Security Compliance for Cloud Assets
Since 2014, Cloud Raxak has been working with Hewlett Packard Enterprise (HPE) to integrate Cloud Raxak’s industry leading cloud security solutions into Hewlett Packard Enterprise product offerings.
Prasanna Mulgaonkar, CEO of Cloud Raxak, discusses how the Raxak Protect security platform delivers automated compliance for public and private clouds through HPE Cloud Service Automation (CSA) and HPE Helion.
Read below for complete details about each of these joint offerings with Hewlett Packard Enterprise.
Cloud Raxak, and Intel and Hewlett Packard Enterprise, have developed to provide assured security compliance on private clouds using a hardware basis of trust. The Raxak Protect security compliance platform leverages Intel TXT built into HPE ProLiant and Intel Cloud Integrity Technology, to automatically secure Helion OpenStack Private Clouds from boot-time to run-time. This new capability will enable enterprises to keep their HPE OpenStack Private clouds continuously compliant with the stringent security requirements of regulated industries including finance, healthcare, retail, telecom, and the federal government. Raxak Protect Private Cloud Security has four unique components.
Raxak Protect utilizes Intel CIT to provide assured and automated security compliance on HP ProLiant Servers running the Host OS, the Helion OpenStack controller and settings, and the Guest VMs. Raxak Protect uses Intel CIT to measure the bios, the boot files and the kernel. These results are stored in a signed store and provide the hardware basis of trust.
Raxak Protect extends the hardware trust established at boot-time by Intel CIT technology, to run-time and throughout the full life cycle of the HP Helion OpenStack Private Cloud. Raxak Protect does this by continuously checking and remediating the security compliance status of the Host OS, Guest VMs and the cloud applications, databases and tools running within the Guest VMs.
Raxak Protect creates and applies a custom security profile for the Private Cloud (eg HPE Helion OpenStack). The private cloud security profile can be based on the Defense Information System Agency (DISA) Mission Critical classified profile or customized to the security requirements of regulated industries including retail (PCI), healthcare (HIPAA), finance (FFIEC) and government (FISMA). This security profile can be consistent or different than the profile used for the public cloud (eg Amazon Web Services). This provides businesses the flexibility to customize their security strategy, so they can develop quickly on the public cloud while deploying production implementations on their private clouds.
Regulated industries like finance and healthcare, may require that consumer data remain in a specific geographic location. Many public cloud IaaS platforms don’t provide access to location information for the hardware running your application. This makes it hard to provide regulatory auditors the proof that consumer data is being store properly. HP ProLiant Servers with Intel Cloud Integrity Technology running the Helion OpenStack Private Cloud, have geo tagging information for the applications and data. Intel CIT can provide a variety of asset tag information including the country, state, city, building, room, and server rack. Raxak Protect can access the geo tagging information, and generate an audit ready report with the location information needed to meet compliance standards.