Cloud // Software as a Service
News
10/29/2009
02:01 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Catbird Monitoring VMs In Amazon EC2

A version of Catbird's vSecurity Cloud Edition is available as an app in Amazon's EC2-approved catalog of application services.

Catbird, a specialist in supplying virtual machine security, will be the source of a new Amazon cloud application that supplies security surveillance to virtual machines running in EC2.

The fact that a security system is monitoring virtual machines and is ready to enforce SOX, PCI and HIPAA policies brings cloud workloads into compliance with those regulations, said Michael Berman, Catbird CTO. If he's correct, then a major barrier to offloading IT workloads from the enterprise data center to the cloud may have found a solution.

In addition to Catbird, many security companies are working on surveillance systems for monitoring virtual machines running in cloud computing environments, including Trend Micro and McAfee. VMware has published a VMsafe API through which such companies may connect their monitoring and policy systems to the virtual machine.

A version of Catbird's vSecurity Cloud Edition is available as an application in Amazon's EC2-approved catalog of application services; thus far it is the only security service available in EC2. By tapping the Catbird application, a customer can provision an EC2 server with Catbird to monitor the operation of virtual servers running his or her workload. Doing so satisfies one of the primary requirements of SOX, PCI and HIPAA regulations, even though the workload has left the user's premises and is being executed in the cloud.

"You can't be PCI compliant without vulnerability monitoring," Berman said. That's made it hard to conceive of some workloads moving out of the data center to be executed in a public cloud, where the data owner doesn't control the security provisions of the servers.

But the Catbird service, which amounts to the customer commissioning another Amazon Machine Image virtual server and paying Amazon's hourly charges as well as the Catbird subscription, can sit next to the running virtual machines, monitoring their network traffic and analyzing it for trouble.

In addition to PCI, HIPAA, and SOX, the service can monitor for DIACAP compliance, COBIT, or Control Objectives for Information and related Technologies, a best practices framework for IT operations set up by the IT Governance Institute; and FISMA, the Federal Information Security Management Act of 2002, compliance.

"We do port scanning," said Berman, referring to the checking of server ports to see whether they are closed in the Amazon setting rather than open and subject to an intruder. "Is a port open when it shouldn't be? That's a vulnerability" that's not allowed under various regulations, he noted. The security monitor performs many other vulnerability detection functions, such as blocking cross-site scripting attempts.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
8 Steps to Modern Service Management
8 Steps to Modern Service Management
ITSM as we know it is dead. SaaS helped kill it, and CIOs should be thankful. Here’s what comes next.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July10, 2014
When selecting servers to support analytics, consider data center capacity, storage, and computational intensity.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join InformationWeek’s Lorna Garey and Mike Healey, president of Yeoman Technology Group, an engineering and research firm focused on maximizing technology investments, to discuss the right way to go digital.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.