about traffic • Logs are typically in each box rather than a central place • Difficult to read; log parsers also provide minimal information • Need to push logs to some analytics engine and configure analytics engine for getting meaningful information out @akshaymathu 15
Growth Phase 3: Content Optimization • Compressing the response • Optimizing images • In-lining the external resources • JS • CSS • Images as base64 • Caching (as needed) • Prefetching (if possible) • Google’s PageSpeed does it well for HTML pages @akshaymathu 16
Growth Phase 4: Offloading • SSL Handshake • Encryption and Decryption • Connection handling • Content optimization • Anything that can be done asynchronously e.g. sending email, tweets etc. • Point solutions are available for each of these @akshaymathu 17 App Servers Apache + Pylons Message Queue RabbitMQ Background Worker Nodes Celery SSL Terminator Content Optimizer
Growth Phase 5: Content Switching • Serve different content from different servers (reverse proxy) • Static files (JS, CSS, Images) may be served from a web server; App server is not needed • High frequency requests may be served from different server • Different app servers may be used for the use case they are optimized for • Have different set of servers for different geographies • Dedicate a few servers for specific customer • Dedicate servers for specific functions e.g. authentication, API serving etc. • HA Proxy is most popular tool here • NginX is also used as reverse proxy @akshaymathu 18
Web Servers NginX App Servers Mongral + Brubeck App Servers Apache + Pylons Web Servers Apache + Wordpress NoSql Datastore Redis NoSql Datastore MongoDB Sql Datastore MySql Corporate website Main dynamic content High frequency requests High speed storage Main Storage Content Switching Reverse Proxy
Growth Phase 6: Denying BOT Traffic • Traffic from bad BOTs is about 30% • Amounts to 30% wastage of server resources • Various fingerprinting techniques are there for identifying the BOTs • IP reputation • UA analysis • Pattern analysis • JS insertion • Advance algorithms @akshaymathu 20
Growth Phase 7: Preventing Data Theft • Typical ways are: • SQL/object injection • Cross Site Scripting (XSS) • File include • Malware inclusion • Exploiting vulnerabilities of coding, framework, language, platform • Scan the deployment regularly • Fix any vulnerability by applying patches • Use Web Application Firewall (WAF) @akshaymathu 21
Growth Phase 8: Preventing from DDoS Attack • Volumetric attack • Many clients make connections with server • Clients send huge traffic to the server • Traffic is typically bogus • Prevention • Rapidly increase scale to consume connections/traffic • Rate limit connections/requests • Delay/Deny bogus traffic • Blacklist BAD clients • Protocol exploits • Attacker crafts traffic knowing the timeouts and limits of protocol • Slow moving bogus traffic hogs resources of server • Prevention • Setup policy to apply aggressive limits and timeouts in case of heavy load • Terminate connection when unusual behavior is observed • Blacklist BAD client @akshaymathu 22
Growth Phase 7: Continuous Delivery • Upgrade the system without disturbing availability • Why Continuous Delivery? @akshaymathu 23
Continuous Delivery • Considerations: • Zero down time • Even a little downtime means a lot for high volume applications • Seamless re-orientation of live traffic from old to new deployment • User experience has to be smooth • Easy roll back • Minimize the impact in case something goes wrong • Technique: Blue Green deployments • Deploy old and new version in parallel and switch the traffic • Switch using DNS • Switch using fixed NATed IP addresses • Switch using external tools like load balancer or reverse proxy
25@akshaymathu
App & Traffic Metrics What is Needed Overall? 26 Availability Performance Security DevOps Advanced Load Balancing Content Switching Application Fluency Elastic & Self-Scaling Continuous Deployment Request Mirroring Request Replay Programmable Policies Per Application Control Front-End Optimization Mobile and Web Client App optimization Caching & compression Predictive API caching Application & Server offloading Application Firewall Elastic SSL Anomaly Detection DDoS Prevention BOT Protection Trends & Correlations Anomalies Policy Recommendations Analytics & Insights
CDN Custom Scripts, Rules, Alert Management Aggregation across instances Application Front-End Architecture • Spaghetti of point solutions • Multiple points of failure, redundancy difficult to setup • Not elastic and cloud native @akshaymathu 27
CDN Application Front-End Architecture with CAFE • All services for application under one consolidated product • Easy Activation of capabilities closer to application • Application policy is coordinated across services and policy enforced @akshaymathu 28 Availability Security Performance Continuous Deployment Appcito Cloud Application Front-End (CAFE)
Cloud Application Front End (CAFE) Taking Cloud Applications from Good to Great
Appcito CAFE Service Insights & Analytics Content Optimization Application Security & DDoS Prevention Unified Functionality Available As SaaS Delivery Simple Activation No Code Change For Dev /Ops Cloud-agnostic App Owner Elastic Continuous Delivery Availability & Elasticity
Typical Deployment Customer’s Cloud Customer’s End Users app server app server Load Balancer app server DNS Network Subnet Availability Zone
Deployment with CAFE Customer’s Cloud Customer’s End Users app server app server Load Balancer app server Appcito Cloud CAFE Barista Management, Control, Analytics DNS CAFE PEP Network Subnet Availability Zone
CAFE Configuration Model • Think Out of the box (literally) • Think in terms of • Applications • Traffic flow • Request patterns • Forget about • Box provisioning • Box configuration • Networking flow • L2/L3 access control @akshaymathu 33
Production A (Blue) Production B (Green) Launch Upgrade Traffic Splitting 80% 20% Appcito CAFE 80% 20% CAFE Blue/Green Technique • Steer traffic NOT switch • Test with production traffic • Move with confidence • Compare performance and take informed decisions
App & Traffic Metrics Appcito CAFE Service Capabilities 35 Availability Performance Security DevOps Advanced Load Balancing Content Switching Application Fluency Elastic & Self- Scaling Continuous Deployment Request Mirroring Request Replay Programmable Policies Per Application Control Front-End Optimization Optimization for client Caching & compression Predictive caching Application & Server offloading Application Firewall Elastic SSL Anomaly Detection DDoS BOT Protection Trends & Correlations Anomalies Detection Policy Recommendation Analytics & Insights
Thanks @akshaymathu 36 @akshaymathu akshay@appcito.com

