Characteristics of a True Private Cloud

Leave a reply

A lot of companies like to claim that their internal IT infrastructure is a “private cloud.”  But what really qualifies as a “cloud?”  According to ISC2 (International Information System Security Certification Consortium), ISO/IEC 17788, and NIST, a true private cloud must have the following characteristics similar to a public cloud such as AWS or Azure.

1. On-demand self-service.  This characteristic enables the provisioning of cloud resources including compute, storage and network whenever and wherever they are required.  It allows self-provisioning where the user can setup, manage or operate the cloud services without assistance from the cloud provider or IT personnel.

2. Broad network access. The cloud should always be available and accessible anytime and anywhere.  Users should have widespread access to their compute resources as well as their data at home, office, or on the road, using any device such as laptop, desktop, smartphone or tablet.

3. Resource pooling. A cloud typically has a large number of compute, storage, and network devices as well as sophisticated applications which can be pooled to address various user needs. These resources can be scaled and adjusted to meet user workloads or requirements.

4. Rapid elasticity.  This allows the user to obtain additional compute, storage, network and other resources as their workload requires.  This is often automated and transparent to the user.

5. Measured service.  This is a critical component for a cloud service because this is the only way the user can be charged back for its use of the resources.  A cloud should be able to measure, control, and report the user’s usage of resources. 

Most companies probably meet one or two of the above criteria.  Resource pooling for instance is one of them because of the widespread use of virtualization technology.  However, they usually struggle to provide measured service, as they usually over provision resources and unable to quantify usage. 

For the most part these companies are still traditional IT.   Without all of the cloud computing characteristics, it is simply not possible to deliver and maintain a reliable service to the rapid and changing requirements of the business.

Practical Research 2: Exploring Quantitative Research, 2nd Edition

Leave a reply

About the book:
This book features the step-by-step process of quantitative research. It aims to develop critical thinking and problem-solving skills.

DepEd K-12 Curriculum Compliant
Outcomes Based Education (OBE) Designed
Grade Level: Grade 12 
Semester: 1st Semester
Track: Applied Track
Authors: Garcia M, Palencia J, Palencia M.
ISBN: 978-621-436-006-2
Edition: Second Edition
Year Published: 2019
Language: English
No. of pages: 368
Size: 7 x 10 inches

Contents:
CHAPTER 1 – Nature of Inquiry and Research
CHAPTER 2 – Identifying Inquiry and Formulating Statement of the Problem
CHAPTER 3 – Learning from Others and Reviewing the Literature
CHAPTER 4 – Understanding Data and Ways to Systematically Collect Data
CHAPTER 5 – Finding Answers through Data Collection
CHAPTER 6 – Reporting and Sharing Findings

CONTACT INFORMATION:

https://www.azespublishing.com

Bank Drive, Ortigas Center, 
Mandaluyong City, Philippines 1550 
Landline: +63 2 8515-9557 
Globe: +63 967-236-7338 
Smart: +63 961-362-2635 
sales@azespublishing.com 
azespublishingcorp@gmail.com 

Authorized Online Distributors

LAZADA 1

LAZADA 2

SHOPEE 1 

SHOPEE 3

CAROUSELL

Practical Research 1: Basics of Qualitative Research, 2nd Edition

Leave a reply

About the book:
This book aims to develop critical thinking and problem-solving skills through qualitative research

DepEd K-12 Curriculum Compliant
Outcomes Based Education (OBE) Designed
Grade Level: Grade 11
Semester: 2nd Semester
Track: Applied Track
Authors: Garcia M, Palencia J, Palencia M.
ISBN: 978-621-436-007-9
Edition: Second Edition
Year Published: 2019
Language: English
No. of pages: 384
Size: 7 x 10 inches

Contents:
Chapter 1 – Nature of Inquiry and Research 
Chapter 2 – Qualitative Research and Its Importance in Daily Life
Chapter 3 – Identifying the Inquiry and Stating the Problem
Chapter 4 – Learning from Others and Reviewing the Literature
Chapter 5 – Understanding Data and Ways to Systematically Collect Data
Chapter 6 – Finding Answers Through Data Collection
Chapter 7 – Analyzing the Meaning of the Data and Drawing Conclusions
Chapter 8 – Reporting and Sharing the Findings

CONTACT INFORMATION:

https://www.azespublishing.com

Bank Drive, Ortigas Center, 
Mandaluyong City, Philippines 1550 
Landline: +63 2 8515-9557 
Globe: +63 967-236-7338 
Smart: +63 961-362-2635 
sales@azespublishing.com 
azespublishingcorp@gmail.com 

Authorized Online Distributors

LAZADA 1

LAZADA 2

SHOPEE 1 

SHOPEE 3

CAROUSELL

21st Century Literature from the Philippines and the World, 3rd Edition

Leave a reply

About the book:

This textbook engages students in the appreciation and critical study of 21st Century Literature from the Philippines and the World encompassing their various dimensions, genres, elements, structures, contexts, and traditions.

