Q&A with Certes Networks about vCEP (virtual Certes Enforcement Point) – Cloud Security Appliance
April 17, 2012
Today, Certes Networks released a new virtual security appliance called the vCEP (virtual Certes Enforcement Point). The point is to make the cloud safe for sensitive workloads by protecting the network traffic inside IaaS clouds and between locations. To find out more about this, we spoke with Jim Doherty, the SVP of Marketing & CMO at Certes Networks. Here is that conversation:
Q: What do you see as the main issue keeping enterprises and government organizations from moving to off-premise cloud environments?
Jim Doherty: Today’s enterprises and government organizations want to take advantage of the benefits moving to an off-premise cloud environment can provide. However they view the lack of security as a roadblock. In order for these companies and organizations to reap the benefits that the cloud has to offer, there needs to be a solution that filled the gap, and this is where vCEP comes in.
Q: Ok, so explain to us what vCEP is all about.
Jim Doherty: vCEP is the industry’s first scalable network encryption solution for the cloud. It provides security for sensitive workloads by protecting network traffic inside Infrastructure-as-a-Service (IaaS) clouds and between customer locations. The vCEP is a virtual appliance for VMware ESX/ESXi environments that enables sensitive workloads to execute and communicate securely in untrusted networks. The vCEP provides data confidentiality and integrity for sensitive data in motion in shared environments and prevents one tenant from monitoring the network traffic or attacking the virtual servers of another tenant.
Jim Doherty: Certes Networks pioneered Group Encryption technology about six years ago, when we saw a gap in the industry that we wanted to address. Since then, the technology has been proven on hundreds of production customer networks. Due to its elegant scalability, easy management and ability to allow policies and keys to be controlled centrally by either the end user or a trusted third party, Group Encryption technology is ideal for network encryption in virtualized and cloud environments.
Q: What are the main benefits of the vCEP solution?
Jim Doherty: There are numerous benefits to the vCEP solution. With TrustNet group encryption, policies are defined in terms of logical grouping and keys are centrally generated and securely distributed to all authorized group members. As part of the Certes TrustNet solution, vCEP provides persistent authentication to ensure continuous data integrity. As a virtual appliance that resides on the same server as the virtual servers that it protects, the vCEP protects sensitive network traffic inside the cloud provider’s network without leaving gaps where the data is not protected.
Jim Doherty: Scalable Group Encryption allows each group member to communicate securely with other members, without the performance and management overhead of tunnels. Group encryption is designed to scale and protect tens of thousands of servers, unlike tunnel-based solutions which max out after a handful of sites or servers because their point to point limitations. Scalability is an essential consideration when designing cloud security solutions since most analysts expect twenty to fifty percent annual growth in the number of servers deployed in IaaS clouds in the coming years.
Please visit Certes Networks for more information.