Recomendados

Cloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSCloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSAkshay Mathur
 
Kubernetes as Orchestrator for A10 Lightning Controller
Kubernetes as Orchestrator for A10 Lightning ControllerKubernetes as Orchestrator for A10 Lightning Controller
Kubernetes as Orchestrator for A10 Lightning ControllerAkshay Mathur
 
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleOvercoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleRightScale
 
Server Monitoring from the Cloud
Server Monitoring from the CloudServer Monitoring from the Cloud
Server Monitoring from the CloudSite24x7
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerRightScale
 
Tokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustTokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustKanio Dimitrov
 
Monitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud InfrastructureMonitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud InfrastructureNewvewm
 
Better, faster, cheaper infrastructure with apache cloud stack and riak cs redux
Better, faster, cheaper infrastructure with apache cloud stack and riak cs reduxBetter, faster, cheaper infrastructure with apache cloud stack and riak cs redux
Better, faster, cheaper infrastructure with apache cloud stack and riak cs reduxJohn Burwell
 

Recomendados

Cloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSCloud Bursting with A10 Lightning ADS
Cloud Bursting with A10 Lightning ADSAkshay Mathur
 
Kubernetes as Orchestrator for A10 Lightning Controller
Kubernetes as Orchestrator for A10 Lightning ControllerKubernetes as Orchestrator for A10 Lightning Controller
Kubernetes as Orchestrator for A10 Lightning ControllerAkshay Mathur
 
Overcoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleOvercoming 5 Common Docker Challenges: How We Do It at RightScale
Overcoming 5 Common Docker Challenges: How We Do It at RightScaleRightScale
 
Server Monitoring from the Cloud
Server Monitoring from the CloudServer Monitoring from the Cloud
Server Monitoring from the CloudSite24x7
 
Project Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerProject Sherpa: How RightScale Went All in on Docker
Project Sherpa: How RightScale Went All in on DockerRightScale
 
Tokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustTokyo azure meetup #8 - Azure Update, August
Tokyo azure meetup #8 - Azure Update, AugustKanio Dimitrov
 
Monitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud InfrastructureMonitoring Your AWS Cloud Infrastructure
Monitoring Your AWS Cloud InfrastructureNewvewm
 
Better, faster, cheaper infrastructure with apache cloud stack and riak cs redux
Better, faster, cheaper infrastructure with apache cloud stack and riak cs reduxBetter, faster, cheaper infrastructure with apache cloud stack and riak cs redux
Better, faster, cheaper infrastructure with apache cloud stack and riak cs reduxJohn Burwell
 
Tokyo azure meetup #9 azure update, october
Tokyo azure meetup #9 azure update, octoberTokyo azure meetup #9 azure update, october
Tokyo azure meetup #9 azure update, octoberTokyo Azure Meetup
 
Tokyo Azure Meetup #9 - Azure Update, september
Tokyo Azure Meetup #9 - Azure Update, septemberTokyo Azure Meetup #9 - Azure Update, september
Tokyo Azure Meetup #9 - Azure Update, septemberTokyo Azure Meetup
 
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013RightScale
 
Launch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoLaunch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoAlibaba Cloud
 
[Webinar] AWS Monitoring with Site24x7
[Webinar] AWS Monitoring with Site24x7[Webinar] AWS Monitoring with Site24x7
[Webinar] AWS Monitoring with Site24x7Site24x7
 
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerDiscovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerAlibaba Cloud
 
Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksMatthias Güntert
 
Grails in the Cloud (2013)
Grails in the Cloud (2013)Grails in the Cloud (2013)
Grails in the Cloud (2013)Meni Lubetkin
 
NextGen IBM Cloud Monitoring and Logging
NextGen IBM Cloud Monitoring and LoggingNextGen IBM Cloud Monitoring and Logging
NextGen IBM Cloud Monitoring and LoggingNagesh Ramamoorthy
 
Tokyo azure meetup #12 service fabric internals
Tokyo azure meetup #12 service fabric internalsTokyo azure meetup #12 service fabric internals
Tokyo azure meetup #12 service fabric internalsTokyo Azure Meetup
 
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelWKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelAmazon Web Services
 
Greetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanGreetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanCliff Chao-kuan Lu
 
Pivoting Spring XD to Spring Cloud Data Flow with Sabby Anandan
Pivoting Spring XD to Spring Cloud Data Flow with Sabby AnandanPivoting Spring XD to Spring Cloud Data Flow with Sabby Anandan
Pivoting Spring XD to Spring Cloud Data Flow with Sabby AnandanPivotalOpenSourceHub
 
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HA
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HALoad Balancers vs IIS ARR or a Web Application Proxy (WA) for HA
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HAKemp
 
Intro to Serverless
Intro to ServerlessIntro to Serverless
Intro to ServerlessCliff Chao-kuan Lu
 
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, Cloudera
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, ClouderaLessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, Cloudera
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, ClouderaHostedbyConfluent
 
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Piyush Kumar
 
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For Scala
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For ScalaScala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For Scala
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For ScalaLightbend
 
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...DevClub_lv
 
Serverless Patterns
Serverless PatternsServerless Patterns
Serverless PatternsCliff Chao-kuan Lu
 
Shared Security Responsibility Model of AWS
Shared Security Responsibility Model of AWSShared Security Responsibility Model of AWS
Shared Security Responsibility Model of AWSAkshay Mathur
 
Azure Cloud Application Design and Implementation Guidance の紹介
Azure Cloud Application Design and Implementation Guidance の紹介Azure Cloud Application Design and Implementation Guidance の紹介
Azure Cloud Application Design and Implementation Guidance の紹介Takekazu Omi
 

Más contenido relacionado

La actualidad más candente

Tokyo azure meetup #9 azure update, october
Tokyo azure meetup #9 azure update, octoberTokyo azure meetup #9 azure update, october
Tokyo azure meetup #9 azure update, octoberTokyo Azure Meetup
 
Tokyo Azure Meetup #9 - Azure Update, september
Tokyo Azure Meetup #9 - Azure Update, septemberTokyo Azure Meetup #9 - Azure Update, september
Tokyo Azure Meetup #9 - Azure Update, septemberTokyo Azure Meetup
 
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013RightScale
 
Launch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoLaunch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoAlibaba Cloud
 
[Webinar] AWS Monitoring with Site24x7
[Webinar] AWS Monitoring with Site24x7[Webinar] AWS Monitoring with Site24x7
[Webinar] AWS Monitoring with Site24x7Site24x7
 
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerDiscovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerAlibaba Cloud
 
Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksMatthias Güntert
 
Grails in the Cloud (2013)
Grails in the Cloud (2013)Grails in the Cloud (2013)
Grails in the Cloud (2013)Meni Lubetkin
 
NextGen IBM Cloud Monitoring and Logging
NextGen IBM Cloud Monitoring and LoggingNextGen IBM Cloud Monitoring and Logging
NextGen IBM Cloud Monitoring and LoggingNagesh Ramamoorthy
 
Tokyo azure meetup #12 service fabric internals
Tokyo azure meetup #12 service fabric internalsTokyo azure meetup #12 service fabric internals
Tokyo azure meetup #12 service fabric internalsTokyo Azure Meetup
 
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelWKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelAmazon Web Services
 
Greetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanGreetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanCliff Chao-kuan Lu
 
Pivoting Spring XD to Spring Cloud Data Flow with Sabby Anandan
Pivoting Spring XD to Spring Cloud Data Flow with Sabby AnandanPivoting Spring XD to Spring Cloud Data Flow with Sabby Anandan
Pivoting Spring XD to Spring Cloud Data Flow with Sabby AnandanPivotalOpenSourceHub
 
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HA
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HALoad Balancers vs IIS ARR or a Web Application Proxy (WA) for HA
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HAKemp
 
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, Cloudera
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, ClouderaLessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, Cloudera
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, ClouderaHostedbyConfluent
 
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Piyush Kumar
 
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For Scala
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For ScalaScala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For Scala
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For ScalaLightbend
 
