CloudPassage Unveils Halo SVM and Halo Firewall for Elastic Cloud Environments
CloudPassage Inc. introduced the Halo Server Vulnerability Management (SVM) and Halo Firewall products, which are purpose-built for elastic cloud environments. These products deliver fast, easy and accurate server exposure assessment, configuration compliance monitoring and network access control – automating the three most-fundamental practices for securing servers in public and hybrid clouds.
According to Neil MacDonald, vice president of CloudPassage and Gartner Fellow, the number-one concern preventing enterprises from adopting public cloud computing is security. "As organizations shift workloads to cloud-based providers, it is imperative that security isn't weakened," he said. "Like on-premises workloads, organizations need to minimize attack surfaces, patch vulnerable software and ensure security configurations are maintained as workloads move to the cloud. However, unlike on-premises workloads, security policy enforcement in the cloud must be enforceable regardless of location and scalable elastically to potentially thousands of hosts."
Halo SVM addresses server vulnerability management needs with the scalability, speed and elasticity needed for cloud server environments. Built on the innovative Halo architecture, the Halo SVM product delivers accurate server exposure assessment with little affect on customers' server resources. Halo SVM functions quickly and efficiently – thousands of server configuration points are assessed in seconds – enabling customers to maintain continuous exposure and compliance intelligence, even in rapidly growing cloud server farms.
"Security and privacy will continue to be a critical priority for us as we dramatically increase the number of users and venues that Foursquare serves," said Foursquare senior operations engineer David Birdsong. "We need server security that includes nonstop vulnerability management and firewalling – and we need it to automatically keep up with our cloud environment. We have been impressed with the accuracy and performance of CloudPassage, and it has taken very little time to deploy and manage."
The Halo Firewall product controls server attack surfaces by centralizing and automating host-based firewall management, the preferred alternative to traditional enterprise perimeter firewalls. The product provides customers with unified cloudwide firewall policy management from a graphical Web front-end, eliminating the untenable operational overhead and likely errors associated with manual host-based firewall management. The Halo Firewall product automatically updates individual host-based firewall configurations whenever cloud servers are added or removed – including server cloning or cloudbursting operations – with zero intervention by system administrators. The product also transparently addresses the issues of dynamic public-cloud IP addressing, cited by IaaS providers as a complication in cloud server firewall management.(2) Halo Firewall enables customers to ensure strong, flexible network access control with the ease of management that parallels traditional enterprise firewalls.
Server security fundamentals are critical in cloud environments, especially public cloud servers that must operate without the benefits of traditional enterprise perimeter protection. Recent studies by Verizon Business and the U.S. Secret Service indicate that 95 percent of compromises leading to information and identity theft could have been prevented by basic security configuration, software patching and network access control, basic steps recommended by IaaS providers.
The Halo architecture provides high levels of server security automation for multiple security functions while transparently handling the problems associated with securing highly fluid, agile and scalable cloud server hosting environments. Secure, ultra light-weight Halo Daemons are backed by the elastic compute power of the Halo Grid, eliminating resource utilization on protected servers and delivering scalability and elasticity that can keep up with cloud-hosted server farms.