Amazon cloud performance monitoring system goes a step further than competitors with specialized version that complies with federal security regulations.
VMware Vs. Microsoft: 8 Cloud Battle Lines
(click image for larger view and for slideshow)
Last November a small startup called CloudCheckr launched the beta of its performance-monitoring system for Amazon Web Services. Now, it's bringing out a specialized version, CloudCheckr Gov, suitable for monitoring performance on AWS GovCloud, no mean trick because security requirements keep most independent monitors out.
CloudCheckr is part of a small but thriving third-party market consisting of companies that shed more light on what's going on inside the AWS cloud. Cloudability, Cloudyn, Cloud Cruiser, Newvem, ExtraHop Networks and Uptime Software occupy this space and compete for AWS users.
CloudCheckr is an online service that provides basic AWS monitoring for free, and advanced, CloudCheckr Pro for $179 a month. CloudCheckr Gov is also priced at $179 a month. It's more than a passive monitor. It checks for up to 150 best practices in cloud workload configurations and security alignments. It can advise what should be done when it spots an exposure or shortcoming. With evident foreign interest in hacking U.S. government agencies, expertise in security and the ability to monitor GovCloud help set CloudCheckr apart.
CloudCheckr, based in Rochester, N.Y., must provide built-in controls that assure GovCloud is being accessed by U.S. citizens. It can do so in part through its partnership with JHC Consulting, a veteran-owned business that specializes in, among other things, reselling AWS infrastructure to government agencies.
"The expertise of the team at JHC Technology has been critical in accelerating the launch of CloudCheckr Gov," said Aaron Klein, COO of CloudCheckr, in an email message following the announcement.
CloudCheckr uses that capability to dismiss some of its rivals. "Other chief vendors in our space, Newvem and Cloudyn, are not able to provide GovCloud support since each is based in Israel (and thus does not meet the U.S. Persons-only standard for GovCloud access). But the CloudCheckr development team was initially based in Argentina, and CloudCheckr still lists a "satellite office" in Argentina, which isn't so different from its rivals.
Regardless of the issue of national boundaries, both AWS and AWS GovCloud meet the "moderate" standard set by Federal Information Security Management Act (FISMA) for computing infrastructure. CloudCheckr assesses workloads sent to GovCloud to alert their owners to any FISMA moderate control exceptions and benchmark compliance and performance in the areas of shared control with GovCloud. CloudCheckr Gov also ensures compliance with International Traffic In Arms regulations.
GovCloud has its own API, which is formatted differently from the standard AWS CloudWatch monitoring service. CloudCheckr has integrated its monitoring and performance analysis into the GovCloud API. Likewise, GovCloud has different purchasing options and pricing tables from the standard AWS pricing, including the option to purchase physical hardware on which to run an instance.
The CloudCheckr Gov service arrived as sequestration cuts decrease federal agency budgets and reduce capital expenditures. Company spokesmen say the GovCloud service can aid agencies in adopting cloud computing and meet the FedRamp directive for agencies to move more operations into the cloud.
To encourage adoption, Amazon recently made a GovCloud Management Console available that mimics the functions of the regular Amazon management console, but access to the GovCloud console is restricted to authorized GovCloud users.
CloudCheckr isn't oriented toward one industry segment. It launched CloudCheckr Gov because it wants to help "a broad range of companies and organizations" use the Amazon cloud, Klein said via email.
CloudCheckr received $2 million from Genesee Capital and Garrison Capital in its Series A round of funding April 11.
How Enterprises Are Attacking the IT Security EnterpriseTo learn more about what organizations are doing to tackle attacks and threats we surveyed a group of 300 IT and infosec professionals to find out what their biggest IT security challenges are and what they're doing to defend against today's threats. Download the report to see what they're saying.
Digital Transformation Myths & TruthsTransformation is on every IT organization's to-do list, but effectively transforming IT means a major shift in technology as well as business models and culture. In this IT Trend Report, we examine some of the misconceptions of digital transformation and look at steps you can take to succeed technically and culturally.