Cloud Comparison Chart and Mapping of On-Premises Security Controls vs Major Cloud Providers - BRS MEDIA TECHNOLOGIES
digital security

Cloud Comparison Chart and Mapping of On-Premises Security Controls vs Major Cloud Providers

Mapping of On-Premises Security Controls vs Major Cloud Providers.

A mapping at the very high level of on-premises security controls to native cloud services that can be used to replicate their specific role. As the cloud services tend to be more granular and overlapping in functionality, the mapping is at best approximate but it may bring some extra awareness on the options available in the cloud. Any suggestions are welcome as this chart will continue to be a work in progress.

1Firewall & ACLsSecurity Groups AWS Network ACLsNetwork Security Groups Azure FirewallCloud Armor VPC FirewallVNC Security ListsCloud Security GroupsNAT Gateway
2IPS/IDS3rd Party OnlyAzure Firewall3rd Party Only3rd Party Only3rd Party OnlyAnti-Bot Service Website Threat Inspector
3Web Application Firewall (WAF)AWS WAF
AWS Firewall Manager
Application GatewayCloud ArmorOracle Dyn WAFCloud Internet ServicesWeb Application Firewall
4SIEM & Log AnalyticsAmazon Security Hub
Amazon GuardDuty
Azure Sentinel
Azure Monitor
Chronicle Backstory Event Threat DetectionOracle Security Monitoring and AnalyticsIBM Log Analysis Cloud Activity TrackerActionTrail
5Antimalware3rd Party OnlyMicrosoft Antimalware / Azure Security Center3rd Party Only3rd Party Only3rd Party OnlyServer Guard
6Data Loss Prevention (DLP)Amazon MacieInformation Protection (AIP)Cloud Data Loss Prevention API3rd Party Only3rd Party OnlyWeb Application Firewall
7File Integrity Monitoring (FIM)3rd Party OnlyAzure Security Center3rd Party Only3rd Party Only3rd Party Only3rd Party Only
8Key ManagementKey Management Service (KMS)Key VaultCloud Key Management ServiceCloud Infrastructure Key ManagementKey Protect Cloud SecurityKey Management Service
9Encryption At RestEBS/EFS Volume Encryption, S3 SSEStorage Encryption for Data at RestPart of google Cloud PlatformCloud Infrastructure Block VolumeHyper Protect Crypto ServicesObject Storage Service
10DDoS ProtectionAWS ShieldBuilt-in DDoS DefenseCloud ArmorBuilt-in DDoS DefenseCloud Internet ServicesAnti-DDoS
11Email Protection3rd Party OnlyOffice Advanced Threat ProtectionVarious controls embeded in G-Suite3rd Party Only3rd Party Only3rd Party Only
12SSL Decryption Reverse ProxyApplication Load BalancerApplication GatewayHTTPS Load Balancing3rd Party OnlyCloud Load BalancerServer Load Balancer (SLB)
13EndPoint Protection3rd Party OnlyMicrosoft Defender ATP3rd Party Only3rd Party Only3rd Party OnlyServer Guard
14Certificate ManagementAWS Certificate ManagerKey Vault3rd Party Only3rd Party OnlyCertificate ManagerCloud SSL Certificates Service
15Container SecurityAmazon EC2 Container Service (ECS)Azure Container Service (ACS)Kubernetes EngineOracle Container ServicesContainers – Trusted ComputeContainer Registry
16Identity and Access ManagementIdentity and Access Management (IAM)Azure Active DirectoryCloud Identity Cloud IAMOracle Cloud Infrastructure IAMCloud IAM App IDResource Access Management
17Privileged Access Management (PAM)3rd Party OnlyAzure AD Privileged Identity Management3rd Party Only3rd Party Only3rd Party Only3rd Party Only
18Multi-Factor Authentication (MFA)AWS MFA (part of AWS IAM)Azure Active DirectorySecurity Key EnforcementOracle Cloud Infrastructure IAMApp IDResource Access Management
19Centralized Logging / AuditingCloudWatch / S3 bucketAzure Audit LogsStackdriver Mon / Logging Access TransparencyOracle Cloud Infrastructure AuditLog Analysis with LogDNALog Service
20Load BalancerApplication Load Balancer
Classic Load Balancer
Azure Load BalancerCloud Load Balancing HTTPs Load BalancingCloud Infrastructure Load BalancingCloud Load BalancerServer Load Balancer
21LANVirtual Private Cloud (VPC)Virtual NetworkVirtual Private Cloud Network (VPCN)Virtual Cloud Network (VCN)VLANsVirtual Private Cloud (VPC)
22WANDirect ConnectExpressRouteDedicated InterconnectFastConnectDirect LinkVPN Gateway Express Connect
23VPNVPC Customer Gateway
AWS Transit Gateway
Virtual Network SSTPGoogle VPNDynamic Routing Gateway (DRG)IPSec VPN Secure GatewayVPN Gateway
24Governance Risk and Compliance MonitoringAWS Security Hub
AWS Compliance Center
Azure Security Center
Azure Policy
Cloud Security Command Center3rd Party Only3rd Party OnlyActionTrail
25Backup and RecoveryAWS Backup
Amazon S3 Glacier
Azure Backup
Azure Site Recovery
Object Versioning Cloud Storage NearlineArchive StorageIBM Cloud BackupHybrid Backup Recovery
26Vulnerability AssessmentAmazon Inspector
AWS Trusted Advisor
Azure Security CenterCloud Security ScannerSecurity Vulnerability Assessment ServiceCloud Security Advisor Vulnerability AdvisorServer Guard Website Threat Inspector
27Patch ManagementAWS Systems ManagerAzure Security Center Update Management3rd Party Only3rd Party OnlyIBM Cloud Orchestrator3rd Party Only
28Change ManagementAWS ConfigAzure Automation (Change Tracking)3rd Party Only3rd Party Only3rd Party OnlyApplication Configuration Management (ACM)

Key Terms:

  • Cloud Security
  • ,
  • Cloud Technology

Other Angel Softwares


WinSCP utility to transfer files

Contents1 WinSCP utility to transfer files to Unix and Linux from Windows1.1 Security1.2 Built-in Text Editor1.3 Key Features:1.4 Summary1.5 Downloads1.6 […]


PuTTY utility to connect Unix and Linux

Contents1 PuTTY is a utility to connect Unix and Linux from Windows1.0.1 Downloads1.1 PuTTYgen1.1.1 How to use PuTTYgen?1.1.2 Types of […]


7zip Popular file compression utility

Contents1 7-Zip is a popular open-source file compression utility1.0.1 Key Features:1.0.2 Download1.0.3 Key Terms: 7-Zip is a popular open-source file […]

TrueNAS Scale Logo

Open Storage at Scale-TrueNAS Scale

TrueNAS SCALE is the latest member of the TrueNAS family and provides Open Source HyperConverged Infrastructure (HCI) including Linux containers and […]

Terraform Logo

HashiCorp Terraform-Automate Infrastructure on Any Cloud

Contents1 Build, change, and destroy infrastructure with Terraform.1.0.1 How does Terraform work?1.0.2 The core Terraform workflow consists of three stages:1.0.3 […]

Vagrant Logo

HashiCorp Vagrant – Development Environments Made Easy

Contents1 Introduction to Vagrant1.0.1 Why Vagrant?1.0.2 Powerful features1.0.3 Vagrant vs. Terraform1.0.4 Downloads1.0.5 Key Terms: Introduction to Vagrant Vagrant is a […]