Briefly describe the security components of your cloud offering, including end-user benefits.
Carpathia* InstantOn* has two discrete cloud platforms, federal and commercial. Each has a different set of security components and compliance controls. In both solutions, we adopted a defense-in-depth approach. Starting from the edge, this includes: • Ingress and egress firewalls, an intrusion protection system (IPS), and distributed-denial-of-service (DDoS) protection • Hardened hypervisor builds and integrity checking • Multifactor authentication for privileged operations • Private networking for traffic isolation • Detailed system and application monitoring delivered near real time to a correlation engine • 24-7 monitoring of the entire platform • Proactive security scanning and continuous risk assessment in support of Federal Risk and Authorization Management Program (FedRAMP) standards • Benchmarking of platform against cloud audit standards Along with these controls, Carpathia offers a high degree of transparency to end users, including the ability to view audited controls and reports from Statement on Auditing Standards No. 70 (SAS 70) Type II, and in the federal cloud, the ability to view related security content.
Cisco offers a cloud security solution to help secure private, public, or hybrid clouds. The Cisco product portfolio includes the following components that enable cloud security for logical separation, policy consistency, automation, and access control in the cloud infrastructure; enable multitenancy; and provide network traffic and activity visibility for cloud governance processes: • Cisco* ASA 5585-X Appliance and Cisco Catalyst* 6500 Series ASA Services Module • Cisco Nexus* 1000V Series Switches • Cisco Virtual Security Gateway (VSG) • Cisco IPS 4200 Series Sensors The Cisco ASA 5585-X Appliance protects the virtualized data center and extended cloud with firewall and IPS capabilities at the cloud data center distribution layer, providing protection for high-value cloud resources and services. Continued on next page.
Intel IT Center Vendor Round Table | Cloud Security