Chapters 1 to 5 are literary texts from the Philippines and the representative writings from the different regions of the country and from the National Artists for Literature.

Chapters 6 to 11 are representative texts from the different continents of the world originally written in the 21st century.

21st century literatures are literary works written and published at the latter part of the 21st century (from 2001 onwards). These works are often characterized as gender sensitive, technologically alluding, culturally pluralistic, operates on the extreme reality or extreme fiction, and questions conventions and supposedly absolute norms.

DepEd K-12 Curriculum Compliant
Outcomes Based Education (OBE) Designed
Grade Level: Grades 11/ 12
Semester: 1st Semester
Strands: ABM, HUMSS, STEM, GAS
Authors: Palencia M, Cruz J.
ISBN: 978-621-436-029-1
Edition: Third Edition
Year Published: 2019
Language: English
No. of pages: 400
Size: 7 x 10 inches

Contents:

Chapter 1 – 21st Century Philippine Literature
Chapter 2 – History of Philippine Literature
Chapter 3 – Philippine Literary Canon
Chapter 4 – National Artists for Literature
Chapter 5 – Selected Texts in 21st Century Philippine Literature
Chapter 6 – 21st Century World Literature
Chapter 7 – 21st Century Asian Literature
Chapter 8 – 21st Century Anglo-American Literature
Chapter 9 – 21st Century Continental European Literature
Chapter 10 – 21st Century Latin American Literature
Chapter 11 – 21st Century African Literature
Chapter 12 – Critical Approaches to Literature

CONTACT INFORMATION:

https://www.azespublishing.com

Bank Drive, Ortigas Center, 
Mandaluyong City, Philippines 1550 
Landline: +63 2 8515-9557 
Globe: +63 967-236-7338 
Smart: +63 961-362-2635 
sales@azespublishing.com 
azespublishingcorp@gmail.com 

Authorized Online Distributors

LAZADA 1

LAZADA 2

SHOPEE 1 

SHOPEE 3

CAROUSELL

Creative Writing, 2nd Edition

Leave a reply

About the book:
This textbook aims to develop practical and creative skills in reading and writing; introduce students to the fundamental techniques of writing fiction, poetry, and drama; and discuss the use of such techniques by well-known authors in a variety of genres. Activities are devoted to the examination of techniques and to the workshop of students’ drafts toward the enrichment of their manuscripts. Students will learn how to combine inspiration and revision, and to develop a sense of form.

DepEd K-12 Curriculum Compliant
Outcomes Based Education (OBE) Designed
Grade Level: Grades 11/ 12
Semester: 1st Semester
Strands: HUMSS, GAS
Authors: Palencia M, Chancoco J, Garcia M.
ISBN: 978-621-436-021-5
Edition: Second Edition
Year Published: 2019
Language: English
No. of pages: 352
Size: 7 x 10 inches

Contents:
Chapter 1 – In Your Write Mind: Following the Writer’s Trade
Chapter 2 – The Process of Writing: Whatever Works
Chapter 3 – Reading and Writing Poetry: For Better or Verse
Chapter 4 – Reading and Writing Fiction: The Long and Short of It
Chapter 5 – Reading and Writing Drama: Finding the Shakespeare in You
Chapter 6 – Final Output – Writing Prompts for Poems, Stories and Drama

CONTACT INFORMATION:

https://www.azespublishing.com

Bank Drive, Ortigas Center, 
Mandaluyong City, Philippines 1550 
Landline: +63 2 8515-9557 
Globe: +63 967-236-7338 
Smart: +63 961-362-2635 
sales@azespublishing.com 
azespublishingcorp@gmail.com 

Authorized Online Distributors

LAZADA 1

LAZADA 2

SHOPEE 1 

SHOPEE 3

CAROUSELL

Contemporary Philippine Arts from the Regions, 3rd Edition

Leave a reply

About the book:
This textbook covers various contemporary arts practices from the different regions in the Philippines. It aims to provide students with an appreciation of a broad range of styles in the various disciplines with consideration on their mediums, elements and principles, and engage them to an integrative approach in studying arts. Through this textbook, students will broaden and acquire the necessary creative tools that open opportunities in pursuing their individual career goals and aspirations.

