\uae30\uc5c5\ub4e4\uc774 \ud074\ub77c\uc6b0\ub4dc \ud658\uacbd\uc73c\ub85c \uc804\ud658\ud568\uc5d0 \ub530\ub77c \ub124\ud2b8\uc6cc\ud06c \ubcf4\uc548 \ubb38\uc81c\uac00 \uc810\uc810 \ub354 \uc911\uc694\ud574\uc9c0\uace0 \uc788\uc2b5\ub2c8\ub2e4. AWS \ud074\ub77c\uc6b0\ub4dc \ud658\uacbd\uc5d0\uc11c \ud6a8\uacfc\uc801\uc778 \uce68\uc785 \ud0d0\uc9c0(IDS, \uce68\uc785 \ud0d0\uc9c0 \uc2dc\uc2a4\ud15c)\ub97c \uad6c\ud604\ud558\ub294 \ubc29\ubc95\uc740 \uae30\uc5c5 \ubcf4\uc548 \uc544\ud0a4\ud14d\ucc98 \uc124\uacc4\uc758 \uc911\uc694\ud55c \ubd80\ubd84\uc774 \ub418\uc5c8\uc2b5\ub2c8\ub2e4. \ubcf8 \ubb38\uc11c\uc5d0\uc11c\ub294 \uae30\uc5c5\uc774 \ud074\ub77c\uc6b0\ub4dc\uc5d0\uc11c \uc9c0\ub2a5\ud615 \ubcf4\uc548 \ubcf4\ud638 \uc2dc\uc2a4\ud15c\uc744 \uad6c\ucd95\ud560 \uc218 \uc788\ub3c4\ub85d AWS \uae30\ubc18 IDS\uc758 \uad6c\ud604 \ubc29\ubc95, \uc8fc\uc694 \uad6c\uc131 \uc694\uc18c \ubc0f \uc77c\ubc18\uc801\uc778 \uc801\uc6a9 \uc2dc\ub098\ub9ac\uc624\ub97c \uc124\uba85\ud569\ub2c8\ub2e4.<\/p>\n
<\/p>\n
IDS \ub610\ub294 \uce68\uc785 \ud0d0\uc9c0 \uc2dc\uc2a4\ud15c\uc740 \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d\uc774\ub098 \uc2dc\uc2a4\ud15c \ub85c\uadf8\ub97c \ubd84\uc11d\ud558\uc5ec \uc8fc\ub85c \uc545\uc131 \ud65c\ub3d9\uc744 \uc2dd\ubcc4\ud558\ub294 \uc218\ub3d9\uc801\uc778 \ubcf4\uc548 \ubc29\uc5b4 \uba54\ucee4\ub2c8\uc998\uc785\ub2c8\ub2e4.<\/p>\n
IPS(\uce68\uc785\ubc29\uc9c0\uc2dc\uc2a4\ud15c)\uc640 \ub2ec\ub9ac IDS\ub294 \uacf5\uaca9\uc744 \uc801\uadf9\uc801\uc73c\ub85c \ucc28\ub2e8\ud558\ub294 \uac83\uc774 \uc544\ub2c8\ub77c "\ud0d0\uc9c0 + \uacbd\ubcf4 + \uc18c\uc2a4 \ucd94\uc801 \ubd84\uc11d"\uc5d0 \uc9d1\uc911\ud569\ub2c8\ub2e4. \ud604\ub300 \ud074\ub77c\uc6b0\ub4dc \ucef4\ud4e8\ud305 \ud658\uacbd\uc5d0\uc11c \ubcf4\uc548 \ubaa8\ub2c8\ud130\ub9c1 \uc804\ucd08\uae30\uc9c0 \uc5ed\ud560\uc744 \ud558\ub294 IDS \uc2dc\uc2a4\ud15c\uc740 \uae30\uc874 \uad6d\uacbd \ubcf4\uc548 \uc2dc\uc2a4\ud15c\uc758 \ub2e8\uc810\uc744 \ud6a8\uacfc\uc801\uc73c\ub85c \ubcf4\uc644\ud560 \uc218 \uc788\uc73c\uba70, \uae30\uc5c5\uc758 \uc2ec\uce35\uc801\uc778 \ubc29\uc5b4 \uc5ed\ub7c9\uc744 \uac15\ud654\ud558\ub294 \uc911\uc694\ud55c \uc218\ub2e8\uc785\ub2c8\ub2e4.<\/p>\n
<\/p>\n
