Scribd
Upload
441 views1 page

Public Cloud Comparison

The document compares security features across major cloud providers including AWS, Azure, Google, Oracle, IBM, and Alibaba. It outlines key security capabilities for each provider across various categories such as firewalls, intrusion detection/prevention, web application firewalls, encryption, identity and access management, logging/auditing, and networking.

Uploaded by

crengifof
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
441 views1 page

Public Cloud Comparison

The document compares security features across major cloud providers including AWS, Azure, Google, Oracle, IBM, and Alibaba. It outlines key security capabilities for each provider across various categories such as firewalls, intrusion detection/prevention, web application firewalls, encryption, identity and access management, logging/auditing, and networking.

Uploaded by

crengifof
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

ON-PREMISES AWS AZURE GOOGLE ORACLE IBM ALIBABA

Firewall & Security Groups Network Security Groups Cloud Armor


VCN Security Lists Cloud Security Groups NAT Gateway
ACLs AWS Network ACLs (NSG) VPC Firewall

Anti-Bot Service
IPS/IDS 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only
Website Threat Inspector

Web Application Firewall AWS WAF


Application Gateway Cloud Armor Oracle Dyn WAF Cloud Internet Services Web Application Firewall
(WAF) AWS Firewall Manager

SIEM & AWS Security Hub Azure Sentinel Stackdriver Monitoring Oracle Security IBM Log Analysis
ActionTrail
Log Analytics Amazon GuardDuty Azure Monitor Stackdriver Logging Monitoring and Analytics Cloud Activity Tracker

Microsoft Antimalware /
Antimalware 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only Server Guard
Azure Security Center

Data Loss Prevention Information Protection Cloud Data Loss


Amazon Macie 3rd Party Only 3rd Party Only Web Application Firewall
(DLP) (AIP) Prevention API

Key Management Service Cloud Key Management Cloud Infrastructure Key Key Protect
Key Management Key Vault Key Management Service
(KMS) Service Management Cloud Security

Storage Encryption for Part of Google Cloud Cloud Infrastructure Block Hyper Protect Crypto
Encryption At Rest Elastic Block Storage Object Storage Service
Data at Rest Platform Volume Services

DDoS Protection AWS Shield Built-in DDoS defense Cloud Armor Built-in DDoS defense Cloud Internet Services Anti-DDoS

Office Advanced Threat Various controls


Email Protection 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only
Protection embedded in G-Suite

SSL Decryption Server Load Balancer


Elastic Load Balancer Application Gateway HTTPS Load Balancing 3rd Party Only Cloud Load Balancer
Reverse Proxy (SLB)

Endpoint Protection 3rd Party Only Microsoft Defender ATP 3rd Party Only 3rd Party Only 3rd Party Only Server Guard

Cloud SSL Certificates


Certificate Management AWS Certificate Manager Key Vault 3rd Party Only 3rd Party Only Certificate Manager
Service

Amazon EC2 Container Azure Container Service Containers - Trusted


Container Security Kubernetes Engine Oracle Container Services Container Registry
Service (ECS) (ACS) Compute

Identity and Access Identity and Access Cloud Identity Oracle Cloud Cloud IAM Resource Access
Azure Active Directory
Management Management (IAM) Cloud IAM Infrastructure IAM App ID Management

Privileged Access Azure AD Privileged


3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only
Management (PAM) Identity Management

Multi-Factor Oracle Cloud Resource Access


AWS MFA Azure Active Directory Security Key Enforcement App ID
Authentication (MFA) Infrastructure IAM Management

Centralized Logging / VPC Flow Logs Oracle Cloud


CloudWatch / S3 bucket Azure Audit Logs Log Analysis with LogDNA Log Service
Auditing Access Transparency Infrastructure Audit

Elastic Load Balancer / Cloud Load Balancing Cloud Infrastructure Load


Load Balancer Azure Load Balancer Cloud Load Balancer Server Load Balancer
CloudFront HTTPS Load Balancing Balancing

Virtual Private Cloud Virtual Private Cloud Virtual Cloud Network Virtual Private Cloud
LAN Virtual Network VLANs
(VPC) Network (VPC) (VCN) (VPC)

VPN Gateway
WAN Direct Connect ExpressRoute Dedicated Interconnect FastConnect Direct Link
Express Connect

VPC Customer Gateway Virtual Network Dynamic Routing IPSec VPN


VPN Google VPN VPN Gateway
AWS Transit Gateway SSTP Gateway (DRG) Secure Gateway

Governance Risk and AWS CloudTrail Cloud Security Command


Azure Policy 3rd Party Only 3rd Party Only ActionTrail
Compliance Monitoring AWS Compliance Center Center

AWS Backup Azure Backup Object Versioning


Backup and Recovery Archive Storage IBM Cloud Backup Hybrid Backup Recovery
Amazon S3 Glacier Azure Site Recovery Cloud Storage Nearline

Amazon Inspector Security Vulnerability Cloud Security Advisor Server Guard


Vulnerability Assessment Azure Security Center Cloud Security Scanner
AWS Trusted Advisor Assessment Service Vulnerability Advisor Website Threat Inspector

Patch Management AWS Systems Manager Update Management 3rd Party Only 3rd Party Only IBM Cloud Orchestrator 3rd Party Only

Azure Automation Application Configuration


Change Management AWS Config 3rd Party Only 3rd Party Only 3rd Party Only
(Change Tracking) Management (ACM)

Mapping of On-Premises Security Controls vs Major Cloud Providers Version 4.4 Mar 2019 © Adrian Grigorof, Marius Mocanu

You might also like