CloudPassage® Halo® delivers the visibility, enforcement and orchestration required to secure modern cloud infrastructure. The magic is a fast, lightweight security agent that attaches to a virtual machine (workload) in any cloud environment (private, public or hybrid). The Halo agent collects status in near real time and enforces comprehensive security policies at the workload level (micro-segmentation) under the instruction of the security analytics engine, which continuously analyzes information about individual VMs and the state of the overall infrastructure environment. Our easy-to-use portal allows customers to centrally automate dozens of critical security and compliance controls as well as instantly report on vulnerabilities.
Traditional, perimeter-based security models simply don't work with cloud infrastructure. Enterprises need a new paradigm -- one that secures data, applications and virtual machines right at the workload. CloudPassage is unique because it is:
CloudPassage is the world's first software-defined security (SDSec) platform. We invented the category long before others began imitating our approach. So, what is SDSec? It's simple. CloudPassage Halo provides the abstraction, automation, orchestration, automatic scalability and API enablement required to protect workloads in modern cloud infrastructure. Here are the details:
Security and compliance is virtualized and able to operate regardless of where underlying hardware might be physically located.
Implement security and compliance controls (e.g. firewall policies, intrusion detection) with minimal human intervention in deployment, configuration and operation.
Centrally manage the composition, deployment, and management of individual control components into more complex, service-oriented security systems.
Security controls are deployed directly into application scaling mechanisms and have the ability to scale based on application scaling triggers.
Security monitoring and enforcement control functions are fully accessible via an open API, enabling full integration with operations and orchestration tools.
This paper summarizes the five architectural principles of SDSec and the ways in which CloudPassage has implemented them by building the Halo SDSec platform for cloud infrastructure.