AWS\ub294 "IDS"\ub77c\ub294 \uc81c\ud488\uc744 \uc9c1\uc811 \uc81c\uacf5\ud558\uc9c0\ub294 \uc54a\uc9c0\ub9cc, \uae30\uc5c5\uc740 \ud074\ub77c\uc6b0\ub4dc \uae30\ubc18 \uc11c\ube44\uc2a4, \uc624\ud508\uc18c\uc2a4 \ub3c4\uad6c, \ud0c0\uc0ac \ubcf4\uc548 \uc194\ub8e8\uc158\uc744 \uacb0\ud569\ud558\uc5ec \uc644\ubcbd\ud55c \uce68\uc785 \ud0d0\uc9c0 \uae30\ub2a5 \uc2dc\uc2a4\ud15c\uc744 \uad6c\ucd95\ud558\uc5ec \uaddc\ubaa8\uc640 \ubcf4\uc548 \uc218\uc900\uc774 \ub2e4\ub978 \uae30\uc5c5\uc758 \uc694\uad6c \uc0ac\ud56d\uc744 \ucda9\uc871\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n
AWS\uc5d0\uc11c\uc758 \uc8fc\uc694 IDS \uad6c\ud604 \ubc29\ubc95:<\/p>\n
\uc544\ub9c8\uc874 \uac00\ub4dc\ub4c0\ud2f0<\/strong> GuardDuty\ub294 CloudTrail, VPC \ud50c\ub85c\uc6b0 \ub85c\uadf8, DNS \ub85c\uadf8\uc758 \ub3d9\uc791 \ub370\uc774\ud130\ub97c \uc790\ub3d9\uc73c\ub85c \ubd84\uc11d\ud558\uc5ec \uacc4\uc815 \ud0c8\ucde8, \uc545\uc131 \ud1b5\uc2e0, \ube44\uc815\uc0c1\uc801\uc778 API \ud638\ucd9c \ub4f1 \uc7a0\uc7ac\uc801 \ubcf4\uc548 \uc704\ud611\uc744 \uc2dd\ubcc4\ud558\ub294 AWS \ub124\uc774\ud2f0\ube0c \uc9c0\ub2a5\ud615 \uc704\ud611 \ud0d0\uc9c0 \uc11c\ube44\uc2a4\uc785\ub2c8\ub2e4. \ucd94\uac00 \uc778\ud504\ub77c \uad6c\ucd95 \uc5c6\uc774 \ubc14\ub85c \uc0ac\uc6a9 \uac00\ub2a5\ud558\uba70, \ubaa8\ub4e0 AWS \uc0ac\uc6a9\uc790\uac00 \uc0ac\uc6a9\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n VPC \ud2b8\ub798\ud53d \ubbf8\ub7ec\ub9c1 + \uc624\ud508 \uc18c\uc2a4 IDS(\uc608: Suricata\/Snort)<\/strong> VPC \ud2b8\ub798\ud53d \ubbf8\ub7ec\ub9c1 \uae30\ub2a5\uc744 \ud1b5\ud574 \ud2b9\uc815 \uc11c\ube0c\ub137 \ub610\ub294 \uc778\uc2a4\ud134\uc2a4\uc758 \ub124\ud2b8\uc6cc\ud06c \ud2b8\ub798\ud53d\uc744 \uc804\uc6a9 \ud0d0\uc9c0 \uc778\uc2a4\ud134\uc2a4\ub85c \ubcf5\uc0ac\ud558\uace0, \uc624\ud508\uc18c\uc2a4 IDS \ub3c4\uad6c\ub97c \ud65c\uc6a9\ud558\uc5ec \uc2ec\uce35 \ud328\ud0b7 \uac80\uc0ac \ubc0f \uacf5\uaca9 \uc2dd\ubcc4\uc744 \uc218\ud589\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. \uc774 \ubc29\ubc95\uc740 \ub354\uc6b1 \uc720\uc5f0\ud558\uace0 \ub0b4\ubd80 \ud1b5\uc2e0\uc5d0 \ub300\ud55c \uc138\ubc00\ud55c \ubaa8\ub2c8\ud130\ub9c1\uc744 \uac00\ub2a5\ud558\uac8c \ud558\uba70, \uae08\uc735 \ubc0f \ud1b5\uc2e0\uacfc \uac19\uc774 \ubcf4\uc548\uc774 \ub9e4\uc6b0 \uc911\uc694\ud55c \uc0b0\uc5c5\uc5d0 \uc801\ud569\ud569\ub2c8\ub2e4.