The solution architecture deployed at Expedient consists of smaller self-contained pods containing compute, storage, and I/O. This building-block design reduces the potential exposure of a significant site-wide outage by providing POD-level isolation. All aspects of the platform, including compute, storage, network, and power, are redundant. In all instances and across all components, an N+2 or N+N redundancy model is implemented to ensure ultrahigh availability. Security components are integrated at every layer of the Open Systems Interconnection (OSI) model, from the physical through the application layer. Gates and monitors, such as Layer 2 VLAN segregation, Layer 3/4 firewalls, Layer 7 application firewalls, and host-based IDSs, are deployed using standards-based technology, ensuring reduced complexity and enhanced security. Environment security is furthered by overlaying more advanced mechanisms, such as platform attestation using Intel TXT technology, to ensure good known running platforms. Each component provides enhanced reporting capability to ensure proper monitoring and tracking of potential issues and threats.
Despite its name, the HyTrust Appliance is not a physical piece of hardware. It’s a VMware vSphere–compatible virtual appliance that’s deployed right alongside the rest of your virtual infrastructure. It can be deployed on the same hypervisor that it is actively protecting. HyTrust Appliance sits in the management plane of the virtual infrastructure. In other words, it sits between the administrators of the virtual infrastructure—the virtualization administrators, the network administrators, and the application owners—and the virtual infrastructure itself. From this centralized vantage point, HyTrust Appliance intercepts all administrative requests for the virtual infrastructure, determines whether the request is in accordance with the organization’s defined policy, then permits or denies the request as appropriate.
The McAfee Cloud Security Platform is modular, providing customers with the flexibility to start with the solution that most appropriately fits their needs, whether it is data-loss prevention, web security, or so forth. Our solutions can be deployed as software as a service (SaaS), on an appliance, as virtual software, or in combination. Our solutions are integrated into McAfee’s ePolicy Orchestrator* (ePO), advanced and scalable security management software. McAfee’s end-point and network solutions are also managed by ePO, and its open platform allows customers to connect management of McAfee and third-party security solutions to their Lightweight Directory Access Protocol (LDAP), IT operations, and configuration management tools. Finally, all McAfee solutions leverage our Global Threat Intelligence to provide superior protection against impending security threats. Our visibility across key threat vectors—file, Web, e-mail, and network—and a view into the latest vulnerabilities across the IT industry enable McAfee to correlate real-world data collected from millions of sensors around the globe and deliver real-time protection via our suite of McAfee security products.
12 Intel IT Center Vendor Round Table | Cloud Security