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...DevClub_lv
 

La actualidad más candente (20)

Tokyo azure meetup #9 azure update, october
Tokyo azure meetup #9 azure update, octoberTokyo azure meetup #9 azure update, october
Tokyo azure meetup #9 azure update, october
 
Tokyo Azure Meetup #9 - Azure Update, september
Tokyo Azure Meetup #9 - Azure Update, septemberTokyo Azure Meetup #9 - Azure Update, september
Tokyo Azure Meetup #9 - Azure Update, september
 
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
Key Design Considerations Private and Hybrid Clouds - RightScale Compute 2013
 
Launch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with MagentoLaunch and Scale Your E-commerce Website with Magento
Launch and Scale Your E-commerce Website with Magento
 
[Webinar] AWS Monitoring with Site24x7
[Webinar] AWS Monitoring with Site24x7[Webinar] AWS Monitoring with Site24x7
[Webinar] AWS Monitoring with Site24x7
 
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load BalancerDiscovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
Discovering Cloud Networking: VPC, VPN, Express Connect & Server Load Balancer
 
Azure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private LinksAzure Service Endpoints vs. Private Links
Azure Service Endpoints vs. Private Links
 
Grails in the Cloud (2013)
Grails in the Cloud (2013)Grails in the Cloud (2013)
Grails in the Cloud (2013)
 
NextGen IBM Cloud Monitoring and Logging
NextGen IBM Cloud Monitoring and LoggingNextGen IBM Cloud Monitoring and Logging
NextGen IBM Cloud Monitoring and Logging
 
Tokyo azure meetup #12 service fabric internals
Tokyo azure meetup #12 service fabric internalsTokyo azure meetup #12 service fabric internals
Tokyo azure meetup #12 service fabric internals
 
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelWKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
 
Greetings from AWS User Group Taiwan
Greetings from AWS User Group TaiwanGreetings from AWS User Group Taiwan
Greetings from AWS User Group Taiwan
 
Pivoting Spring XD to Spring Cloud Data Flow with Sabby Anandan
Pivoting Spring XD to Spring Cloud Data Flow with Sabby AnandanPivoting Spring XD to Spring Cloud Data Flow with Sabby Anandan
Pivoting Spring XD to Spring Cloud Data Flow with Sabby Anandan
 
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HA
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HALoad Balancers vs IIS ARR or a Web Application Proxy (WA) for HA
Load Balancers vs IIS ARR or a Web Application Proxy (WA) for HA
 
Intro to Serverless
Intro to ServerlessIntro to Serverless
Intro to Serverless
 
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, Cloudera
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, ClouderaLessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, Cloudera
Lessons from the field: Catalog of Kafka Deployments | Joseph Niemiec, Cloudera
 
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
Importance of ‘Centralized Event collection’ and BigData platform for Analysis !
 
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For Scala
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For ScalaScala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For Scala
Scala Security: Eliminate 200+ Code-Level Threats With Fortify SCA For Scala
 
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
Network security with Azure PaaS services by Erwin Staal from 4DotNet at Azur...
 
Serverless Patterns
Serverless PatternsServerless Patterns
Serverless Patterns
 

Destacado

Shared Security Responsibility Model of AWS
Shared Security Responsibility Model of AWSShared Security Responsibility Model of AWS
Shared Security Responsibility Model of AWSAkshay Mathur
 
Azure Cloud Application Design and Implementation Guidance の紹介
Azure Cloud Application Design and Implementation Guidance の紹介Azure Cloud Application Design and Implementation Guidance の紹介
Azure Cloud Application Design and Implementation Guidance の紹介Takekazu Omi
 
Introduction to Azure Service Fabric
Introduction to Azure Service FabricIntroduction to Azure Service Fabric
Introduction to Azure Service FabricTakekazu Omi
 
Object Oriented Programing in JavaScript
Object Oriented Programing in JavaScriptObject Oriented Programing in JavaScript
Object Oriented Programing in JavaScriptAkshay Mathur
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNChao Chen
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS AttacksAmazon Web Services
 
Introduction to Node js
Introduction to Node jsIntroduction to Node js
Introduction to Node jsAkshay Mathur
 
F5 link controller
F5 link controllerF5 link controller
F5 link controllerJimmy Saigon
 

Destacado (8)

Shared Security Responsibility Model of AWS
Shared Security Responsibility Model of AWSShared Security Responsibility Model of AWS
Shared Security Responsibility Model of AWS
 
Azure Cloud Application Design and Implementation Guidance の紹介
Azure Cloud Application Design and Implementation Guidance の紹介Azure Cloud Application Design and Implementation Guidance の紹介
Azure Cloud Application Design and Implementation Guidance の紹介
 
