Hewlett Packard Enterprise, Cloud Raxak, and Intel Set New Standard in OpenStack Private Cloud Security with Hardware Basis of Trust



DECEMBER 1-3, 2015 

At the Hewlett Packard Enterprise Discover Conference in London on Dec 1-3rd, Cloud Raxak, in partnership with Hewlett Packard Enterprise (HPE) and Intel, demonstrated an industry first solution to provide assured security compliance on private clouds using a hardware basis of trust.  The Raxak Protect security compliance platform leverages Intel® Cloud Integrity Technology (CIT) built into HPE ProLiant servers, to automatically secure Helion OpenStack Private Clouds from boot-time to run-time. This new capability will enable enterprises to keep their HPE OpenStack Private Clouds continuously compliant with the stringent security requirements of regulated industries including finance, healthcare, retail, telecom, and the federal government.


Raxak Protect Automated Private Cloud Security has four unique components.

  1. Assured Security Compliance through Hardware Basis of Trust

    Raxak Protect utilizes Intel® CIT to provide assured and automated security compliance on HPE ProLiant Servers running the Host OS, the HPE Helion OpenStack controller and settings, and the Guest VMs. Raxak Protect uses Intel CIT to measure the bios, the boot files and the kernel. These results are stored in a signed store and provide the hardware basis of trust.
  2. 24/7 Compliance from Boot-Time to End of Life

    Raxak Protect extends the hardware trust established at boot-time by Intel CIT technology, to run-time and throughout the full life cycle of the HP Helion OpenStack Private Cloud. Raxak Protect does this by continuously checking and remediating the security compliance status of the Host OS, Guest VMs and the cloud applications, databases and tools running within the Guest VMs.
  3. Consistent Security Across Private and Public Clouds

    After securing the hardware basis of trust, Raxak Protect creates and applies a custom security profile for the Private Cloud (eg HPE Helion OpenStack). The private cloud security profile can be based on the Defense Information System Agency (DISA) Mission Critical classified profile or customized to the security requirements of regulated industries including retail (PCI), healthcare (HIPAA), finance (FFIEC) and government (FISMA).This security profile can be consistent or different than the profile used for the public cloud (eg Amazon Web Services). This provides businesses the flexibility to customize their security strategy, so they can develop quickly on the public cloud while deploying production implementations on their private clouds.
  4. Geo Asset Tagging for Location Compliance

    Regulated industries like finance and healthcare, may require that consumer data remain in a specific geographic location. Many public cloud IaaS platforms don’t provide access to location information for the hardware running your application. This makes it hard to provide regulatory auditors the proof that consumer data is being store properly.HP ProLiant Servers with Intel Cloud Integrity Technology running the Helion OpenStack Private Cloud, have geo tagging information for the applications and data.  Intel CIT can provide a variety of asset tag information including the country, state, city, building, room, and server rack.Raxak Protect can access the geo tagging information, and generate an audit ready report with the location information needed to meet compliance standards.

To learn more about Raxak Protect Automated Security Compliance, HP Helion OpenStack and Intel Cloud Integrity technology, please review the following resources.


Back to Top