On-premises to Cloud Mapping


AWS Network ACLs Network Security Groups
Cloud Armor

VPC Firewall VCN Security Lists Cloud Security Groups NAT Gateway IPS/IDS 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only Anti-Bot Service

Website Threat Inspector Web Application Firewall

AWS Firewall Manager Application Gateway Cloud Armor Oracle Dyn WAF Cloud Internet Services Web Application Firewall SIEM &
Log Analytics AWS Security Hub

Amazon GuardDuty Azure Sentinel

Azure Monitor Stackdriver Monitoring

Stackdriver Logging Oracle Security Monitoring and Analytics IBM Log Analysis

Cloud Activity Tracker ActionTrail Antimalware 3rd Party Only Microsoft Antimalware

Azure Security Center 3rd Party Only 3rd Party Only 3rd Party Only Server Guard Data Loss Prevention
(DLP) Amazon Macie Information Protection
Cloud Data Loss Prevention API 3rd Party Only 3rd Party Only Web Application Firewall Key Management Key Management Service KMS) Key Vault Cloud Key Management Service Cloud Infrastructure Key Management Key Protect

Cloud Security Key Management Service Encryption At Rest EBS/EFS Volume Encryption

S3 SSE Storage Encryption for Data at Rest Part of Google Cloud Platform Cloud Infrastructure Block Volume Hyper Protect Crypto Services Object Storage Service DDoS Protection AWS Shield Built-in DDoS defense Cloud Armor Built-in DDoS defense Cloud Internet Services Anti-DDoS Email Protection 3rd Party Only Office Advanced Threat Protection Various controls embeded in G-Suite 3rd Party Only 3rd Party Only 3rd Party Only SSL Decryption
Reverse Proxy Application Load Balancer Application Gateway HTTPS Load Balancing 3rd Party Only Cloud Load Balancer Server Load Balancer (SLB) Endpoint Protection 3rd Party Only Microsoft Defender ATP 3rd Party Only 3rd Party Only 3rd Party Only Server Guard Certificate Management AWS Certificate Manager Key Vault 3rd Party Only 3rd Party Only Certificate Manager Cloud SSL Certificates Service Container Security Amazon EC2 Container Service (ECS) Azure Container Service (ACS) Kubernetes Engine Oracle Container Services Containers – Trusted Compute Container Registry Identity and Access Management Identity and Access Management (IAM) Azure Active Directory Cloud Identity

Cloud IAM Oracle Cloud Infrastructure IAM Cloud IAM

App ID Resource Access Management Privileged Access Management (PAM) 3rd Party Only Azure AD Privileged Identity Management 3rd Party Only 3rd Party Only 3rd Party Only 3rd Party Only Multi-Factor Authentication AWS MFA (part of AWS IAM) Azure Active Directory Security Key Enforcement Oracle Cloud Infrastructure IAM App ID Resource Access Management Centralized Logging

Auditing CloudWatch

S3 Bucket Logging Azure Audit Logs VPC Flow Logs

Access Transparency Oracle Cloud Infrastructure Audit Log Analysis with LogDNA Log Service Load Balancer Application Load Balancer

Classic Load Balancer Azure Load Balancer Cloud Load Balancing

HTTPS Load Balancing Cloud Infrastructure Load Balancing Cloud Load Balancer Server Load Balancer LAN Virtual Private Cloud (VPC) Virtual Network Virtual Private Cloud Network Virtual Cloud Network (VCN) VLANs Virtual Private Cloud (VPC) WAN Direct Connect ExpressRoute Dedicated Interconnect FastConnect Direct Link VPN Gateway

Express Connect VPN VPC Customer Gateway

AWS Transit Gateway Virtual Network

SSTP Google VPN Dynamic Routing

Gateway (DRG) IPSec VPN

Secure Gateway VPN Gateway Governance Risk and Compliance Monitoring AWS CloudTrail

AWS Compliance Center Azure Policy Cloud Security Command Center 3rd Party Only 3rd Party Only ActionTrail Backup and Recovery AWS Backup

Amazon S3 Glacier Azure Backup

Azure Site Recovery Object Versioning

Cloud Storage Nearline Archive Storage IBM Cloud Backup Hybrid Backup Recovery Vulnerability Assessment Amazon Inspector

AWS Trusted Advisor Azure Security Center Cloud Security Scanner Security Vulnerability Assessment Service Cloud Security Advisor

Vulnerability Advisor Server Guard

Website Threat Inspector Patch Management AWS Systems Manager Update Management 3rd Party Only IBM Cloud Orchestrator 3rd Party Only 3rd Party Only Change Management AWS Config Azure Automation (Change Tracking) 3rd Party Only 3rd Party Only 3rd Party Only Application Configuration Management (ACM)

source : Troubleshooting Information for Windows Events April 2, 2019 at 09:36PM