Step 6: Extend Trust across Federated Clouds
As cloud computing evolves, the vision of federated clouds—across which communications, data, and services can move easily within and across several cloud infrastructures—adds another layer of complexity to your security equation. Intel is working toward providing solutions that extend trust across federated clouds via secure gateways between the service provider and the service consumer with policy enforcement for centrally defined policies. Intel Expressway Cloud Access 360 (Intel ECA 360) is a software solution designed to control the entire life cycle of secure access for enterprises connecting to cloud environments. It serves as a gateway to broker single sign-on (SSO) access from the enterprise into various clouds by authenticating employees against internal systems such as Active Directory* or other identity management systems. It records the user activity against these systems, and the metrics can be used for audit reporting and monitoring through an administrative console. In addition to providing SSO, Intel ECA 360 creates virtual identities built from data in enterprise systems—such as human resource applications and the telephone system—that establish user identity and verify the trusted systems where a user comes from. The gateway can operate as a virtualized instance and can run either on-premises or at a third-party hosted or managed service provider. The gateway can also function as a proxy, where it performs as a secure token service and point of policy enforcement, or in look-aside mode, where it passes on the identity logic to a third party to perform the transformations. Intel’s partnership with McAfee delivers a coordinated security approach that spans network, servers, databases, storage, and data, as well as connecting policies and controls across physical, virtual, and cloud infrastructures. The McAfee infrastructure proactively identifies and blocks attacks by communicating with McAfee* Global Threat Intelligence technology. The foundation of the McAfee security management platform, McAfee ePolicy Orchestrator*, is an open, scalable platform that connects third-party security solutions to the infrastructure, strengthening protection and providing visibility into security, compliance, and risk management activities.
About Intel® ECA 360
Intel® Expressway Cloud Access 360 (Intel ECA 360) provides secure access for enterprises connecting to and across cloud applications by: Account deprovisioning and account identity data synchronization Enforced context-aware authorization with seamless single sign-on (SSO) from multiple devices Monitoring user, administrative, and API access activity Soft/hard one-time password (OTP) authentication Activity reporting for compliance and correlation of cloud user activity with on-premises logs for end-to-end compliance
16 Intel IT Center Planning Guide | Cloud Security