DepEd K-12 Curriculum Compliant
Outcomes Based Education (OBE) Designed
Grade Level: Grades 11/ 12
Semester: 1st or 2nd Semester
Strands: ABM, HUMSS, STEM, GAS
Authors: Palencia M, Cruz J.
ISBN: 978-621-436-023-9
Edition: Third Edition
Year Published: 2019
Language: English
No. of pages: 384
Size: 7 x 10 inches

Contents:
UNIT 1 – INTEGRATIVE ART AS APPLIED TO CONTEMPORARY ART
Chapter 1 – The Study of the Humanities and the Arts

UNIT 2 – CONTEMPORARY ARTS IN THE PHILIPPINES
Chapter 2 – Contemporary Philippine Art
Chapter 3 – National Artists of the Philippines
Chapter 4 – Gawad sa Manlilikhang Bayan

UNIT 3 – DIFFERENT CONTEMPORARY ART TECHNIQUES AND PERFORMANCE PRACTICES
Chapter 5 – Subject, Function, Medium, Organization and Style

UNIT 4 – CONTEMPORARY ARTS PRODUCTION
Chapter 6 – The Visual Arts: A Feast for the Eyes
Chapter 7 – The Auditory Arts: Of Sense and Sound
Chapter 8 – The Performing Arts: Stories that Move

CONTACT INFORMATION:

https://www.azespublishing.com

Bank Drive, Ortigas Center, 
Mandaluyong City, Philippines 1550 
Landline: +63 2 8515-9557 
Globe: +63 967-236-7338 
Smart: +63 961-362-2635 
sales@azespublishing.com 
azespublishingcorp@gmail.com 

Authorized Online Distributors

LAZADA 1

LAZADA 2

SHOPEE 1 

SHOPEE 3

CAROUSELL

Cloud Security Best Practices

Leave a reply

Two of the most common security issues in AWS are platform misconfigurations and credential mismanagement.  Although AWS offers many security features, if they are not used or not configured correctly, your applications and data will be vulnerable .  However, these common security issues can be easily mitigated using the following best practices:

1.  Use VPCs (virtual private clouds). Amazon Virtual Private Cloud (Amazon VPC) enables you to launch AWS resources into a virtual network that you’ve defined. This virtual network closely resembles a traditional network that you’d operate in your own data center. It is logically isolated from other virtual networks in the AWS Cloud. You can launch your AWS resources, such as Amazon EC2 instances, into your VPC.  You can apply security groups and access control lists to the VPC to secure it.

2. Limit administrative access with AWS Security Groups. A security group acts as a virtual firewall for your instance to control inbound and outbound traffic. When you launch an instance in a VPC, you can assign up to five security groups to the instance. For each security group, you add rules that control the inbound traffic to instances, and a separate set of rules that control the outbound traffic.  Security groups helps block attackers who may try to probe your AWS environment.

3. Lock down your root, domain, and administrator-level account credentials. For day-to-day operations, use your own account and only use these privileged accounts when absolutely necessary.  Don’t share passwords and only a handful of administrators should have possession of the passwords.

4.  Use IAM Roles. An IAM role is an IAM identity that you can create in your account that has specific permissions. An IAM role is similar to an IAM user, in that it is an AWS identity with permission policies that determine what the identity can and cannot do in AWS. However, instead of being uniquely associated with one person, a role is intended to be assumable by anyone who needs it. Also, a role does not have standard long-term credentials such as a password or access keys associated with it. Instead, when you assume a role, it provides you with temporary security credentials for your role session. IAM roles can be used to define permission levels for different resources and applications that run on EC2 instances. When you launch an EC2 instance, you can assign an IAM role to it, eliminating the need for your applications to use AWS credentials to make API requests. 

5. Enable Multi Factor Authentication (MFA). MFA is a simple best practice that adds an extra layer of protection on top of your user name and password. With MFA enabled, when a user signs in to an AWS website, they will be prompted for their user name and password (the first factor—what they know), as well as for an authentication response from their AWS MFA device (the second factor—what they have). Taken together, these multiple factors provide increased security for your AWS account settings and resources.

6. Mitigate distribute denial of service (DDoS) attacks by using elastic load balancing, auto scaling, Amazon Clouldfront, AWS WAF, or AWS Shield. AWS provides flexible infrastructure and services that help customers implement strong DDoS mitigations and create highly available application architectures.

7. Monitor your environment by using AWS tools including CloudTrail, CloudWatch and VPC Flow Logs.  They provide information about how data flows in and out of your AWS environment. They also provide data that you can mine and analyze to check intrusions, security breaches, and data leaks. You can also integrate these tools with third party applications that can perform thorough log analysis and event correlation.

Source: https://docs.aws.amazon.com/

Azes Publishing Corporation

Leave a reply

ANNOUNCEMENT

https://azespublishing.com/

We recently launched Azes Publishing Corporation – a publisher and distributor of Philippine textbooks.

