AWS re:Inforce 2024
Aws Well Architected for Network Security Featuring Mercado Libre Nis301

Title: AWS re:Inforce 2024 - AWS Well-Architected for network security, featuring Mercado Libre (NIS301)

Insights:

  • Introduction and Participants: The session was introduced by Alpana Gulab, a solution architect from South Africa, joined by Ash, a senior solution architect from Dubai, and Kevin Goldsmith, the cloud security technical lead for Mercado Libre (MELI).
  • Mercado Libre Overview: Mercado Libre is the largest online commerce and payments provider in Latin America, operating in 18 countries with 144 million active users.
  • AWS Well-Architected Framework: The framework consists of six pillars focusing on performance, reliability, scalability, and security. The session emphasized the security pillar, which includes identity and access management, detection control, infrastructure protection, data protection, and incident response.
  • Infrastructure Protection: AWS offers multiple layers of security controls, including Amazon VPC, PrivateLink, Firewall Manager, and AWS Network Firewall. These tools help in launching resources in isolated networks, managing firewall rules, and deploying network security across VPCs.
  • Detection Controls: AWS provides tools like AWS CloudTrail, VPC flow logs, Amazon GuardDuty, and Amazon CloudWatch for monitoring and detecting security violations. These tools help in tracking user activities, auditing accounts, and setting alarms for unusual behaviors.
  • Network Firewall Deployment Models: The session discussed three deployment models for AWS Network Firewall: distributed, centralized, and combined. Each model has its own advantages and challenges in terms of cost, management, and scalability.
  • Centralized Deployment Model: This model uses a Transit Gateway to connect multiple VPCs and centralizes security in an inspection VPC. It simplifies management and reduces costs by using a single firewall for all traffic inspection.
  • Mercado Libre's Implementation: Kevin Goldsmith explained how Mercado Libre scaled traffic inspection using AWS Network Firewall. They implemented a multi-environment solution to increase visibility and control over outbound traffic while reducing maintenance and management.
  • Visibility and Log Analysis: Logs generated by the network firewall are enriched with contextual information and analyzed for entity behavior, anomaly detection, and cost allocation. This helps in identifying misconfigurations and reducing costs.
  • Rules API: Mercado Libre developed a Rules API to manage firewall rules across different environments. This API allows for automated rule deployment and management, enhancing security and compliance.

Quotes:

  • "At AWS, security is our top priority. Protecting our customers has always been our number one priority, and security has always been our number one investment area."
  • "Organizations that have security at their core often are able to drive faster digital innovation and digital transformation."
  • "AWS is architected to be the most secure global cloud infrastructure."
  • "Customers that use AWS automatically inherit global security and compliance controls."
  • "We wanted to increase visibility and control on outbound traffic while reducing maintenance and management, having a multi-tenant perspective."
  • "With EnrichedLogs, we can now know how much traffic each business unit or each tenant is generating, and we can allocate the cost to them."
  • "The Rules API will be the one that will translate the rules that we need into the firewall manager language."

This document provides a comprehensive overview of the session, highlighting the key points and insights discussed, along with notable quotes that capture the essence of the presentation.

Aws Security Partners Maximize Visibility Accelerate Growth Ptn121Balancing Responsible Ai Privacy and Data Protection on Aws Gai223