Threat Brief: Operation Lunar Peek, Activity Related to CVE-2024-0012 and CVE-2024-9474 (Updated Nov. 19)
Threat Assessment: Ignoble Scorpius, Distributors of BlackSuit Ransomware
FrostyGoop’s Zoom-In: A Closer Look into the Malware Artifacts, Behaviors and Network Communications
See all Unit 42 Threat Research
Table of contents
Cloud Security

What Is Infrastructure as a Service?

Infrastructure as a Service (IaaS), is the most impactful computing paradigm to emerge since the boom of the Internet.

3 min. read
Listen
Table of contents

Infrastructure as a service, sometimes referred to as “hardware as a service” – IaaS and HaaS, respectively – is the most impactful computing paradigm to emerge since the boom of the internet and the growth of “as a service” delivery models. Alongside software as a service and platform as a service – SaaS and PaaS – it is one of the three most common forms of cloud computing that provides third-party computing resources, such as hardware, storage, servers, and networking components for data center space, via the internet. In the case of IaaS, third-party providers offer computing infrastructure in a virtual environment so that any user in an organization can access it. Google Cloud, Amazon Web Services and Microsoft Azure® are some of the more notable examples of public cloud IaaS providers.

Benefits of IaaS and Security Implications

The move to the public cloud is driven strongly by the speed at which companies can build and deploy globally available, highly scalable applications. Businesses often choose IaaS because it enables them to replicate familiar on-premises architectures in cloud environments. By simply renting the resources they need without the costly upfront burden of building data centers, organizations save significant upfront costs and avoid the hardware maintenance and refresh logistics. IaaS poses few limitations in terms of what applications or services can run since many of the foundational resources available are the same as those in on-premises environments.

However, as with any other cloud service, IaaS comes with security risks organizations must understand. Users can have direct access to the cloud infrastructure, hardware and networks. Therefore, an organization’s employees are all “privileged insiders” and can become security liabilities if identity and access control policies are not tightly controlled. IaaS is also vulnerable to attackers gaining access via encryption breaking, potentially performing man-in-the-middle attacks to steal or modify data. Furthermore, attackers may try to hijack IaaS resources to run botnets, mine cryptocurrency or launch denial-of-service attacks.

Securing IaaS

Although deploying cloud services can vastly accelerate business growth and innovation, security cannot become a secondary consideration in these highly dynamic, distributed environments. When it comes to the security of IaaS environments, businesses tend to lean one of two ways: they rely solely on the service provider for security, or they extend in-house security measures to the cloud. Services like AWS® and Azure may offer security controls for their own cloud environments, but users are on their own to piece together the provided tools into functioning security coverage. Compounded by the fact that most businesses use multiple cloud environments at once, this approach quickly becomes overwhelming to effectively build and manage.

Consequently, simply extending on-premises security to the cloud negates a lot of the cloud’s agile scalability. On-premises security products are designed to act as central points of control across an environment, but forcing all traffic through a single central control point in a highly distributed cloud environment introduces significant friction. Therefore, IT managers need to create strong IaaS security strategies that implement security technologies purpose-built for the cloud. Applications and data in the public cloud need to be protected at least as diligently as private networks and on-premises software, hardware, applications, and data. By working with a trusted partner experienced in combining native tools from cloud services with proven, next-generation security technologies, organizations will be able to better protect their cloud environments and prevent cyber breaches.