Introduction to Azure Service Fabric
Introduction to Azure Service FabricIntroduction to Azure Service Fabric
Introduction to Azure Service Fabric
 
Object Oriented Programing in JavaScript
Object Oriented Programing in JavaScriptObject Oriented Programing in JavaScript
Object Oriented Programing in JavaScript
 
DDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDNDDoS Attack Detection & Mitigation in SDN
DDoS Attack Detection & Mitigation in SDN
 
(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks(SEC306) Defending Against DDoS Attacks
(SEC306) Defending Against DDoS Attacks
 
Introduction to Node js
Introduction to Node jsIntroduction to Node js
Introduction to Node js
 
F5 link controller
F5 link controllerF5 link controller
F5 link controller
 

Similar a Techniques for scaling application with security and visibility in cloud

Building a Real-Time Security Application Using Log Data and Machine Learning...
Building a Real-Time Security Application Using Log Data and Machine Learning...Building a Real-Time Security Application Using Log Data and Machine Learning...
Building a Real-Time Security Application Using Log Data and Machine Learning...Sri Ambati
 
Cloud-Native-Data with Cornelia Davis
Cloud-Native-Data with Cornelia DavisCloud-Native-Data with Cornelia Davis
Cloud-Native-Data with Cornelia DavisVMware Tanzu
 
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS MigrationOut With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS MigrationAcquia
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS
 
UI Dev in Big data world using open source
UI Dev in Big data world using open sourceUI Dev in Big data world using open source
UI Dev in Big data world using open sourceTech Triveni
 
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...Callon Campbell
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721Haeseung Lee
 
In-Stream Processing Service Blueprint, Reference architecture for real-time ...
In-Stream Processing Service Blueprint, Reference architecture for real-time ...In-Stream Processing Service Blueprint, Reference architecture for real-time ...
In-Stream Processing Service Blueprint, Reference architecture for real-time ...Grid Dynamics
 
Comparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsComparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsMike Ensor
 
Migrating Lotus Notes Applications to Sharepoint Online with Nintex
Migrating Lotus Notes Applications to Sharepoint Online with NintexMigrating Lotus Notes Applications to Sharepoint Online with Nintex
Migrating Lotus Notes Applications to Sharepoint Online with NintexMaarga Systems
 
Making Cloud Deployment A Reality For End-To-End Policy Administration
Making Cloud Deployment A Reality For End-To-End Policy AdministrationMaking Cloud Deployment A Reality For End-To-End Policy Administration
Making Cloud Deployment A Reality For End-To-End Policy AdministrationAccenture Insurance
 
Using Google App Engine Python
Using Google App Engine PythonUsing Google App Engine Python
Using Google App Engine PythonAkshay Mathur
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014Amazon Web Services
 
Потоковая обработка больших данных
Потоковая обработка больших данныхПотоковая обработка больших данных
Потоковая обработка больших данныхCEE-SEC(R)
 
Serverless: Market Overview and Investment Opportunities
Serverless: Market Overview and Investment OpportunitiesServerless: Market Overview and Investment Opportunities
Serverless: Market Overview and Investment OpportunitiesUnderscore VC
 
Making the Transition from Suite to the Hub
Making the Transition from Suite to the HubMaking the Transition from Suite to the Hub
Making the Transition from Suite to the HubBlack Duck by Synopsys
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021Ieva Navickaite
 
Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxPINGXIONG3
 

Similar a Techniques for scaling application with security and visibility in cloud (20)

Building a Real-Time Security Application Using Log Data and Machine Learning...
Building a Real-Time Security Application Using Log Data and Machine Learning...Building a Real-Time Security Application Using Log Data and Machine Learning...
Building a Real-Time Security Application Using Log Data and Machine Learning...
 
Cloud-native Data
Cloud-native DataCloud-native Data
Cloud-native Data
 
Cloud-Native-Data with Cornelia Davis
Cloud-Native-Data with Cornelia DavisCloud-Native-Data with Cornelia Davis
Cloud-Native-Data with Cornelia Davis
 
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS MigrationOut With the Old, in With the Open-source: Brainshark's Complete CMS Migration
Out With the Old, in With the Open-source: Brainshark's Complete CMS Migration
 
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
NUS-ISS Learning Day 2018- Designing software to make the most of cloud platf...
 
UI Dev in Big data world using open source
UI Dev in Big data world using open sourceUI Dev in Big data world using open source
UI Dev in Big data world using open source
 
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
Global Azure 2022 - Architecting Modern Serverless APIs with Azure Functions ...
 
Gcp intro-20160721
Gcp intro-20160721Gcp intro-20160721
Gcp intro-20160721
 
In-Stream Processing Service Blueprint, Reference architecture for real-time ...
In-Stream Processing Service Blueprint, Reference architecture for real-time ...In-Stream Processing Service Blueprint, Reference architecture for real-time ...
In-Stream Processing Service Blueprint, Reference architecture for real-time ...
 
Comparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutionsComparing Legacy and Modern e-commerce solutions
Comparing Legacy and Modern e-commerce solutions
 
Migrating Lotus Notes Applications to Sharepoint Online with Nintex
Migrating Lotus Notes Applications to Sharepoint Online with NintexMigrating Lotus Notes Applications to Sharepoint Online with Nintex
Migrating Lotus Notes Applications to Sharepoint Online with Nintex
 
Making Cloud Deployment A Reality For End-To-End Policy Administration
Making Cloud Deployment A Reality For End-To-End Policy AdministrationMaking Cloud Deployment A Reality For End-To-End Policy Administration
Making Cloud Deployment A Reality For End-To-End Policy Administration
 
Using Google App Engine Python
Using Google App Engine PythonUsing Google App Engine Python
Using Google App Engine Python
 
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
(ENT211) Migrating the US Government to the Cloud | AWS re:Invent 2014
 
Потоковая обработка больших данных
Потоковая обработка больших данныхПотоковая обработка больших данных
Потоковая обработка больших данных
 
Serverless: Market Overview and Investment Opportunities
Serverless: Market Overview and Investment OpportunitiesServerless: Market Overview and Investment Opportunities
Serverless: Market Overview and Investment Opportunities
 
Making the Transition from Suite to the Hub
Making the Transition from Suite to the HubMaking the Transition from Suite to the Hub
Making the Transition from Suite to the Hub
 
Sai_Resume
Sai_ResumeSai_Resume
Sai_Resume
 
MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021MuleSoft Manchester Meetup #4 slides 11th February 2021
MuleSoft Manchester Meetup #4 slides 11th February 2021
 
Do I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptxDo I Need A Service Mesh.pptx
Do I Need A Service Mesh.pptx
 

Más de Akshay Mathur

Documentation with Sphinx
Documentation with SphinxDocumentation with Sphinx
Documentation with SphinxAkshay Mathur
 
Kubernetes Journey of a Large FinTech
Kubernetes Journey of a Large FinTechKubernetes Journey of a Large FinTech
Kubernetes Journey of a Large FinTechAkshay Mathur
 
Security and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesSecurity and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesAkshay Mathur
 
Enhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices ApplicationsEnhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices ApplicationsAkshay Mathur
 
Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...Akshay Mathur
 
Getting Started with Angular JS
Getting Started with Angular JSGetting Started with Angular JS
Getting Started with Angular JSAkshay Mathur
 
Releasing Software Without Testing Team
Releasing Software Without Testing TeamReleasing Software Without Testing Team
Releasing Software Without Testing TeamAkshay Mathur
 
Getting Started with jQuery
Getting Started with jQueryGetting Started with jQuery
Getting Started with jQueryAkshay Mathur
 
Creating Single Page Web App using Backbone JS
Creating Single Page Web App using Backbone JSCreating Single Page Web App using Backbone JS
Creating Single Page Web App using Backbone JSAkshay Mathur
 
Getting Started with Web
Getting Started with WebGetting Started with Web
Getting Started with WebAkshay Mathur
 
Getting Started with Javascript
Getting Started with JavascriptGetting Started with Javascript
Getting Started with JavascriptAkshay Mathur
 
Testing Single Page Webapp
Testing Single Page WebappTesting Single Page Webapp
Testing Single Page WebappAkshay Mathur
 

Más de Akshay Mathur (15)

Documentation with Sphinx
Documentation with SphinxDocumentation with Sphinx
Documentation with Sphinx
 
Kubernetes Journey of a Large FinTech
Kubernetes Journey of a Large FinTechKubernetes Journey of a Large FinTech
Kubernetes Journey of a Large FinTech
 
Security and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in KubernetesSecurity and Observability of Application Traffic in Kubernetes
Security and Observability of Application Traffic in Kubernetes
 
Enhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices ApplicationsEnhanced Security and Visibility for Microservices Applications
Enhanced Security and Visibility for Microservices Applications
 
Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...Considerations for East-West Traffic Security and Analytics for Kubernetes En...
Considerations for East-West Traffic Security and Analytics for Kubernetes En...
 
