Skip to content

Cloud Redux: Update on Amazon’s EC2 Outage

May 6, 2011

Last week, we blogged about Amazon’s recent outage of their EC2 cloud platform that affected numerous high-traffic sites, including Reddit and Quora.  Recently, Amazon did the right thing and provided a detailed account to the public of what went wrong.  The most interesting detail was described as follows:

The trigger for this event was a network configuration change. We will audit our change process and increase the automation to prevent this mistake from happening in the future. However, we focus on building software and services to survive failures. Much of the work that will come out of this event will be to further protect the EBS service in the face of a similar failure in the future.

Configuration changes have long been the Achilles heel of information security threats; incorrect configurations not only open up the door to malware, malicious attackers, and other threats, but they can seriously degrade or (in Amazon’s case) completely sever a business service.  The need for proper and complete change management is absolutely critical, especially as the number of assets an organization owns or manages increases.  Tied to that change control process must be complete, continuous monitoring of assets to ensure that only changes that are approved are implemented, and immediately alert on those changes when they occur.

Of course, configuration changes aren’t event-based data, so trying to use a SIEM to do real-time monitoring of actual system configurations is like trying to perform surgery with a spoon instead of a scalpel.  You need real, effective monitoring of assets and configuration changes across your enterprise in order to identify configuration changes that can potentially cause massive outages and other problems — fortunately, we happen to know of a situational awareness platform that help.

Advertisements
No comments yet

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: