Securing a multi-tier web application requires a number of security functions resulting in complex layer 3 networking rules introducing error and network latency. Instead, OpenStack can service chain traffic through security functions using layer 2 constructs to reduce complexity and improve performance.
In this lab, students will be provided with an OpenStack cloud, a vulnerable web application and security functions to protect it (virtualized security machines) to protect a web application. The lab has students configure service chaining to flow traffic through all the required security functions reducing the complexity, latency and operational costs. A vulnerability scanner is available for students to validate that the security functions are indeed in place and protecting the application. This lab is run completely on open source software.
Please note: this session attendance will be limited to 64 people. All admittance will be on a first come, first served basis. This session will be repeated on Wednesday, April 10th, at 9am in Back Bay Ballroom C/D. Thank you for your understanding.
This lab educates attendees on the how to utilize virtual networking to easily introduce network security functions into the traffic flow without having to re-engineer the layer 3 networks. This includes using Heat, Nova and Neutron through the Horizon and OpenStack command line clients
Attendees will also learn how to protect web applications utilizing open source network security software available in the lab as virtual machines. This includes using network vulnerability scanners to validate that the security functions are indeed protecting the website.