The Cisco Catalyst 6500 Series ASA Services Module is deployed as a plug-in module for Cisco Catalyst 6500 Series Switches. Cisco also provides another IPS deployment option with IPS sensors to enable distributed and intelligent detection with precision response to network attacks. The Cisco VSG works with Cisco Nexus 1000V Series Switches to provide zone-based and policy-driven security at the virtual machine (VM) level, extending existing security policies into virtual and cloud environments. Cisco VSG provides secure segmentation to achieve logical separation at the VM level. Because VSG uses securityzone-based policy implementation rather than static IP addresses, it can consistently enforce security policies even as VMs move from one physical host to another. This support of VM mobility is critical to ensuring policy consistency in an automated cloud environment where workloads can be processed anywhere in the cloud.
The security components include NetScaler* Cloud Gateway, which provides single sign-on (SSO) and secure provisioning for the cloud, and the NetScaler Web Application Firewall for securing clouds from attacks.
Expedient implements advanced security mechanisms throughout its cloud platform to ensure the confidentiality, integrity, and availability of data. These security components are implemented at each layer of the technology stack and include, but are not limited to, two-factor authentication, network and host-based intrusion detection, platform attestation using Intel® Trusted Execution Technology (Intel TXT) and a Trusted Platform Module (TPM), and complete physical segregation where necessary. All components are managed and monitored around-the-clock by multiple geographically diverse operations centers.
HyTrust* Appliance is a VMware* vSphere*–compatible virtual appliance that supports secure multitenant environments without resorting to “air gaps” to segregate each tenant. This enables you to get the maximum return on investment (ROI) in your virtualized environment. Air gaps create a significant amount of wasted resources in the form of a completely new, completely redundant silo of software and hardware. HyTrust Appliance delivers these key capabilities to support private cloud environments: • Authenticates and verifies administrator identity to tie all access to the environment to a specific individual • Verifies platform integrity at the hypervisor level and at the hardware level • Validates all change requests to the infrastructure for complex, higher-level use cases, such as compliance and private cloud, so that organizations can maximize their ROI in virtualization while supporting these initiatives • Provides the system of record that makes it easy to manage compliance audits and forensic investigations
Intel IT Center Vendor Round Table | Cloud Security