Catbird Monitoring VMs In Amazon EC2 - InformationWeek
Cloud // Software as a Service
02:01 PM
Connect Directly

Catbird Monitoring VMs In Amazon EC2

A version of Catbird's vSecurity Cloud Edition is available as an app in Amazon's EC2-approved catalog of application services.

Catbird, a specialist in supplying virtual machine security, will be the source of a new Amazon cloud application that supplies security surveillance to virtual machines running in EC2.

The fact that a security system is monitoring virtual machines and is ready to enforce SOX, PCI and HIPAA policies brings cloud workloads into compliance with those regulations, said Michael Berman, Catbird CTO. If he's correct, then a major barrier to offloading IT workloads from the enterprise data center to the cloud may have found a solution.

In addition to Catbird, many security companies are working on surveillance systems for monitoring virtual machines running in cloud computing environments, including Trend Micro and McAfee. VMware has published a VMsafe API through which such companies may connect their monitoring and policy systems to the virtual machine.

A version of Catbird's vSecurity Cloud Edition is available as an application in Amazon's EC2-approved catalog of application services; thus far it is the only security service available in EC2. By tapping the Catbird application, a customer can provision an EC2 server with Catbird to monitor the operation of virtual servers running his or her workload. Doing so satisfies one of the primary requirements of SOX, PCI and HIPAA regulations, even though the workload has left the user's premises and is being executed in the cloud.

"You can't be PCI compliant without vulnerability monitoring," Berman said. That's made it hard to conceive of some workloads moving out of the data center to be executed in a public cloud, where the data owner doesn't control the security provisions of the servers.

But the Catbird service, which amounts to the customer commissioning another Amazon Machine Image virtual server and paying Amazon's hourly charges as well as the Catbird subscription, can sit next to the running virtual machines, monitoring their network traffic and analyzing it for trouble.

In addition to PCI, HIPAA, and SOX, the service can monitor for DIACAP compliance, COBIT, or Control Objectives for Information and related Technologies, a best practices framework for IT operations set up by the IT Governance Institute; and FISMA, the Federal Information Security Management Act of 2002, compliance.

"We do port scanning," said Berman, referring to the checking of server ports to see whether they are closed in the Amazon setting rather than open and subject to an intruder. "Is a port open when it shouldn't be? That's a vulnerability" that's not allowed under various regulations, he noted. The security monitor performs many other vulnerability detection functions, such as blocking cross-site scripting attempts.

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
1 of 2
Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends for 2018
As we enter a new year of technology planning, find out about the hot technologies organizations are using to advance their businesses and where the experts say IT is heading.
Twitter Feed
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.
Flash Poll