☁️Transitioning to Cloud-Based Architecture with Docker Containers

Description

This lab focuses on the transition from a traditional server cluster to a cloud-based architecture. Traditional web applications rely on tightly controlled networks, with network security managed at the entry point. In contrast, cloud-based systems involve provisioning services from cloud providers, such as load balancers and database servers, which can be connected via a virtual network. This setup can offer similar security to traditional models but requires trust in the cloud vendor.

An alternative approach explored in this lab is the zero-trust model, where all resources require credentials and communication channels are encrypted. The lab involves designing a cloud-based system to scale client-facing servers using Docker containers, provisioning machines from various cloud providers, and maintaining a private Docker registry for container images. Initial stages include keeping the registry and persistent storage in-house. Future labs will cover identity and access management and advanced security tools.

Languages and Utilities Used

• SCAP
• Wazuh
• Docker
• Dia

Environments Used

• vWorkstation
• SecServer
• pfSense
• DockerServer
• DockerRunner (21H2)

Program Reflection & Code:

Created Cloud architecture diagram via Dia:


Scan machines using SCAP documents & Customize a SCAP profile:


Enable SCAP scans in Wazuh:


Enable SCAP scans in Wazuh:


Enable Docker scans in Wazuh: