Yesterday was challenge 2 for this years Virtual Design Master and what a gruelling week it was especially the defence. This weeks challenge was to take the design from week 1 and document how the infrastructure would fair against a malware infection such as ransonware. My original design had some security measures such as NSX distributed firewalls and Rubrik for recovery. I took this and elaborated further on my original design and approached as if the malware was contained and what further security measures I could add. The challenge was
I added an edge cluster in my VMware environment, vSAN encryption and further NSX integration with 3rd party security vendor Trend Micro. I then added some security practices in AWS for my application as well as introduction Splunk. I followed it up with a walk through as to how to recover from a malware infection and I tried to include some Terraform code for good measure. My design looked like this
I was cool to dig a bit deeper into AWS and look at new products such as Splunk these challenges are certainly taking me out of my comfort zone. The defence was tough and to their credit questioned me on things in my design that was weak such as AppArmour which I only just come across and as the competition goes on I can only see them getting tougher.
I made it through this week with the next challenge pointing to provisioning and orchestration at the application layer, time for forget that comfort zone and dive in.