The OpSource RESTful API enables our cloud to integrate easily with third-party authentication, monitoring, configuration management, and security management tools. Additionally, clients can configure VLANS and firewall ACLs to explicitly limit access to specific servers by IP address, port, or protocol. For example, clients can set up web servers in a DMZ accessible via the public Internet on port 80. Application servers, sitting on a separate VLAN, could be accessed only by the web-tier or databasetier servers. The database servers could only be accessed by the application tier. This approach to security provides for application access and server access control. Lastly, OpSource controls permissions of multiple end users of a specific client account and logs activities critical to administering a trusted cloud environment.
SecRAMP has developed several use cases around integration with Intel TXT servers and VMware. Intel TXT integration enables customers to benefit from a root of trust that can be extended from the hardware through the hypervisor and up to the application interface. Data is then provided to a security information and event management system to validate, audit, and report on trust status. Implementing strong policies and procedures can also aid in improving the overall level of trust. For example, with server deployments, we typically identify every piece of firmware on the system, such as the BIOS, the RAID, and the video card—anything that can be updated at the hardware level prior to the operating system installation. We then build an internal repository of relevant firmware, validate it with vendor-provided hashes, and flash the firmware predeployment. While this is not a 100 percent solution, it does reduce the risk of compromise at the hardware level. On blade systems like the Cisco Unified Computing System platform, features such as Service Profiles make this type of operation much quicker and easier, especially for private cloud deployments.
Because Virtustream dedicates the network, compute, and storage resources for every customer, each application can trust that the infrastructure presented to it is not shared or seen by any other customer. This ensures routing and data segregation through secure swim lanes, even when a customer introduces integration points with other service providers. In order to avoid vendor lock-in, many organizations subscribe to the services of two or more cloud service providers—increasing the importance of secure data management and movement of data between physical locations. Secure data management will be enabled by technologies such as Intel TXT, which provides launch verification and attestation, both of which are tremendously important in cloud implementation scenarios, where machines may reside in different geographic regions. Continued on next page.
22 Intel IT Center Vendor Round Table | Cloud Security