Take Five With Tom Fenton
TAKE 5: Cloud Security Solutions That Caught My Eye
The variety of cloud security strategies leaves users with interesting and diverse choices.
In the course of assembling a comprehensive list of vendors for the upcoming Readers's Choice Awards and Ultimate Buyer's Guide, I ran across five cloud security companies with interesting tales to tell. Among the five, I was most impressed with Dome9 because of its blending of security and automation. Eliminating human error is a big step in the right direction when putting together a cloud security plan.
Dome9, which provides security management for public and private clouds, as well as dedicated virtual private servers, is trying to make cloud security less cumbersome by automating cloud server security for enterprises and cloud hosting providers.
Dome9 takes the position that cloud security must be as elastic as its cloud-based infrastructure, and maintains that it provides the first-ever" cloud security management platform that centralizes and automates cloud server security on a higher plane than the infrastructure." Via the Dome9 Secure Access Leases, all administrative access on a cloud server is closed by default, and opened only by approved personnel for a set period of time. This eliminates the security gap that comes from admins forgetting to log back in and disable access.
Panda Security offers its cloud-based consumer antivirus service, Panda Cloud Antivirus 1.9.1, which is currently in beta and available for the Pro Edition of the product only. The new version incorporates a smart community-based firewall" to meet user needs, and further maximizes protection by blocking access to risky programs.
Panda says the addition of a firewall to Panda Cloud Antivirus Pro is a milestone for users who want an affordable solution that aims for zero intrusiveness, adding the new beta release optimizes protection for users by automatically managing rules and permissions based on the real-time knowledge gathered from the Panda global user community.
Sentrigo Hedgehog Enterprise is designed to monitor cloud-based database activity and works well in distributed environments, owing to the highly autonomous nature of its sensor model. Communication with the management server to set policies and receive alerts is all encrypted and compressed, avoiding any issues related to network security and latency. In addition, because the sensors are running locally wherever the cloud resources may be, users have real-time protection against threats.
Websense eliminates the need to support on-premises hardware by shifting all security enforcement and management processes to cloud-based Websense data- centers. Web and e-mail security can be deployed to large offices, small offices and mobile users located around the world in minutes. Websense Security as a Service eliminates the cost of buying on-premises appliances and deploying, upgrading and maintaining on-premises hardware. This especially benefits organizations looking to provide Web security for multiple branch offices without their own IT resources. Security as a Service can also reduce bandwidth costs by eliminating the need to route remote-office or mobile-user traffic back to a central location for filtering.
CloudPassage created the Halo server security platform to bridge the gap between traditional perimeter-oriented datacenter security and security in dynamic cloud environments. Multiple security capabilities for supported Linux OSes are built on the Halo architecture, which is capable of transparent operation through cloud events such as server cloning, cloudbursting and server image hibernation. CloudPassage currently offers host firewall and exposure management features to address server vulnerability management and the Halo Firewall product for easy management of distributed host-based firewalls. Halo users can leverage cloud server hosting with server configuration survivability and automated, policy-based network access control.
Do you agree that automated cloud security will convince a lot of fence-sitters that now is the time for them to go cloud? Tell me at firstname.lastname@example.org.
Bruce Hoard is the new editor of Virtualization Review. Prior to taking this post, he was founding editor of Network World and spent 20 years as a freelance writer and editor in the IT industry.