Halo was purpose-built to automate infrastructure security & compliance in private clouds, public IaaS, and hybrid/multi-cloud hosting environments.
The Halo SDSec platform uses the power of elastic compute and big-data analytics to automate a wide range of security & compliance controls directly to virtual machine instances hosted in any cloud infrastructure environment.
At the heart of the Halo platform is a security analytics engine that contains policies and logic to implement a number of monitoring and enforcement controls. These controls are modular and can be activated and deactivated as needed.
Based on customer policies and settings, Halo's control modules interact with a small VM-based agent (6 MB) to collect workload status and event information in near real time. The Halo security analytics engine continuously analyzes information about individual VMs and the state of the overall infrastructure environment. The analytics engine makes and implements decisions such as automated policy changes, alert generation, intrusion containment actions, etc.
Security teams are now faced with multiple cloud infrastructure environments, each with its own set of risks, capabilities, and technical constraints. The Halo SDSec platform offers these teams the ability to consolidate controls into one central, automated environment that works seamlessly across any mix of infrastructure and at any scale.
Halo eliminates the complexities of managing a large number of point solutions across diverse and widely distributed environments. And because Halo's architecture implements the principals of SDSec, the resulting consolidated control environment is automated, orchestrated, transparently scalable, and abstracted from hardware, topology & other physical factors.
Deploy and manage dynamic firewall policies across public, private, and hybrid cloud environments. Build firewall policies from a simple web-based interface, and assign them to groups of servers. Policies update automatically within seconds of server additions, deletions and IP address changes.
Halo Multifactor Network Authentication enables secure remote network access using two-factor authentication via SMS to a mobile phone, or using a YubiKey® with no additional software or infrastructure. Keep your server ports hidden and secure from the rest of the world while allowing temporary access on demand for authorized users only.
Automatically monitor operating system and application configurations, processes, network services, privileges, and more. Evaluate new and reactivated servers against the latest configuration policies in seconds with almost no CPU utilization.
Halo scans for vulnerabilities in your packaged software rapidly and automatically, across all of your cloud environments–precisely where traditional software scanning products are unable to operate effectively. With Halo, thousands of server configuration points can be assessed in minutes, helping you to maintain continuous exposure awareness in the cloud.
Protect the integrity of your cloud servers by constantly monitoring for unauthorized or malicious changes to important system binaries and configuration files. File Integrity Monitoring first saves a baseline record of the "clean" state of your cloud server systems. It then periodically re-scans each server instance and compares the results to that baseline. Any differences detected are logged and reported to the appropriate administrators.
Evaluate who has accounts on which cloud servers, what privileges they operate under, and how accounts are being used. Halo provides a single online management console where you can monitor your servers in public, private and hybrid cloud environments. The convenient user interface makes it easy for you to identify accounts that should have been removed.
Halo's security logging and alerts capabilities detect a broad range of events and system states, alerting you when they occur. The platform allows users to define which events generate logs or alerts, whether they are critical, and who will receive them.
Halo's REST API provides full automation of your cloud deployments and lets you integrate your security platform with your other systems. Once installed, Halo can automatically monitor security compliance rules across thousands of systems.
With one central point of visibility, Halo allows true on-demand use of infrastructure-as-a-service and the benefits of fully automated operations, whether deployed in public, private, or hybrid cloud environments.