Aporeto Cloud Identity Framework Seamlessly and Securely Bridges Amazon Web Services with Private Infrastructures

June 26, 2019 Off By David
Object Storage

Aporeto, a leader in Identity-Powered Cloud Security, today announced the Aporeto Cloud Identity Framework, a suite of identity-based security services that allows consistent policy enforcement between homegrown enterprise applications and Amazon Web Services (AWS) managed services. This suite continues to expand the Aporeto identity-based security platform, which leverages both user and application identities to manage access to resources and cloud workloads on any infrastructure.

Simplicity for complex identity architectures

The security industry is moving toward using identity to define policies for applications, but there is overwhelming complexity in managing multiple identity sources and identity architectures. Sprawling identity architectures often include Lightweight Directory Access Protocol (LDAP) and Active Directory services, the adoption of OpenID Connect (OIDC) compliance identity providers, and AWS Identity and Access Management (IAM). Aporeto’s identity-based security solution is independent of the infrastructure, thus reducing the burden of managing identities across cloud environments. Aporeto’s solution allows customers to move towards homogenous identity for their applications across all infrastructures, making auditing and centralized policy governance more robust with simpler operations.

The Aporeto Cloud Identity Framework includes Distributed Firewall, Cloud Privileged Access Management (PAM), and Identity-Aware Proxy. This suite leverages Aporeto’s identity management capabilities to secure workloads at L3-L7 through mutual authentication and authorization, supporting enterprises as they radically simplify their network infrastructure. Moreover, this framework offers a full PKI infrastructure that enables the transparent mTLS encryption of in-flight data, obviating the need for VPN tunnels or private links for traffic on any infrastructure and across the internet. Because Aporeto’s identity-based access management security solution is not dependent on network constructs, Aporeto’s security posture follows applications no matter where they reside.

“We have invested many years in developing web applications for internal consumption,” said Lucas Tischhauser, Security Architect II, NAIC. “As we migrate our infrastructure to AWS, we want to have a more cloud-native architecture and implement a Zero Trust security posture without having the burden of rewriting our applications or putting efforts into undifferentiated, but required, security tasks. The Aporeto Cloud Identity Framework, and in our case, Identity-Aware Proxy, empowered us to migrate more rapidly on AWS while having the best-in-class security posture.”

“The desire to accelerate migration to the cloud is a common goal across our customer base,” said Jason Schmitt, CEO of Aporeto. “But these objectives are hampered by complex network-based security concerns for both users and applications. Our core competency lies in providing identity-based access control for cloud applications. Our Cloud Identity Framework is a powerful identity-powered security bundle that strengthens security, simplifies operations, and accelerates cloud migration.”

The benefits of the Aporeto Cloud Identity Framework are stronger security, simpler IT operations, and flexibility for enterprise customers as they migrate to the cloud. Features include:

  • Decoupling the identity and authorization system from the infrastructure, making contiguous secure operations across hybrid clouds possible without requiring any application code or architectural changes
  • Easier integration of new or different AWS services with existing enterprise services and assets for seamless operations
  • Improved security posture with a consistent, policy-driven authentication and authorization process for hybrid infrastructure
  • Elimination of secrets management for any application interfacing with Aporeto Cloud Identity Framework
  • Improved adherence to regulatory and internal compliance requirements, making auditing simpler and more bulletproof

“Customers and their security needs are a top priority for AWS,” said Benjamin Andrew, Global Lead, Security & Networking, AWS Marketplace, Amazon Web Services, Inc. “We know that enterprises have significant investments in their existing applications and services and we are delighted to be working with Aporeto to help our customers continue to extract maximum value from their existing IT assets while they build a more agile, secure, and flexible infrastructure on AWS.”