<\/p>\n \ud074\ub77c\uc6b0\ub4dc\ud2b8\ub808\uc77c + \uc544\ud14c\ub098 + \ub78c\ub2e4<\/strong> CloudTrail\uc5d0\uc11c \ucea1\ucc98\ud55c \uc791\uc5c5 \ub85c\uadf8\ub97c Athena \ucffc\ub9ac \uc5d4\uc9c4\uacfc Lambda \uc790\ub3d9 \ucc98\ub9ac \uba54\ucee4\ub2c8\uc998\uacfc \uacb0\ud569\ud558\uc5ec \uc0ac\uc6a9\ud558\uba74 \uacf5\uaca9 \ub3d9\uc791 \uae30\ub2a5 \uaddc\uce59\uc744 \uc0ac\uc6a9\uc790 \uc9c0\uc815\ud558\uace0 \ub300\uc751 \uc791\uc5c5\uc744 \ud2b8\ub9ac\uac70\ud558\uc5ec \ub85c\uadf8 \uae30\ubc18 \uce68\uc785 \ud0d0\uc9c0 \ud504\ub85c\uc138\uc2a4\ub97c \uad6c\ud604\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n AWS Marketplace \ubcf4\uc548 \uc81c\ud488<\/strong> AWS Marketplace\ub294 Palo Alto, Trend Micro, Splunk \ub4f1 \ub2e4\uc591\ud55c \ubcf4\uc548 \uc5c5\uccb4\uc758 \uc81c\ud488\uc744 \uc81c\uacf5\ud569\ub2c8\ub2e4. \uae30\uc5c5\uc740 \uc2e4\uc81c \ud544\uc694\uc5d0 \ub530\ub77c \ub354\uc6b1 \uac15\ub825\ud55c IDS\/IPS \uc2dc\uc2a4\ud15c\uc744 \uad6c\ucd95\ud558\uace0 SIEM \ud50c\ub7ab\ud3fc\uacfc \ud1b5\ud569\ud558\uc5ec \ubcf4\uc548 \uc0ac\uace0 \uc2dc\uac01\ud654 \ubc0f \ucc98\ub9ac \uc5ed\ub7c9\uc744 \uac15\ud654\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n AWS WAF + AWS \uc2e4\ub4dc<\/strong> WAF\ub294 \uc6f9 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \ubcf4\ud638\uc5d0 \ub354 \uc911\uc810\uc744 \ub450\uace0 \uc788\uc9c0\ub9cc, \uc0ac\uc6a9\uc790 \uc9c0\uc815 \uaddc\uce59\uc744 \ud1b5\ud574 SQL \uc778\uc81d\uc158 \ubc0f \ud06c\ub85c\uc2a4 \uc0ac\uc774\ud2b8 \uc2a4\ud06c\ub9bd\ud305\uacfc \uac19\uc740 \uc77c\ubc18\uc801\uc778 \uacf5\uaca9 \ubc29\uc2dd\uc744 \uc2dd\ubcc4\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4. AWS Shield Advanced Edition\uacfc \ud568\uaed8 \uc0ac\uc6a9\ud558\uba74 DDoS \uacf5\uaca9\uc5d0 \ub300\ud55c \ubc29\uc5b4\ub825\uc744 \uac15\ud654\ud558\uc5ec IDS \uae30\ub2a5\uc744 \ubcf4\uc644\ud560 \uc218 \uc788\uc2b5\ub2c8\ub2e4.<\/p>\n <\/p>\n <\/p>\n <\/p>\n AWS \ud074\ub77c\uc6b0\ub4dc\uc5d0\uc11c \ud6a8\uc728\uc801\uc778 \uce68\uc785 \ud0d0\uc9c0\ub97c \uad6c\ud604\ud558\ub824\ub294 \uae30\uc5c5\uc758 \uacbd\uc6b0 \ub2e4\uc74c \ub2e8\uacc4\ub97c \uad8c\uc7a5\ud569\ub2c8\ub2e4.