Getting Started with Angular JS
Getting Started with Angular JSGetting Started with Angular JS
Getting Started with Angular JS
 
Releasing Software Without Testing Team
Releasing Software Without Testing TeamReleasing Software Without Testing Team
Releasing Software Without Testing Team
 
Getting Started with jQuery
Getting Started with jQueryGetting Started with jQuery
Getting Started with jQuery
 
CoffeeScript
CoffeeScriptCoffeeScript
CoffeeScript
 
Creating Single Page Web App using Backbone JS
Creating Single Page Web App using Backbone JSCreating Single Page Web App using Backbone JS
Creating Single Page Web App using Backbone JS
 
Getting Started with Web
Getting Started with WebGetting Started with Web
Getting Started with Web
 
Getting Started with Javascript
Getting Started with JavascriptGetting Started with Javascript
Getting Started with Javascript
 
Working with GIT
Working with GITWorking with GIT
Working with GIT
 
Testing Single Page Webapp
Testing Single Page WebappTesting Single Page Webapp
Testing Single Page Webapp
 
Mongo db
Mongo dbMongo db
Mongo db
 

Último

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersRaghuram Pandurangan
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxLoriGlavin3
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Último (20)

Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Generative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information DevelopersGenerative AI for Technical Writer or Information Developers
Generative AI for Technical Writer or Information Developers
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptxUse of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
Use of FIDO in the Payments and Identity Landscape: FIDO Paris Seminar.pptx
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Techniques for scaling application with security and visibility in cloud

