SMTP from a fixed IP Address

SMTP from a fixed IP Address

We commonly need to allow legacy systems to send SMTP email, allowing them to select from arbitrary addresses in our domain. This might include network monitoring, blogs, wikis, websites, etc.
For spam prevention purposes, our SMTP servers also prohibit relaying, allowing the system-administrator to whitelist a set of IP’s.
In the public cloud, those IP’s can be inherently unknowable, variable, changing, broad.

Security Surprises in Cloud Migration

Security Surprises in Cloud Migration

You’ve long run a successful private data centre. Your security practices are strong. You use vlans with a great firewall between them. Your physical security is strong. You patch religiously. You audit all connections into your SIEM.

Suddenly a cloud migration looms. Its all different. No vlan’s. So much NAT and proxy makes the audit useless. What other surprises lurk? Watch to find out!

IP audit transparency after NAT

IP audit transparency after NAT

A best practice is to audit connections. These audit records are consumed by SIEM systems.

In an orchestrated public cloud, we often have proxy servers hiding the origin IP. We also commonly have NAT performed by the cloud load-balancer.

Here we explain how you can obtain IP transparency through these systems, allowing your existing SIEM, fail-to-ban, geo-ip restriction, etc., systems to work without change, and without losing the elastic benefits these NAT and load balancers provide.