Automated cloud server security

Dome9 Security announced its new multi-platform security management service that automates cloud server security for both enterprises and cloud hosting providers.

Dome9 provides secure access to customers’ cloud servers through its Secure Access Lease technology, which provides dynamically generated, time-based secure access to cloud servers that automates security policy to make servers virtually invisible to hackers.

With it, all administrative access on a cloud server is closed by default, and opened only when, for whom, and for as long as it is needed. It automatically enables and disables cloud server access for a specific user and time period. This automation eliminates the manual overhead of managing access, and closes the security gap that results from administrators forgetting to log back in and disable access.

Because the service is multi-platform, it centralizes security management across multiple cloud service providers (e.g., AWS EC2, RackSpace, Terremark, GoGrid, etc.) enabling customers to apply a consistent security architecture to multiple clouds. In addition, Dome9’s security policy is portable, so as cloud servers are migrated or replicated within or across service providers, security is persistent.

New capabilities include:

• Multi-tier administration – the service now offers several tiers of administration with configurable levels of control for delegated administrators. With multi-tier administration, super-users can have full control over all cloud servers, while delegated administrators may be granted partial or limited access to a predefined set of machines.
• Expanded Windows and Linux support – The Dome9 agent now supports CentOS 6.0 and Ubuntu, covering all major versions of Linux and Windows operating systems, including CentOS/RHEL 5.x and 6.0, Debian 6, and Windows 2008 R2, 2008, 2003 R2 and 2003.
• Account activity auditing – the service’s auditing provides full, account-level visibility and logging of user activity. Advanced filters let administrators drill down to see when users have logged on to Dome9 Central, changed security policies, sent secure access invitations, and accessed cloud machines.

The heart of the system, Dome9 Central, orchestrates access to the cloud infrastructure, allowing full control and protection of the environment. Its interface ensures users build the right security policy for their servers. Using Dome9 Central’s secure web service, cloud access can be granted from anywhere and changes are deployed instantly.

The lightweight Dome9 Agent works for virtual machines in private or public clouds, and for dedicated servers, supporting Linux and Windows servers running all virtualization technologies (including VMware, Citrix Xen, KVM, Parallels and Microsoft’s Hyper-V). Dome9 Connect, its API-based integration module for cloud providers, can be used to manage Amazon’s Web Services EC2 & VPC Security Groups, without deploying complex daemons, but by using their API keys.

Unlike dedicated software or hardware-based firewalls and security tools that can cost thousands of dollars every month and require tremendous resource to manage, this new service leverages security already built into every hosted and cloud server, costs just $20 per server per month, and is deployed in less than a minute.