Infrastructure as a Service FAQs

Virtual machine provisioning in IaaS involves creating and configuring virtual instances to run applications and services. It automates the allocation of compute resources, storage, and network settings. Tools like Terraform and Ansible streamline this process, enabling rapid deployment and scaling. Provisioning includes selecting an operating system, configuring security policies, and installing necessary software. Users can define resource requirements, ensuring optimal performance and cost-efficiency. Efficient VM provisioning minimizes downtime, accelerates development cycles, and enhances the flexibility of cloud infrastructure.
Scalability in IaaS refers to the ability to dynamically adjust computing resources based on demand. It allows organizations to scale up by adding more virtual machines, storage, or network capacity during peak usage, and scale down during low demand periods. Auto-scaling features, offered by platforms like AWS Auto Scaling and Azure Scale Sets, automate this process. Scalability ensures consistent performance, cost efficiency, and resource optimization. It supports business growth and fluctuating workloads without the need for significant upfront investments in physical infrastructure.
Multitenancy in IaaS enables multiple customers, or tenants, to share the same physical infrastructure while maintaining data isolation and security. It maximizes resource utilization and cost efficiency for cloud providers and users. Each tenant operates in a logically isolated environment, ensuring that one tenant's activities do not affect others. Technologies like virtualization and containerization facilitate multi-tenancy. Effective multi-tenancy management includes implementing strict access controls, encryption, and monitoring to prevent unauthorized access and ensure compliance with security standards.
A hypervisor, or virtual machine monitor (VMM), is a software layer that enables the creation and management of virtual machines on a physical host. It abstracts hardware resources, allowing multiple VMs to run simultaneously on a single server. Hypervisors can be classified as Type 1 (bare-metal) or Type 2 (hosted). Type 1 hypervisors, like VMware ESXi and Microsoft Hyper-V, run directly on the hardware, offering better performance. Type 2 hypervisors, like Oracle VirtualBox, run on a host operating system. Hypervisors are fundamental to IaaS, enabling virtualization and resource efficiency.
Cloud orchestration in IaaS involves automating the management, coordination, and organization of complex cloud services and resources. Orchestration tools, like Kubernetes and OpenStack, streamline processes such as provisioning, configuration, and scaling. They enable users to define workflows and policies for deploying applications and managing infrastructure. Orchestration ensures consistency, reduces manual intervention, and enhances operational efficiency. It supports multi-cloud environments, enabling seamless integration and management of services across different cloud platforms. Effective orchestration optimizes resource utilization and accelerates application delivery.

A Virtual Private Cloud (VPC) in IaaS provides a logically isolated section of the cloud where users can deploy resources in a virtual network. VPCs offer control over network settings, such as IP address ranges, subnets, and route tables. Users can establish secure connections to on-premises data centers via VPN or Direct Connect.

VPCs enhance security by segmenting resources and implementing network access controls. Platforms like AWS VPC, Azure Virtual Network, and Google VPC enable organizations to build flexible, scalable, and secure cloud environments tailored to their specific needs.

Elasticity in IaaS refers to the ability to automatically scale computing resources up or down based on demand. It ensures that applications can handle varying workloads without manual intervention. Elasticity leverages auto-scaling features provided by cloud platforms, such as AWS Auto Scaling and Azure Virtual Machine Scale Sets. Resources are dynamically allocated and deallocated, optimizing performance and cost-efficiency.

Elasticity supports high availability and fault tolerance by distributing workloads across multiple instances. It enables organizations to respond quickly to changing business requirements and maintain seamless user experiences.