  • 1. Techniques for Scaling Application with Security and Visibility in Cloud Akshay Mathur @akshaymathu of @appcito
  • 2. Let’s Know Each Other • Do you Manage applications? • Hosting providers? • Priorities? • Tools? • Why are you attending? • What are your Goal? • Happy Users, Happy DevOps, Happy Servers 2@akshaymathu
  • 3. Akshay Mathur • 15+ years in IT industry • Currently Product Manager at Appcito • Mostly worked with Startups • From Conceptualization to Stabilization • At different functions i.e. development, testing, release, marketing, devops • With multiple technologies • Founding Team Member of • ShopSocially (Enabling “social” for retailers) • AirTight Neworks (Global leader of WIPS) @akshaymathu 3
  • 4. Ground Rules • Tweet now: #TechNext @akshaymathu @appcito • Disturb Everyone later • Not by phone rings • Not by local talks • By more information and questions @akshaymathu 4
  • 6. Traditional Application • Monolithic components • All application layers in a box • Complex objects • Box specific sessions • Designed for vertical scale • Self managed deployment @akshaymathu 6
  • 10. Modern Application • Light weight services • Application layers designed for network communication • Cloud deployment • Designed for horizontal scale @akshaymathu 10
  • 13. Growth Phase 1: Load Balancing • Replicate the box • Have a load balancer @akshaymathu 13
  • 14. Questions before Growing Further • About Insights: • Are all server instances healthy? • When should I add more servers? • What is the traffic volume and its pattern? • What areas of application are used most? • What are problematic areas? • Who access my application? • What devices, browsers, apps are in use? • About Optimization: • How can I serve more traffic using existing servers? • Does all the serves must be of same type, running same code? • Can the content be compressed, cached? • What to do for optimizing content for various devices? • Do I really need to redirect traffic to a different URLs for specific servings? • Does managing so many URLs for same functionality makes sense? • Can someone take care of SSL termination? @akshaymathu 14
  • 15. Growth Phase 2: Insights • Google Analytics, Statcounter etc. only provide information after page load • Information about programmatic access is missing • Access logs provide true information about traffic • Logs are typically in each box rather than a central place • Difficult to read; log parsers also provide minimal information • Need to push logs to some analytics engine and configure analytics engine for getting meaningful information out @akshaymathu 15
  • 16. Growth Phase 3: Content Optimization • Compressing the response • Optimizing images • In-lining the external resources • JS • CSS • Images as base64 • Caching (as needed) • Prefetching (if possible) • Google’s PageSpeed does it well for HTML pages @akshaymathu 16
  • 17. Growth Phase 4: Offloading • SSL Handshake • Encryption and Decryption • Connection handling • Content optimization • Anything that can be done asynchronously e.g. sending email, tweets etc. • Point solutions are available for each of these @akshaymathu 17 App Servers Apache + Pylons Message Queue RabbitMQ Background Worker Nodes Celery SSL Terminator Content Optimizer
  • 18. Growth Phase 5: Content Switching • Serve different content from different servers (reverse proxy) • Static files (JS, CSS, Images) may be served from a web server; App server is not needed • High frequency requests may be served from different server • Different app servers may be used for the use case they are optimized for • Have different set of servers for different geographies • Dedicate a few servers for specific customer • Dedicate servers for specific functions e.g. authentication, API serving etc. • HA Proxy is most popular tool here • NginX is also used as reverse proxy @akshaymathu 18
  • 19. Web Servers NginX App Servers Mongral + Brubeck App Servers Apache + Pylons Web Servers Apache + Wordpress NoSql Datastore Redis NoSql Datastore MongoDB Sql Datastore MySql Corporate website Main dynamic content High frequency requests High speed storage Main Storage Content Switching Reverse Proxy
  • 20. Growth Phase 6: Denying BOT Traffic • Traffic from bad BOTs is about 30% • Amounts to 30% wastage of server resources • Various fingerprinting techniques are there for identifying the BOTs • IP reputation • UA analysis • Pattern analysis • JS insertion • Advance algorithms @akshaymathu 20
  • 21. Growth Phase 7: Preventing Data Theft • Typical ways are: • SQL/object injection • Cross Site Scripting (XSS) • File include • Malware inclusion • Exploiting vulnerabilities of coding, framework, language, platform • Scan the deployment regularly • Fix any vulnerability by applying patches • Use Web Application Firewall (WAF) @akshaymathu 21
  • 22. Growth Phase 8: Preventing from DDoS Attack • Volumetric attack • Many clients make connections with server • Clients send huge traffic to the server • Traffic is typically bogus • Prevention • Rapidly increase scale to consume connections/traffic • Rate limit connections/requests • Delay/Deny bogus traffic • Blacklist BAD clients • Protocol exploits • Attacker crafts traffic knowing the timeouts and limits of protocol • Slow moving bogus traffic hogs resources of server • Prevention • Setup policy to apply aggressive limits and timeouts in case of heavy load • Terminate connection when unusual behavior is observed • Blacklist BAD client @akshaymathu 22
  • 23. Growth Phase 7: Continuous Delivery • Upgrade the system without disturbing availability • Why Continuous Delivery? @akshaymathu 23
  • 24. Continuous Delivery • Considerations: • Zero down time • Even a little downtime means a lot for high volume applications • Seamless re-orientation of live traffic from old to new deployment • User experience has to be smooth • Easy roll back • Minimize the impact in case something goes wrong • Technique: Blue Green deployments • Deploy old and new version in parallel and switch the traffic • Switch using DNS • Switch using fixed NATed IP addresses • Switch using external tools like load balancer or reverse proxy
  • 26. App & Traffic Metrics What is Needed Overall? 26 Availability Performance Security DevOps Advanced Load Balancing Content Switching Application Fluency Elastic & Self-Scaling Continuous Deployment Request Mirroring Request Replay Programmable Policies Per Application Control Front-End Optimization Mobile and Web Client App optimization Caching & compression Predictive API caching Application & Server offloading Application Firewall Elastic SSL Anomaly Detection DDoS Prevention BOT Protection Trends & Correlations Anomalies Policy Recommendations Analytics & Insights
  • 27. CDN Custom Scripts, Rules, Alert Management Aggregation across instances Application Front-End Architecture • Spaghetti of point solutions • Multiple points of failure, redundancy difficult to setup • Not elastic and cloud native @akshaymathu 27
  • 28. CDN Application Front-End Architecture with CAFE • All services for application under one consolidated product • Easy Activation of capabilities closer to application • Application policy is coordinated across services and policy enforced @akshaymathu 28 Availability Security Performance Continuous Deployment Appcito Cloud Application Front-End (CAFE)
  • 29. Cloud Application Front End (CAFE) Taking Cloud Applications from Good to Great
  • 30. Appcito CAFE Service Insights & Analytics Content Optimization Application Security & DDoS Prevention Unified Functionality Available As SaaS Delivery Simple Activation No Code Change For Dev /Ops Cloud-agnostic App Owner Elastic Continuous Delivery Availability & Elasticity
  • 31. Typical Deployment Customer’s Cloud Customer’s End Users app server app server Load Balancer app server DNS Network Subnet Availability Zone
  • 32. Deployment with CAFE Customer’s Cloud Customer’s End Users app server app server Load Balancer app server Appcito Cloud CAFE Barista Management, Control, Analytics DNS CAFE PEP Network Subnet Availability Zone
  • 33. CAFE Configuration Model • Think Out of the box (literally) • Think in terms of • Applications • Traffic flow • Request patterns • Forget about • Box provisioning • Box configuration • Networking flow • L2/L3 access control @akshaymathu 33
  • 34. Production A (Blue) Production B (Green) Launch Upgrade Traffic Splitting 80% 20% Appcito CAFE 80% 20% CAFE Blue/Green Technique • Steer traffic NOT switch • Test with production traffic • Move with confidence • Compare performance and take informed decisions
  • 35. App & Traffic Metrics Appcito CAFE Service Capabilities 35 Availability Performance Security DevOps Advanced Load Balancing Content Switching Application Fluency Elastic & Self- Scaling Continuous Deployment Request Mirroring Request Replay Programmable Policies Per Application Control Front-End Optimization Optimization for client Caching & compression Predictive caching Application & Server offloading Application Firewall Elastic SSL Anomaly Detection DDoS BOT Protection Trends & Correlations Anomalies Detection Policy Recommendation Analytics & Insights

Notas del editor

  1. (RGB)
R=1 G=66 B=135 (RGB)
R=132 G=194 B=37