The OpSource Cloud architecture enables configuration and lockdown of the compute and storage environments. With OpSource Cloud Networks, customer-controlled networks with configuration services, customers are able to configure VLANs between servers, configure ACL-based firewalls, and control and track administrative usage. Data is encrypted while being transferred and at rest. OpSource Cloud Servers and OpSource Cloud Files, cloud-based compute and storage services, can be linked by OpSource Cloud Networks. Rather than implementing network security on top of the OpSource virtualized servers, OpSource Cloud Networks is a truly network-based implementation running within Cisco switching fabric. Customers manage and configure OpSource Cloud Networks via the web-based OpSourceCloud.net user interface or Open API for the OpSource Cloud. OpSource utilizes Cisco ASA, Cisco ACE technologies, and carrier-class switching infrastructure to provide a “defense-in-depth” enterprise security architecture to provide multiple layers of security, including IDS, VPN, encryption (in flight and at rest), firewall, and NAT to protect information assets. Additionally, customers can implement host-based security as an added layer of security.
The solution architecture depends on the type of customer. For end customers with private clouds, SecRAMP implements and manages security tools that deliver visibility and automation from the hypervisor layer up through web applications. For service providers, SecRAMP architects solutions that allow them to offer multitenant security services that they can deliver to their customers. SecRAMP takes a three-phased approach: Assess and evaluate the customer’s current security environment. The security architecture designed and managed by SecRAMP will depend on the customer’s security strategy and current cloud implementation plans. Architect and enhance the security stack. SecRAMP bridges the gaps in coverage, such as hardware trust, policy, and incident response capabilities. SecRAMP enables customers to effectively address security architecture regardless of the cloud strategy. The end result is a more secure environment and an integrated view that leverages the unique capabilities of each of the security tools that are implemented to monitor and secure the environment. Operationalize and manage on an ongoing basis. After implementation, our expert staff continuously tunes, manages, and monitors the security.
13 Intel IT Center Vendor Round Table | Cloud Security