Load balancing in IaaS distributes incoming network traffic across multiple servers to ensure optimal resource utilization, minimize response times, and prevent any single server from being overwhelmed. Load balancers, such as AWS Elastic Load Balancer and Azure Load Balancer, monitor server health and reroute traffic to healthy instances. They support various algorithms like round-robin, least connections, and IP hash.
Disaster recovery involves strategies and tools to ensure business continuity in the event of a catastrophic failure. It includes automated backups, data replication, and failover mechanisms to secondary locations. Services like AWS Disaster Recovery and Azure Site Recovery provide real-time replication and automated recovery processes. Disaster recovery plans outline recovery point objectives (RPO) and recovery time objectives (RTO) to minimize data loss and downtime. Implementing robust disaster recovery ensures quick restoration of services and data integrity, maintaining operational resilience.
Network security encompasses measures to protect data, applications, and resources from cyber threats. It includes implementing firewalls, intrusion detection and prevention systems (IDPS), and virtual private networks (VPNs). Cloud providers offer tools like AWS Security Groups, Azure Network Security Groups, and Google Cloud Firewalls to control inbound and outbound traffic. Encryption protocols secure data in transit, while network segmentation isolates sensitive workloads. Continuous monitoring and threat intelligence integration enhance proactive defense. Effective network security mitigates risks and ensures compliance with regulatory requirements.
Resource pooling in IaaS involves aggregating computing resources such as CPU, memory, and storage to serve multiple clients dynamically. Virtualization technologies enable the creation of virtual machines and containers that share underlying physical resources. Cloud providers like AWS, Azure, and Google Cloud manage these pooled resources, allocating them based on demand. Resource pooling ensures efficient utilization, scalability, and cost-effectiveness. It supports multi-tenancy, allowing multiple customers to share the same infrastructure while maintaining logical isolation and security. Optimal resource pooling enhances flexibility and performance in cloud environments.
Automated scaling in IaaS dynamically adjusts the number of active instances based on real-time demand. It includes vertical scaling, which increases resource capacity of existing instances, and horizontal scaling, which adds or removes instances. Tools like AWS Auto Scaling and Azure VM Scale Sets monitor performance metrics and trigger scaling actions. Automated scaling ensures applications maintain optimal performance and availability during traffic spikes or drops. It reduces manual intervention, minimizes costs by efficiently using resources, and enhances the user experience by preventing latency and downtime.
Usage-based pricing in IaaS charges customers based on their actual consumption of computing resources. This model offers flexibility and cost efficiency, as users pay for what they use rather than provisioning fixed capacity. Metrics like compute hours, storage usage, and data transfer determine billing. Cloud providers like AWS, Azure, and Google Cloud offer detailed pricing calculators and billing dashboards. Usage-based pricing supports scalability, enabling organizations to adjust resource usage without incurring unnecessary costs. It aligns expenses with business needs, optimizing budget management and resource allocation.
A service-level agreement (SLA) in IaaS is a formal contract between a cloud service provider and a customer that defines the expected level of service. It includes metrics such as uptime guarantees, response times, and performance standards. SLAs also outline remedies for service failures, such as service credits or penalties. Cloud providers like AWS, Azure, and Google Cloud publish SLAs to ensure transparency and accountability. Adhering to SLAs helps maintain trust, sets clear expectations, and provides a framework for addressing service issues, ensuring reliable and consistent cloud services.
Infrastructure management in IaaS involves overseeing and optimizing virtualized computing resources, including servers, storage, and networking. Tools like AWS Management Console, Azure Portal, and Google Cloud Console facilitate resource provisioning, monitoring, and scaling. Automation scripts and IaC frameworks, such as Terraform and Ansible, streamline deployments and updates. Effective management ensures high availability, performance, and security. Administrators must constantly monitor resource usage, apply patches, and enforce policies to maintain an efficient and secure infrastructure.
API-driven infrastructure in IaaS enables programmatic control over cloud resources through application programming interfaces (APIs). Cloud providers like AWS, Azure, and Google Cloud expose APIs for tasks such as provisioning virtual machines, configuring networks, and managing storage. Developers can integrate these APIs into their applications and automation scripts, enhancing flexibility and scalability. API-driven infrastructure supports IaC practices, allowing for consistent and repeatable deployments.
Hybrid cloud in the context of IaaS combines on-premises infrastructure with public and private cloud resources, providing a unified and flexible environment. Organizations can seamlessly extend their data centers to the cloud, leveraging services like AWS Outposts, Azure Arc, and Google Anthos. Hybrid cloud enables workload portability, optimized resource utilization, and disaster recovery. It supports data sovereignty and regulatory compliance by allowing sensitive data to remain on-premises while offloading less critical workloads to the cloud.

A bare metal server in IaaS provides dedicated physical hardware without a hypervisor layer, offering direct access to the underlying resources. Providers like AWS (EC2 Bare Metal), IBM Cloud, and Oracle Cloud offer bare metal servers. They deliver higher performance, lower latency, and enhanced security compared to virtualized instances.

Ideal for high-performance computing (HPC), big data analytics, and applications requiring specific hardware configurations, bare metal servers allow for full customization and control. Users can install hypervisors or run container orchestration platforms like Kubernetes directly on the hardware.

Related Content

  • Continuous Monitoring and Compliance in the Cloud

    Ensuring consistent security controls across cloud environments, such as GCP, AWS and Azure, requires new methodologies for security and auditing teams.

  • Remove IaaS and PaaS Cloud Risks

    Infrastructure-as-a-service and platform-as-a-service offerings are gaining traction for application development, but they also create new risks. Learn how you can protect and segm...

  • Use Case: Protect IaaS Hybrid Cloud

    Many companies have extended their private data centers to the public cloud for competitive benefits, but alignment of security and resiliency to enterprise standards and policies ...

  • Shift-Left Security: A DevSecOps Checklist

    Infrastructure as code (IaC) allows DevOps teams to apply the same guidelines used to manage application code to infrastructure. The result is faster and more frequent deployment, ...

Get the latest news, invites to events, and threat alerts