<\/p>\n <\/p>\n AWS \uacf5\uc778 \ub300\ub9ac\uc810\uc73c\ub85c\uc11c, \uc6b0\ub9ac\ub294 \uae30\uc5c5\uc774 \uc548\uc804\ud55c \ud074\ub77c\uc6b0\ub4dc \uc5ed\ub7c9\uc744 \uad6c\ucd95\ud558\ub3c4\ub85d \ub3d5\ub294 \ub370 \uc788\uc5b4 \uad11\ubc94\uc704\ud55c \uacbd\ud5d8\uacfc \uae30\uc220 \ub9ac\uc18c\uc2a4\ub97c \ubcf4\uc720\ud558\uace0 \uc788\uc73c\uba70, \ub2e4\uc74c\uacfc \uac19\uc740 \uc9c0\uc6d0 \uc11c\ube44\uc2a4\ub97c \uc81c\uacf5\ud569\ub2c8\ub2e4.<\/p>\n <\/p>\n \ud074\ub77c\uc6b0\ub4dc \ubcf4\uc548 \uad6c\ucd95\uc5d0\uc11c \uce68\uc785 \ud0d0\uc9c0 \uc2dc\uc2a4\ud15c\uc740 \ubc29\uc5b4\uc120\uc758 \uc77c\ubd80\uc5d0 \ubd88\uacfc\ud558\uc9c0\ub9cc, \uacf5\uaca9\uc744 \uac10\uc9c0\ud558\uace0 \uc704\ud611\uc744 \ubd09\uc1c4\ud558\ub294 "\ucd5c\ucd08 \uacbd\ubcf4" \uc5ed\ud560\uc744 \ud569\ub2c8\ub2e4. \uae30\uc5c5\uc774 \uc9c4\uc815\uc73c\ub85c "\uc548\uc804\ud558\uace0 \uc548\uc815\uc801\uc778 \ud074\ub77c\uc6b0\ub4dc \ud658\uacbd"\uc744 \uad6c\ucd95\ud558\ub824\uba74 AWS\uac00 \uc81c\uacf5\ud558\ub294 \ub2e4\uc591\ud55c IDS \uad6c\ud604 \ubc29\uc2dd\uc5d0 \uc8fc\uc758\ub97c \uae30\uc6b8\uc774\uace0 \uc801\uadf9\uc801\uc73c\ub85c \ud65c\uc6a9\ud574\uc57c \ud569\ub2c8\ub2e4.<\/p>\n AWS\uc5d0\uc11c \ubcf4\ub2e4 \uc644\ubcbd\ud55c \ubcf4\uc548 \ubcf4\ud638 \uc2dc\uc2a4\ud15c\uc744 \uad6c\ucd95\ud558\uace0 \uc2f6\uc73c\uc2dc\ub2e4\uba74 \uc804\ubb38 AWS \ud30c\ud2b8\ub108 \ud300\uc5d0 \ubb38\uc758\ud558\uc5ec \uc548\uc804\ud55c \ud074\ub77c\uc6b0\ub4dc \ub9c8\uc774\uadf8\ub808\uc774\uc158\uc758 \uc0c8\ub85c\uc6b4 \uc7a5\uc744 \uc2dc\uc791\ud558\uc138\uc694.<\/p>","protected":false},"excerpt":{"rendered":" \uae30\uc5c5\ub4e4\uc774 \ud074\ub77c\uc6b0\ub4dc \ud658\uacbd\uc73c\ub85c \uc804\ud658\ud568\uc5d0 \ub530\ub77c \ub124\ud2b8\uc6cc\ud06c \ubcf4\uc548 \ubb38\uc81c\uac00 \uc810\uc810 \ub354 \uc911\uc694\ud574\uc9c0\uace0 \uc788\uc2b5\ub2c8\ub2e4. AWS \ud074\ub77c\uc6b0\ub4dc \ud658\uacbd\uc5d0\uc11c \ud6a8\uacfc\uc801\uc778 \uce68\uc785 \ud0d0\uc9c0(IDS, \uce68\uc785 \ud0d0\uc9c0 \uc2dc\uc2a4\ud15c)\ub97c \uad6c\ud604\ud558\ub294 \ubc29\ubc95\uc740 \uae30\uc5c5 \ubcf4\uc548 \uc544\ud0a4\ud14d\ucc98 \uc124\uacc4\uc758 \uc911\uc694\ud55c \ubd80\ubd84\uc774 \ub418\uc5c8\uc2b5\ub2c8\ub2e4. \ubcf8 \ubb38\uc11c\uc5d0\uc11c\ub294 \uae30\uc5c5\uc774 \ud074\ub77c\uc6b0\ub4dc\uc5d0\uc11c \uc9c0\ub2a5\ud615 \ubcf4\uc548 \ubcf4\ud638 \uc2dc\uc2a4\ud15c\uc744 \uad6c\ucd95\ud560 \uc218 \uc788\ub3c4\ub85d AWS \uae30\ubc18 IDS\uc758 \uad6c\ud604 \ubc29\ubc95, \uc8fc\uc694 \uad6c\uc131 \uc694\uc18c \ubc0f \uc77c\ubc18\uc801\uc778 \uc801\uc6a9 \uc2dc\ub098\ub9ac\uc624\ub97c \uc124\uba85\ud569\ub2c8\ub2e4.<\/p>","protected":false},"author":1,"featured_media":3391,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[65],"tags":[],"class_list":["post-3389","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-technical-sharing"],"_links":{"self":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/posts\/3389","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/comments?post=3389"}],"version-history":[{"count":0,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/posts\/3389\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/media\/3391"}],"wp:attachment":[{"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/media?parent=3389"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/categories?post=3389"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/aws-oncloudai.com\/ko\/wp-json\/wp\/v2\/tags?post=3389"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}2. \ub124\ud2b8\uc6cc\ud06c \uc218\uc900 \ud2b8\ub798\ud53d \uac10\uc9c0<\/strong><\/h5>\n
3. \ub85c\uadf8 \uacc4\uce35 \uacf5\uaca9 \ud0d0\uc9c0<\/strong><\/h5>\n
4. \ud0c0\uc0ac \ubcf4\uc548 \ud1b5\ud569<\/strong><\/h5>\n
6. \uc6f9 \uacc4\uce35 \uacf5\uaca9 \uc2dd\ubcc4<\/strong><\/h5>\n
\uae30\uc5c5\uc774 AWS\uc5d0 IDS\ub97c \uad6c\ucd95\ud574\uc57c \ud558\ub294 \uc774\uc720\ub294 \ubb34\uc5c7\uc785\ub2c8\uae4c?<\/h4>\n
\n
\uc77c\ubc18\uc801\uc778 \uc751\uc6a9 \ud504\ub85c\uadf8\ub7a8 \uc2dc\ub098\ub9ac\uc624\uc758 \uc608:<\/h4>\n
\n
\ud074\ub77c\uc6b0\ub4dc\uc5d0\uc11c IDS \uad6c\ucd95\uc744 \uc704\ud55c \uad8c\uc7a5 \uc0ac\ud56d<\/h4>\n
\n
AWS \ub9ac\uc140\ub7ec\ub85c\uc11c \uc5b4\ub5a4 \ub3c4\uc6c0\uc744 \ub4dc\ub9b4 \uc218 \uc788\ub098\uc694?<\/h4>\n
\n
\uacb0\ub860<\/h4>\n