A cloud server or VPS (Virtual Private Server) is a fully-fledged server with its own operating system and well-defined hardware features only that unlike a classic server it shares physical resources with other virtual machines in this way more VPS can be run simultaneously on the same server (hypervisor).
This virtualization technique allows significant cost savings and an optimization of hardware resources as it is possible to run multiple operating systems on the same hardware.
Server Cloud – Pros cons
♦ Migration: It is possible to “move” (migrate) a VPS from one server (hypervisor) to another (even without interruption of service).
Example: You have created a VPS on a hypervisor in Italy and you want to move it to a server in America. With a VPS, as long as the Cloud Provider has another Datacenter in America, this can be done quickly.
♦ Scalability: It is the possibility of increasing or decreasing the hardware resources (CPU, RAM, Disk, etc) without rebuilding the VPS and in some cases without restarting it in full transparency to users who use the services provided.
Example: A VPS of 2 cores, 1 GB of RAM and 20 GB of disk has been created but after a few months we realize that the RAM memory is insufficient for the services provided and it is necessary to increase it. With a VPS it is very easy to solve this problem, just increase the RAM from the configuration panel and the new configuration will be applied (in the case of linux systems without the need to reboot).
♦ Autoscaling: It is the possibility to increase or decrease the resources (scaling) automatically according to well defined hardware policies. This technique is extremely valid in cases of load peaks.
Example: A VPS has been created with 2 cores, 1 GB of RAM and 20 GB but in some periods of the year due to the high user access these resources are not sufficient, then in this case it is possible to configure these policies:
a) If the CPU is at 90% for more than 1h then the CPU of a core increases every 30min for a maximum of 6 cores and then if the CPU is less than 10% for more than 1h decrease the CPU of a core every 30 min up to a minimum of 2 cores.
b) If the RAM is 99% for more than 1h then increase the RAM of 1Gb every 30min for a maximum of 32Gb and then if the RAM is less than 50% for more than 1h decrease the RAM of a core every 30 min until at a minimum of 1Gb.
♦ Low cost: by comparing the cost of a VPS to that of a fiscal server like hardware resources, the cost of a VPS is much lower, especially considering that some cost items are already included in the VPS fee. :
a) Energy consumption;
b) Internet band;
c) Cost of public IP addresses;
d) Costs related to housing (cooling, surveillance, etc);
f) Technical assistance.
♦ Shared resources: Depending on the configurations and characteristics of the Cloud Provider, some hardware resources, such as the CPU, could be shared so performance may be lower than a physical server. This condition is not always true as it is possible to request a 100% allocation on all hardware resources to your Cloud Provider.
Server Cloud – Limits:
- ♦ OS Virtualization: Not all operating systems and platforms can be virtualized (Eg AS400, Apple OS).
- ♦ Band: Although this is not an inherent problem of virtualization itself there could be latency differences in the Internet connection between a physical server in the company and a VPS if users are predominantly within the company and if the company has not an adequate Internet line.
Example: A physical server in the customer’s DMZ is accessed by its LAN users via a 10Gb line, if the server is virtualized and becomes a VPS at a Cloud provider, access to it is transmitted via the client’s Internet line which may be more slow.
Server Cloud – False myths:
- ♦ A VPS does not have the same performance as a physical server: By allocating 100% of the physical resources and correctly dimensioning a VPS the latter has nothing to envy to a physical server from a performance point of view.
- ♦ A VPS is less secure than a physical server: A VPS can have the same degree of security as a physical server because it is possible to adopt the same security measures (Firewall, Antivirus, Hardening, VPN) applicable to a Fiscal server.
Check out the Cloud Server
- The SOAR benefits: simplifying investigation and response
- Security Code Review: How the service works
- Integration of the automated response: the automations in SOCaaS
- Coordination between CTI and SOC: how to further raise the defenses
- New Cloud Server: redundant internet
- Quality certificate for the SOCaaS of SOD
- Managed Detection and Response: a new preventive approach
- CLUSIT: our collaboration for better services
- Backup as a Service (17)
- Cloud Conference (3)
- Cloud CRM (1)
- Cloud Server/VPS (22)
- Conferenza Cloud (4)
- ICT Monitoring (5)
- Log Management (2)
- News (21)
- ownCloud (4)
- Privacy (7)
- Secure Online Desktop (15)
- Security (170)
- Web Hosting (15)
- Forescout Launches Forescout Frontline to Help Organizations Tackle Ransomware and Real Time Threats May 25, 2022New threat hunting and risk identification service provides organizations with an enterprise-wide baseline of their threat landscape and risk exposure.
- Is Your Data Security Living on the Edge? May 25, 2022Gartner's security service edge fundamentally changes how companies should be delivering data protection in a cloud and mobile first world.
- Interpol's Massive 'Operation Delilah' Nabs BEC Bigwig May 25, 2022A sprawling, multiyear operation nabs a suspected SilverTerrier BEC group ringleader, exposing a massive attack infrastructure and sapping the group of a bit of its strength.
- JFrog Launches Project Pyrsia to Help Prevent Software Supply Chain Attacks May 25, 2022Open source software community initiative utilizes blockchain technology.
- Mastercard Launches Cybersecurity “Experience Centre” May 25, 2022Experience Centre features emerging Mastercard products and solutions for securing digital payments on a global scale, including those developed locally in Vancouver.
