What unique and differentiated capabilities do you offer that help protect data and infrastructure in the cloud?
Probably the key area for our cloud to differentiate versus traditional public clouds is our network capabilities. Carpathia supports full private networking in the cloud. This enables customers to create n-tier applications versus simple flat network topologies. In support of our network capabilities are a number of specialized VMs, such as those from Vyatta, that also provide firewall, VPN, and IPS services. Carpathia’s cloud also supports hybrid deployments where certain applications and workloads run in the cloud and a private network can be extended into the cloud over a secure Layer 2 network. This also allows customers to keep some workloads in the cloud while others run in a different control domain.
Securing virtual applications and the virtualization layer of the data center is the most challenging obstacle to achieving the benefits of data center consolidation and virtualization and moving to a cloud cost model. The Cisco VSG firewall enforces detailed security policies that are VM aware and helps ensure isolation of traffic and applications in a way that traditional security devices cannot, without limiting scalability of the overall data center or complicating the delivery of virtual applications in the cloud.
NetScaler Cloud Gateway is an innovative solution for connecting users to cloud services in a secured fashion, whether those resources are onsite, hosted, or outsourced. Full life-cycle provisioning management and automated credential management ensure that only authorized users can access cloud services. And passwords are constantly changed in an automated way that improves user productivity and security.
In addition to adhering to security best practices and regular internal audits, Expedient’s openness to participating in our clients’ external audits is a key differentiator from other cloud providers. This, along with Expedient’s continued research, development, and deployment of new security technologies such as platform attestation, provides a rich security complement to any IT organization.
Authenticate and verify administrator identity: With HyTrust Appliance in place, there are no anonymous changes to the virtual infrastructure. All administrative access must first be authenticated. HyTrust fully supports two-factor authentication with RSA* SecurID* or smart cards. In the event that root access is required, HyTrust Appliance features root password vaulting, which enables certain administrators to check out a temporary password for one-time access. Continued on next page.
18 Intel IT Center Vendor Round Table | Cloud Security