anuboggaram
asked on
How to set security group of amazon cloud to safely allow ports like FTP, MSDTC, MSMQ and filesharing etc.,
Hi Experts,
Currently launched few servers on Amazon cloud and I am looking for some security solution for cloud servers.
1. Looking for a tool where i can store all instances ip address with servername and use them to remote login when ever required instead of looking in to document everytime. If the tool has secured(encrypted login) login would be great.
2. Right now i have put rules in security group such a way that the RDP occurs only through corporate firewall by making entry as below.
Protocol from port to port source ip
RDP tcp 3389 3389 firewall ip/34
Similarly i want to secure other ports opened for sql, ftp and msmq etc.,
I cannot make same rule as ftp is used by clients.
other sql and msmq ports are opened as sql installed on different instances has to communicate. How do i make a rule that this communication should happen across onlu cloud infra?
rotocol from port to port source ip
- tcp 21 21 0.0.0.0/0
- tcp 1023 1024 0.0.0.0/0
- tcp 3372 3372 0.0.0.0/0
How do i make sure that allowing these ports are secure or safe. Is there a solution to make these ports open but from only cloud servers or from my office network?
Please help. thnx in advance.
Currently launched few servers on Amazon cloud and I am looking for some security solution for cloud servers.
1. Looking for a tool where i can store all instances ip address with servername and use them to remote login when ever required instead of looking in to document everytime. If the tool has secured(encrypted login) login would be great.
2. Right now i have put rules in security group such a way that the RDP occurs only through corporate firewall by making entry as below.
Protocol from port to port source ip
RDP tcp 3389 3389 firewall ip/34
Similarly i want to secure other ports opened for sql, ftp and msmq etc.,
I cannot make same rule as ftp is used by clients.
other sql and msmq ports are opened as sql installed on different instances has to communicate. How do i make a rule that this communication should happen across onlu cloud infra?
rotocol from port to port source ip
- tcp 21 21 0.0.0.0/0
- tcp 1023 1024 0.0.0.0/0
- tcp 3372 3372 0.0.0.0/0
How do i make sure that allowing these ports are secure or safe. Is there a solution to make these ports open but from only cloud servers or from my office network?
Please help. thnx in advance.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This question has been classified as abandoned and is being closed as part of the Cleanup Program. See my comment at the end of the question for more details.
ASKER
I will go through the tool and see how far i can utilise it.
Coming to security group for limiting access among only cloud servers -
when i enter 10.0.0.0/8 for 445, & 1433\34 files are not shared among cloud servers and sql is not getting connected to another sql on different instance, Links server is not working respectively.
How to restrict all these ports to cloud instances??