- Qualys to Unveil VMDR 2.0 at Qualys Security Conference in San Francisco May 25, 2022Company will detail enhancements to Vulnerability Management, Detection and Response solution next month.
- Corelight Announces New SaaS Platform for Threat Hunting May 25, 2022Corelight Investigator aids threat hunting and investigation through intelligent alert aggregation, built-in queries and scalable search
- Cybersecurity-Focused SYN Ventures Closes $300 Million Fund II May 25, 2022Cylance co-founder Ryan Permeh has joined full time as an operating partner.
- Vishing Attacks Reach All Time High, According to Latest Agari and PhishLabs Report May 25, 2022According to the findings, vishing attacks have overtaken business email compromise as the second most reported response-based email threat since Q3 2021.
- Zero-Click Zoom Bug Allows Code Execution Just by Sending a Message May 25, 2022Google has disclosed a nasty set of six bugs affecting Zoom chat that can be chained together for MitM and RCE attacks, no user interaction required.
- Disclosing Vulnerability of CLink Office 2.0 May 23, 2022Posted by chan chan on May 23Dear Sir/Madam, I would like to submit a vulnerability found on CLink Office 2.0. I had contacted the vendor 60 days before but in vain. # Exploit Title: Multiple blind SQL injection vulnerabilities in in CLink Office 2.0 Anti-Spam management console # Date: 30 Mar 2022 # Exploit Author: […]
- [tool] tplink backup decryptor. May 23, 2022Posted by retset on May 23Yet another "tool" to decrypt a backup configs for some tplink wifi routers. Only tested on latest fw for "Archer C7". I hope that it will be useful for someone. https://github.com/ret5et/tplink_backup_decrypt_2022.bin
- SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP® Application Server, ABAP and ABAP® Platform (Different Software Components) May 18, 2022Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on May 18SEC Consult Vulnerability Lab Security Advisory < 20220518-0 > ======================================================================= title: Multiple Critical Vulnerabilities product: SAP® Application Server ABAP and ABAP® Platform (Different Software Components) vulnerable version: see section "Vulnerable / tested versions" fixed version: see SAP security notes...
- PHPIPAM 1.4.4 - CVE-2021-46426 May 18, 2022Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-03/2022 ]========================== PHPIPAM - Version 1.4.4 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents ]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability […]
- LiquidFiles - 3.4.15 - Stored XSS - CVE-2021-30140 May 18, 2022Posted by Rodolfo Augusto do Nascimento Tavares via Fulldisclosure on May 18=====[ Tempest Security Intelligence - ADV-12/2021 ]========================== LiquidFiles - 3.4.15 Author: Rodolfo Tavares Tempest Security Intelligence - Recife, Pernambuco - Brazil =====[ Table of Contents]================================================== * Overview * Detailed description * Timeline of disclosure * Thanks & Acknowledgements * References =====[ Vulnerability...
- Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! May 18, 2022Posted by malvuln on May 18Watch multiple LockBit Ransom get DESTROYED Mass PWNAGE at scale! https://www.youtube.com/watch?v=eg3l8a_HSSU
- github.com/malvuln/RansomDLLs / Catalog of current DLLs affecting vulnerable Ransomware strains. May 18, 2022Posted by malvuln on May 18Reference list for my Ransomware exploitation research. Lists current DLLs I have seen to date that some ransomware search for, which I have used successfully to hijack and intercept vulnerable strains executing arbitrary code pre-encryption. https://github.com/malvuln/RansomDLLs
- APPLE-SA-2022-05-16-2 macOS Monterey 12.4 May 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-2 macOS Monterey 12.4 macOS Monterey 12.4 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213257. AMD Available for: macOS Monterey Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed […]
- APPLE-SA-2022-05-16-6 tvOS 15.5 May 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-6 tvOS 15.5 tvOS 15.5 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213254. AppleAVD Available for: Apple TV 4K, Apple TV 4K (2nd generation), and Apple TV HD Impact: An application may be able to execute arbitrary code with kernel […]
- APPLE-SA-2022-05-16-5 watchOS 8.6 May 17, 2022Posted by Apple Product Security via Fulldisclosure on May 16APPLE-SA-2022-05-16-5 watchOS 8.6 watchOS 8.6 addresses the following issues. Information about the security content is also available at https://support.apple.com/HT213253. AppleAVD Available for: Apple Watch Series 3 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A use after free […]
Security Awareness, la sicurezza aziendale parte dai dipendenti. L'ingegneria sociale fa spesso leva sull'ignoranza… https://t.co/nGAs70Ofn5
Torna all'inizio Scopri i nostri servizi di Cyber SecurityTroverai sicuramente quello che fa al caso tuo Se vuoi m… https://t.co/Emm5kUfFc4
Estimated reading time: 6 minutes Today we see one of the latest additions to our SOCaaS, the Autonomous Threat… https://t.co/QNvHnKbEqq
Estimated reading time: 6 minutes The Security Code Review (SCR) service is increasingly used by companies l… https://t.co/rJmYXr1oCj
Estimated reading time: 6 minutes Il servizio di Security Code Review (SCR) è sempre più utilizzato dalle aziende… https://t.co/g2ho2C8FYh