How to Improve the Security of AWS Storage
So how do you improve the security of AWS storage?
Instead of requiring proprietary hardware or an outside datacenter, SoftNAS extends native AWS storage (EBS, S3) to create an enterprise-grade, full-featured cloud NAS filer, including SNAP HA with patent-pending Elastic HA technology with automatic failover that keeps data flowing, even when disaster strikes, an instance fails or an entire AWS availability zone isn’t available.
Nothing is more critical to the continuity of your business than your data. Some security-conscious customers or those with susceptible data avoid solutions like Elastic HA, which utilizes public IPs, exposing storage to Internet-accessible addresses.
Other customers concerns include:
- Cost of inbound bandwidth of the storage
- Storage is located on a public subnet on a VPC
With these customers in mind, the next version of SoftNAS will include several features that will allow for greater deployment flexibility and security.
SoftNAS offers the mission-critical data protection and high availability required for the non-stop operation of your business. Simple, powerful, and agile, SoftNAS is easy to try, buy and deploy across public, private, and hybrid clouds. SoftNAS for AWS enables customers to quickly and efficiently implement hybrid and pure cloud business solutions that ensure corporate data is always safe and available and applications do not experience downtime.
Network Security Groups Configuration in AWS
Network services can be set in the same manner as Premise instances, within the console after AWS setup. However, the simpler solution is to set your services and ports via the creation of Security Groups during setup. The Launch Instance manual setup wizard allows you to create a secure networking configuration prior to the first boot.
SoftNAS Security in the AWS Cloud
SoftNAS Enterprise builds upon Pure AWS storage infrastructures like EBS, S3, and SSD running within your own AWS account. Your data is always secure and totally under your control within your AWS virtual private cloud (VPC), never leaving the trusted AWS data center. Your data can also be fully encrypted and secured using AWS encryption of EBS and SoftNAS Enterprise encryption of S3 data.
Secure VPC Networking:
Secure NAS storage access routing within VPCs with complex routing tables and subnets.
HA for Private VPCs:
Private IPs for better VPC security in HA configurations.
Data encryption all the time–at rest and in flight. Data-at-rest is encrypted through open-source Linux Unified Key Setup (LUKs). LUKs is accepted as the standard for encryption of stored data. Data-in-flight is encrypted for CIFS and NFS file protocols.
Dual Factor Authentication:
Prevent unauthorized access to SoftNAS management console with two-step authentication for SoftNAS StorageCenter through Google Authenticator.
Login Protection from Bots:
Human verification through Google reCAPTCHA prevents bots from programmatically gaining access to the SoftNAS Enterprise management console.
Large-scale Windows Filer with Active Directory:
Supports thousands of concurrent users with billions of files for enterprise-scale file server, VDI user file storage via CIFS/SMB 3 protocol.
Large-scale NFS Server:
Supports thousands of concurrent users with billions of files for enterprise-scale file server, user file storage via NFS 4 protocol.
Identity & Access Management (IAM):
Provide least privilege access control and management without use of access keys for HA setup and S3 cloud disks.
SoftNAS Enterprise Cloud NAS for AWS provides the performance, reliability, and fault tolerance required for mission-critical applications. SoftNAS offers the broadest range of storage options in terms of price vs. performance and backend storage selection, on-demand at a petabyte-scale across the AWS and Azure Marketplaces or on-premises.