May 8-11, 2017

Event Details

Securing Web Applications with Service Chaining

Securing a multi-tier web application requires a number of security functions resulting in complex layer 3 networking rules introducing error and network latency. Instead, OpenStack can service chain traffic through security functions using layer 2 constructs to reduce complexity and improve performance.

In this lab, students will be provided with an OpenStack cloud, a vulnerable web application and security functions to protect it (virtualized security machines) to protect a web application. The lab has students configure service chaining to flow traffic through all the required security functions reducing the complexity, latency and operational costs. A vulnerability scanner is available for students to validate that the security functions are indeed in place and protecting the application. This lab is run completely on open source software.


Please note:  this session attendance will be limited to 64 people.  All admittance will be on a first come, first served basis.  This session will be repeated on Wednesday, April 10th, at 9am in Back Bay Ballroom C/D.  Thank you for your understanding.   

What can I expect to learn?

This lab educates attendees on the how to utilize virtual networking to easily introduce network security functions into the traffic flow without having to re-engineer the layer 3 networks. This includes using Heat, Nova and Neutron through the Horizon and OpenStack command line clients

Attendees will also learn how to protect web applications utilizing open source network security software available in the lab as virtual machines. This includes using network vulnerability scanners to validate that the security functions are indeed protecting the website.

Monday, May 8, 11:15am-12:45pm
Difficulty Level: Intermediate
JHL Consulting
For the OpenStack Community, John volunteers his time running an OpenStack cloud for the Zuul CI/CD program, running a number of OpenStack user groups and events, as well as building and presenting interesting cloud computing workshops and content. Professional, John is the president of JHL Consulting, a cloud and cybersecurity consulting firm. He provides technical product development... FULL PROFILE
Cynthia is the Director of Customer Success at Midokura. Her background in networking spans Data Center, Telecommunications, and Campus/Enterprise solutions. She is a frequent speaker at cloud conferences such as OpenStack Summits, OpenStack meetups and the IT Cloud Computing Conference (IC3). Cynthia has earned a number of professional certifications, including: Alcatel-Lucent Network Routing... FULL PROFILE