From the course: AWS Certified Solutions Architect - Professional (SAP-C02) Cert Prep

Unlock this course with a free trial

Join today to access over 25,600 courses taught by industry experts.

Security scenario, part 1

Security scenario, part 1 - Amazon Web Services (AWS) Tutorial

From the course: AWS Certified Solutions Architect - Professional (SAP-C02) Cert Prep

Start my 1-month free trial Buy for my team

Security scenario, part 1

- In this scenario, we are going to explore network security requirements specifically around DLP, or data loss prevention. A company currently uses VPCs with private subnets for critical resources. NAT gateways are deployed for outbound traffic. All EC2 instances are launched into these private subnets and use the NAT gateways for outbound traffic on ports 80 and 443. There is a new security control requiring all outbound traffic be inspected for DLP and to reject unauthorized destinations. The control requires a resilient solution, so that's a requirement, that can scale to include all ports and protocols. That's another requirement. What actions can be taken to meet the new requirements? Now, before we go any further, we need to understand, data loss prevention means we are going to need to inspect the traffic at some level to discover whether or not data loss prevention is required. Now that we know the requirements, what questions should we ask ourselves? Well, what is a NAT…

Contents