A key innovation of Halo’s management and operations model is the ability for customers to spin up new cloud servers in any environment and have all policies applied and updated completely automatically, with no manual provisioning steps needed by the security or operations team.
This model provides security that permits true on-demand use of infrastructure-as-a-service and the benefits of fully automated operations, self-service provisioning, metered usage billing and API access.
The Halo management portal is a SaaS-hosted center for cloud security operations. Security administrators and compliance officers can use the portal to define security policies, assign them to groups of servers, launch and view scan results, and manage security issues and events including compliance reports.
To automate scanning operations across all servers, CloudPassage users can take advantage of the group-based policy management built into Halo. This allows users to apply security policies at any time, such as at initial server launch or even after the server has been operational for some time. Servers are automatically monitored and any security violations are logged and alerted on in real time, ensuring continuous compliance. Policies can be created, assigned, and retired as needed through the Halo Portal or through the CloudPassage REST API.
While day-to-day operations and provisioning are completely automated in Halo, the robust logging, reporting, and alerting capabilities still ensure real-time information about the security posture of your cloud infrastructure, giving you the information you need to know when you need to know about it.
The security logging and alerting capabilities of Halo report on a broad range of important audit events and detailed scan results. A Halo user specifies which issues are to be logged, which should be considered critical, which should generate alerts, and who will receive the alerts that are sent. Given the flexibility and speed of Halo, you can use server groups and alert profiles, along with a special events policy and scan results to create the right alerting scenarios for rapid security response and compliance automation.
When you need to go beyond the Halo Portal’s web-based interface to review and manage your servers, the CloudPassage API offers a secure, authenticated way for programs to directly access Halo functionality. CloudPassage provides a collection of REST APIs that perform many of the same functions that Halo Portal users perform, such as creating a policy, creating or deleting a server group, and running a scan.
Many CloudPassage customers have used the API to construct their own server-management solution or to integrate Halo with other systems. For example:
- Integrating Halo with cloud management and IT automation tools—such as RightScale, Puppet Labs' Puppet, and OpsCode Chef—has been used to transparently embed security into an automated server provisioning process.
- The Halo Event Connector is an integration tool that retrieves event data from a Halo account and imports it into an external SIEM, Log Management, or GRC tool for indexing, processing, and correlation with other events.
We’re always here to help
Halo customers are supported by a full-time staff of expert security analyst and product support engineers. We offer comprehensive professional support for all paid Halo packages, including during your evaluation period. All Halo customers have access to our extensive documentation, support forums, and knowledge base.
Additionally, for advanced implementations and integrations we support professional service engagements through our own team as well as integration partners. Training programs (both remote and on-site) are available as well.