Whether running in public clouds, private data centers, or moving across the two, proper server and application hardening and ongoing monitoring are the key to achieving continuous compliance and ensuring adherence with corporate security policies. Built into the stack and portable across any environment, Halo is designed to provide automated security for your cloud servers’ infrastructure.
Configuration security monitoring, software vulnerability and patch management, and file integrity and registry monitoring are all key security controls recommended as industry best practices and required by numerous compliance regulations. Halo makes it easy to automate the initial scanning and ongoing verification of server posture, and it protects the operating system, application stacks, and proprietary code and data.
In today's heterogeneous environments, establishing and maintaining secure server configurations is critical. The Halo configuration scanning feature allows you to automatically evaluate existing, newly created, and reactivated Linux and Windows servers against the latest configuration policies customized specifically for them.
Configuration scanning with Halo allows you to assess thousands of server configuration points in minutes, which lets you maintain continuous exposure and compliance awareness across your infrastructure. These capabilities are crucial to maintaining server configurations that can withstand the more exposed environments of public and hybrid clouds.
Keeping software up-to-date with the latest patches is a critical piece of ongoing security and compliance programs. Halo’s Software Vulnerability Assessment feature scans installed software packages and compares them against the list of internationally recognized software vulnerabilities published by NIST and other authorities.
When a new vulnerability is found, Halo quickly and easily ranks it and gives the security and operations team a complete set of information as to the scope and exposure of your system, allowing you to prioritize issues across your entire cloud infrastructure and ensure that packages remain secure and up-to-date.
CloudPassage File Integrity Monitoring allows you to protect your Linux and Windows cloud servers against data breaches, system instability, performance issues and even regulatory compliance-related challenges. File Integrity Monitoring works by first saving a baseline record of the "clean" state of your cloud server images. Halo then periodically scans each server instance and compares the results to that baseline. Any differences detected are logged and administrators are alerted.
File Integrity Monitoring regularly monitors your servers for unauthorized or malicious changes to the content of important system binaries and configuration files. The Halo Portal displays important information regarding any such changes.
On Windows servers, the registry is an essential component of the system, containing location and configuration information for essentially all installed system-level and application-level components. Unexpected changes to certain registry keys can be indicators of malicious activity on the system. File Integrity Monitoring can detect and alert you to changes that you feel could be security issues, and the Halo Portal can display them for you.
Designed for cloud operations
CloudPassage Halo’s server-integrity and intrusion-detection features are designed specifically to work efficiently in cloud environments. Cloud-aware capabilities of Halo include:
- Group-based policy management
- Designed to support multiple generations of cloud server images without undue alerts
- Prevention of exposure sprawl that occurs when weakly configured servers are cloned or burst
- Robust exception handling for fine-grained control of which issues need to be addressed and which can be ignored
- API access enables integration with existing management and security operations systems, as well as advanced cloud security solutions to be developed
Halo’s security benefits
Server integrity and intrusion detection provides broad and flexible coverage of your servers’ security needs:
- Out-of-the-box policy templates can be customized for user-defined standards
- Available on both Linux and Windows servers
- Detection of undesired configuration settings, processes, open ports, or access permissions
- Real time awareness of known vulnerabilities in packages
- Detection of unauthorized changes to file content, ownership, permissions, and even existence