Our mission is to provide the Philippine market with quality and affordable learning materials
from pre-school to post-graduate studies.

Our vision is to become an industry leader in the production and distribution of quality textbooks and other learning materials in the Philippines.

For more information, visit our website at https://azespublishing.com/

Using the Cloud for Disaster Recovery

Leave a reply

One of the common use cases for using the cloud, especially for companies with large on-prem data centers, is Disaster Recovery (DR).  Instead of building or continuing to maintain an expensive on-prem DR site, the cloud can provide a cheaper alternative for replicating and protecting your data.

There are many products and services out there for DR in the cloud.  If your company is using EMC devices – specifically Avamar and Data Domain (DD) – for data protection, you can replicate your virtual machines (VM) backup to AWS and be able to perform disaster recovery of your servers in AWS.  This solution is called Data Domain Cloud DR (DDCDR) and  it enables DD to backup to AWS S3 object storage. Data is sent securely and efficiently, requiring minimal compute cycles and footprint within AWS. In the event of a disaster, VM images can be restored and run from within AWS. Since neither Data Protection Suite nor DD are required in the cloud, compute cycles are only required in the event of a restore.

Backup Process

  • DDCDR requires that a customer with Avamar backup and Data Domain (DD) storage install an OVA which deploys an “add-on” to their on-prem Avamar/DD system and install a lightweight VM (Cloud DR server) utility in their AWS domain.
  • Once the OVA is installed, it will read the changed data and will segment, encrypt, and compress the backup data and then send this and the backup metadata to AWS S3 object storage.
  • Avamar/DD policies can be established to control how many daily backup copies are to be saved to S3 object storage. There’s no need for Data Domain or Avamar to run in AWS.

Restore Process

  • When there’s a problem at the primary data center, an admin can click on a Avamar GUI button and have the Cloud DR server uncompress, decrypt, rehydrate and restore the backup data into EBS volumes, translate the VMware VM image to an AMI image, and then restarts the AMI on an AWS virtual server (EC2) with its data on EBS volume storage.
  • The Cloud DR server will use the backup metadata to select the AWS EC2 instance with the proper CPU and RAM needed to run the application. Once this completes, the VM is running standalone, in an AWS EC2 instance. Presumably, you have to have EC2 and EBS storage volumes resources available under your AWS domain to be able to install the application and restore its data.

Source: https://www.dellemc.com/

Guiding Principles for Cloud Security

Leave a reply

To create a solid security for your servers, data, and applications hosted in the cloud, you must adhere to the following security guiding principles:

Perimeter Security

The first line of defense against attacks is perimeter security.  Creating private networks to restrict visibility into computing environment is one of them.   Micro-segmentation which  isolates applications and data with a hardened configuration is another one. Creating  a strong abstraction layer from hardware and virtualization environment will also strengthen perimeter security.  

Continuous Encryption

There shouldn’t be any more reason why data traversing the network (public or private) and data stored on storage arrays shouldn’t be encrypted.  Even the popular Google Chrome browser started to flag unencrypted websites to alert users.  Leverage cheap computing power, secure key management, and the Public Key Infrastructure to achieve data-in-transit and data-at-rest encryption. 

Effective Incident Response

Attacks to your servers, data, and applications in the cloud will definitely occur.  It’s just a question of “when” will it happen.  An effective incident response program – using automated and manual response – ready to be invoked once an attack occurs will lessen the pain of the breach.

Continuous Monitoring

Continuous and robust monitoring of your data, applications, and security tools and on-time alerting when security breach happens is a must.  In addition, easy integration of third party monitoring capabilities will also help in achieving sound monitoring system.

Resilient Operations

The infrastructure should be capable of withstanding attack.  For instance, you should maintain data and applications availability by mitigating DDoS attacks. The applications should continually function in the presence of ongoing attack.  In addition, there should be minimal degradation of performance as a result of environmental failures. Employing high availability, redundancy, and disaster recovery strategy will help achieve resilient operations.

Highly Granular Access Control

Organizations need to make sure that their employees and customers can access the resources and data they need, at the right time, from wherever they are. Conversely they need to make sure that bad actors are denied access as well.  They should have a strong cryptographic Identity and Access Management (AIM).  They should leverage managed Public Key Infrastructure service to authenticate users, restrict access to confidential information and verify the ownership of sensitive documents.

Secure Applications Development

Integrate security automation into DevOps practices (or DevSecOps), ensuring security is baked in, not bolted on.

Governance, Risk Management, Compliance

Finally, a great cloud security program should be properly governed, for instance, by having visibility of configurations. Risks should be managed by readily identifying gaps or other weakness.  Lastly, your security program should have broad regulatory and compliance certifications.