Can You Secure A Hybrid-Private Cloud?
October 24, 2011
They say that security begins at the firewall. Whether that is actually true depends upon the security posture of a business. However, if you do rely on a firewall, especially a software firewall or one integrated into an operating system, you have to make sure that it is configured and managed properly–something that is getting harder to do as firewall policies, threats and intrusions become more complex. Add to that the fact that services and data are starting to exist more and more in the cloud and are becoming virtual, and you have a potential recipe for data leakage, account compromises and unauthorized access…
Cloud services provider Dome9 Security is looking to provide comprehensive firewall capabilities around those cloud services and bring some control to the security of private, public and hybrid clouds. In essence, Dome9 is a "cloud server firewall"–basically, a cloud security service that provides complete control over access to a hosted cloud service. The product claims to keep all administrative ports closed on a hosted server, without denying access and control of the server’s functions. What’s more, Dome9 claims it can dynamically open any port, on-demand, any time, for anyone and from anywhere–allowing controlled access to resources.
Dome9 rounds out its security capabilities by incorporating the ability to create time- and location-based secure access invitations to third parties, allowing temporary access to resources to be granted on a "need" basis. What’s more, Dome9 can close ports automatically, based upon policy, schedule or other triggers, eliminating the need to manually reconfigure firewalls when access needs change.
Dome9 also takes on the firewall management responsibilities for access to cloud servers, allowing those servers to be completely locked down but still fully manageable. Dome9 integrates with leading cloud providers, including Amazon’s EC2 and Rackspace. The product also offers support for Windows 2008 R2, 2008 and 2003, RedHat Enterprise Linux and CentOS 5.x and up, Ubuntu/Ubuntu Server 8.04 and up, and Debian 6.x and up.
Virtualization technologies are also supported, including Xen, Citrix XenServer and Citrix Cloud, Linux KVM, Microsoft Hyper-V, VMware Server, ESXi and vCloud, Parallels Containers, Cloud & Parallels BareMetal, as well as Cloud Frameworks from OpenStack, Eucalyptus and OnApp Cloud. The company is currently developing an API that allows Dome9 to be integrated with leading cloud services providers that are not currently supported.
Dome9 is available as a service, with pricing based upon factors including number of servers and administrators. The company offers a free version of the service for a single-server, single-administrator environment, as well as trial versions for larger implementations.