Scribd
Upload
148 views

AWS On-Premises Azure Oracle IBM Alibaba: Google

The document compares security features across major cloud providers including AWS, Azure, Google Cloud, Oracle Cloud, IBM Cloud, and Alibaba Cloud. It outlines key security capabilities for each provider such as firewalls, intrusion detection/prevention, web application firewalls, security information and event management, antivirus, privileged access management, encryption, vulnerability management, identity and access management, load balancing, and containers. Overall, the table provides a high-level view of the security controls and services offered natively by each cloud platform.

Uploaded by

bsrprop
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
148 views

AWS On-Premises Azure Oracle IBM Alibaba: Google

The document compares security features across major cloud providers including AWS, Azure, Google Cloud, Oracle Cloud, IBM Cloud, and Alibaba Cloud. It outlines key security capabilities for each provider such as firewalls, intrusion detection/prevention, web application firewalls, security information and event management, antivirus, privileged access management, encryption, vulnerability management, identity and access management, load balancing, and containers. Overall, the table provides a high-level view of the security controls and services offered natively by each cloud platform.

Uploaded by

bsrprop
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

ON-PREMISES AWS AZURE GOOGLE ORACLE IBM ALIBABA

Firewall & Security Groups Network Security Groups Cloud Armor


VCN Security Lists Cloud Security Groups NAT Gateway
ACLs AWS Network ACLs (NSG) VPC Firewall

Anti-Bot Service
IPS/IDS 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only
Website Threat Inspector

Web Application Firewall AWS WAF


Application Gateway Cloud Armor Oracle Dyn WAF Cloud Internet Services Web Application Firewall
(WAF) AWS Firewall Manager

SIEM AWS Security Hub Advanced Log Analytics Stackdriver Monitoring Oracle Security IBM Log Analysis
ActionTrail
Log Analytics Amazon GuardDuty Azure Monitor Stackdriver Logging Monitoring and Analytics Cloud Activity Tracker

Microsoft Antimalware /
Antimalware 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only Server Guard
Azure Security Center

Privileged Access Azure AD Privileged


3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only
Management (PAM) Identity Management

Data Loss Prevention Information Protection Cloud Data Loss


Amazon Macie 3rd Party Only 3rd Party Only Web Application Firewall
(DLP) (AIP) Prevention API

Amazon Inspector Security Vulnerability Cloud Security Advisor Server Guard


Vulnerability Assessment Azure Security Center Cloud Security Scanner
AWS Trusted Advisor Assessment Service Vulnerability Advisor Website Threat Inspector

Office Advanced Threat Various controls


Email Protection 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only
Protection embedded in G-Suite

SSL Decryption Server Load Balancer


Elastic Load Balancer Application Gateway HTTPS Load Balancing 3rd Party Only Cloud Load Balancer
Reverse Proxy (SLB)

VPC Customer Gateway Virtual Network Dynamic Routing IPSec VPN


VPN Google VPN VPN Gateway
AWS Transit Gateway SSTP Gateway (DRG) Secure Gateway

Key Management Service Cloud Key Management Cloud Infrastructure Key Key Protect
Key Management Key Vault Key Management Service
(KMS) Service Management Cloud Security

Storage Encryption for Part of Google Cloud Cloud Infrastructure Block Hyper Protect Crypto
Encryption At Rest Elastic Block Storage Object Storage Service
Data at Rest Platform Volume Services

DDoS AWS Shield Built-in DDoS defense Cloud Armor Built-in DDoS defense Cloud Internet Services Anti-DDoS

Identity and Access Identity and Access Cloud Identity Oracle Cloud Cloud IAM Resource Access
Azure Active Directory
Management Management (IAM) Cloud IAM Infrastructure IAM App ID Management

Multi-Factor Oracle Cloud Resource Access


AWS MFA Azure Active Directory Security Key Enforcement App ID
Authentication Infrastructure IAM Management

Centralized Logging / VPC Flow Logs Oracle Cloud


CloudWatch / S3 bucket Azure Audit Logs Log Analysis with LogDNA Log Service
Auditing Access Transparency Infrastructure Audit

Elastic Load Balancer / Cloud Load Balancing Cloud Infrastructure Load


Load Balancer Azure Load Balancer Cloud Load Balancer Server Load Balancer
CloudFront HTTPS Load Balancing Balancing

Virtual Private Cloud Virtual Private Cloud Virtual Cloud Network Virtual Private Cloud
LAN Virtual Network VLANs
(VPC) Network (VPC) (VCN) (VPC)

VPN Gateway
WAN Direct Connect ExpressRoute / MPLS Dedicated Interconnect FastConnect Direct Link
Express Connect

Endpoint Protection 3rd Party Only Microsoft Defender ATP 3rd Party Only 3rd Party Only 3rd Party Only Server Guard

App Service Certificates Cloud SSL Certificates


Certificate Management AWS Certificate Manager 3rd Party Only 3rd Party Only Certificate Manager
Azure Key Vault Service

Amazon EC2 Container Azure Container Service Containers - Trusted


Container Security Kubernetes Engine Oracle Container Services Container Registry
Service (ECS (ACS) Compute

Governance Risk and AWS CloudTrail Cloud Security Command


Azure Policy 3rd Party Only 3rd Party Only ActionTrail
Compliance Monitoring AWS Compliance Center Center

AWS Backup Azure Backup Object Versioning


Backup and Recovery Archive Storage IBM Cloud Backup Hybrid Backup Recovery
Amazon S3 Glacier Azure Site Recovery Cloud Storage Nearline

Mapping of On-Premises Security Controls vs Major Cloud Providers Version 3.3 Feb 2019 © Adrian Grigorof, Marius Mocanu

You might also like