FireMon Acquires FortyCloud

 

FireMon, a leading provider of US Network Security Policy Management (NSPM), has acquired an Israel-based security company called FortyCloud, for an undisclosed sum. This acquisition is expected to boost the cloud management capabilities of FireMon, as it looks to expand its customer base.

FortyCloud is based in Hod Hasharon, Israel, and it was founded by Amit Cohen, Amir Naftali, and Noam Singer. They are the present CEO, CTO, and Chief Architect of the company respectively. This company specializes in providing secure connectivity across multiple cloud environments, offers identity access management, two-factor authentication for remote cloud access, and abstraction of cloud platforms to ensure that it is easy to comply with the existing regulations.  It’s a small company with ten employees, and all these employees have joined FireMon when the deal was closed earlier this month.

FireMon, on the other hand, is based in Overland Park, Kansas. It was founded in 2004 with an aim to help organizations identify and correct the infrastructural and security gaps in cloud architecture.

This acquisition comes within a year of FireMon launching its first cloud infrastructure security offering, thereby signaling the impressive growth that it has seen over the last year. With this acquisition, FireMon can effectively secure cloud infrastructure and connectivity, that in turn, will make it easier for enterprise clients to move their on-premise infrastructure to the cloud. Currently, security is one of the major concerns of many enterprise, and this is also what is preventing them from moving completely to the cloud. When the underlying infrastructure and connectivity are strengthened, it’s only natural that more companies will move to the cloud. In this sense, this acquisition is likely to boost the client-base of FireMon.

After this acquisition, FireMon will offer support for:

  • Management capabilities of native cloud
  • Automated security mapping
  • Cloud discovery
  • Object abstraction across on-premise security infrastructure and multiple cloud environments
  • Security enforcement across multiple cloud platforms

Besides this addition, FireMon has added more capabilities that’ll allow it to automate its cloud security, encryption, and policy enforcement. In turn, this’ll provide secure connectivity across different cloud providers, and also between an organization’s data center and public cloud infrastructure. All these additions are a part of FireMon’s strategy to help companies better manage their cloud infrastructure.

A report by Gartner shows that by 2020, 95% of cloud security issues will be due to the organization, and not the cloud provider. Addressing these inadequacies in an organization is easier said than done because today’s networked environment is complex, and involves a variety of technologies both on-premise and in the cloud. Such a complex situation requires a clear strategy as well as a set of security tools, and this is exactly where FireMon fits in.

Going forward, FireMon’s acquisition is expected to benefits its customers in a big way, by enhancing security in their connectivity and communication. Such partnerships augur well not only for the companies involved, but also for enterprises that depend on the cloud, as well as the cloud market at large.

The post FireMon Acquires FortyCloud appeared first on Cloud News Daily.

Parallels at HP Enterprise‘s Discover 2016 London

Since their inception last year, Hewlett Packard Enterprise has leveraged the immense expertise of HP to immediately become one of the leaders in business-oriented hardware solutions. As part of their mission to the market, HP Enterprise organizes several conferences around the world to shed light on available solutions. The biggest event by far is the […]

The post Parallels at HP Enterprise‘s Discover 2016 London appeared first on Parallels Blog.

No change here: AWS continues to dominate public IaaS and PaaS markets

(c)iStock.com/JurgaR

Another quarter, another period of dominance for Amazon Web Services (AWS) in public cloud IaaS – according to the latest analysis from Synergy Research.

The figures tell a similar story from previous quarters; the market leaders are growing faster than the rest of the market, but while Microsoft and Google are growing faster than AWS, the Seattle-based giant still holds 45% of the worldwide public IaaS space, dwarfing Microsoft, Google, and IBM’s shares put together.

When it comes to public platform as a service (PaaS), AWS is still the market leader, although the three nearest challengers – Salesforce, Microsoft and IBM – hold slightly more share combined this time. For managed private cloud, however, IBM leads the way with almost 20% global market share, ahead of AWS, Rackspace, and NTT.

The latest figures may show more than ever an entrenched space with the winners and runners up decided.

Yet Synergy argues that in some cases, second tier companies are attempting to buck the trend; Chinese giant Alibaba, in IaaS, and Oracle in PaaS.

Speaking to this publication in July, when Oracle confirmed it was to acquire cloud ERP software provider NetSuite for $9.3 billion, Synergy chief analyst John Dinsdale noted that while the deal would not ‘directly’ help Oracle in the PaaS market, it distinctly remained a top 10 player.

Here, though, the findings are clear. “Amazon, Microsoft and Google continue to invest huge amounts in their hyperscale data centre infrastructure, and all three have recently expanded their data centre footprints and also announced plans to open up more geographic regions in the coming months,” said Dinsdale. “This scale is the prime reason why they are able to gain market share and pressure smaller players into consolidation or refocusing their cloud activities.”

AWS announced in September plans to launch a data centre in Paris, while in the same month IBM sealed the deal to open up a centre in Norway, citing continued Nordic cloud demand.

Agentless vs. agent-based cloud architectures: Why does it matter?

(c)iStock.com/TERADAT SANTIVIVUT

In the world of security, monitoring and analytics solutions for IaaS cloud, there’s a lot of discussion and debate about agent-based vs. agentless service architectures. Your choice of agentless vs. agent-based cloud security can have a big impact on the efficiency of your day-to-day operations for security and compliance as well as your ability to protect your cloud environment in the future. It’s important to understand what the difference is, and be fully aware of the tradeoffs involved in this decision.

So what’s the difference?

Agent-based and agentless services basically differ from each other in how they collect information and provide control across the entities in your cloud environment (network/security groups, server instances, load balancers, database services, etc.). With an agent-based workload security product, you install a small software agent in each of your server instances. The agent is responsible for collecting relevant information from the server it is installed on, sending the information back to a central control system, and giving you the ability to control security at an instance/virtual machine level. For example, agent-based security products gather information about host firewall setup and network traffic flowing between servers, and provide file integrity monitoring (FIM) and the ability to configure the firewall on each host. 

Figure 1: Data aggregation and control with an agent-based approach to cloud security

Agentless services, on the other hand, talk directly to the underlying cloud platform (e.g., AWS, Azure) through the service provider’s API to get information about instances, services and the network, and control security. Because the agentless service talks directly to the platform, no modifications are required in the resources that are part of your environment. Because of this, agentless services, also called cloud-native or API-based services, are completely transparent to the applications and workloads.

Figure 2: Data aggregation and control with an agentless approach

Why it matters

The first workload security platforms for public cloud environments were agent-based. This was in part because the security mechanisms exposed by cloud service providers were still evolving and weren’t as feature-rich in the early years as they are today. Agent-based tools also gave businesses that migrated workloads to the public cloud a way to bring tools that were developed for datacenter environments (and which they were familiar with) into public cloud environments. This made the transition to the public cloud easier for some of them.

But agent-based solutions designed for more static and predictable datacenter environments are a poor fit for the dynamic needs of a public cloud environment. Let’s look at five reasons why.

1. Operational Overhead of Agent Management: In agent-based solutions, you are responsible for installing agents on every instance in your cloud environment, keeping the agent current and up-to-date, and troubleshooting any connectivity issues. This is of course something that has been commonplace in the world of enterprise IT. Customers of endpoint security solutions such as Sophos and antivirus products such as Intel McAfee are used to dealing with agents in Windows and Linux hosts.

However, in cloud environments where you have hundreds or thousands of instances or virtual machines across dozens of VPCs around the world with hundreds of accounts accessing them, and you have instances being added and deleted from your environment frequently, the complexity of managing even something as simple as agents becomes a significant burden. Agent management opens up another small window of vulnerability in a cloud environment. Who can guarantee that an agent is installed on a newly launched rouge instance? In environments with multiple business units and stakeholders with their own configuration management systems and base images, ensuring that an agent is installed in each instance is particularly hard.

2. No Place to Install Agents in Function-as-a-Service (FaaS) and Built-in services: Even as late as five years ago, AWS for most enterprises was just three or four services, namely EC2, S3 and EBS. You could install agents in EC2 instances and fully protect your environment. 

But as of 2016, public cloud has exploded in terms of services offered, now looks more like this:

Figure 4: Broad range of services on AWS today

Many businesses now actively use the built-in database services (DynamoDB, RDS), load balancers (ELB) and big data services (EMR, ElasticSearch). FaaS offerings such as AWS Lambda (aka serverless computing) are also becoming popular. These services either don’t let you install agents in them, or have nowhere to put an agent (where does the agent go in a Lambda function?). Agent-based solutions completely fail to monitor or protect these services. You may not be using these services actively today, but do you want your cloud security solution limiting what you can monitor and protect in the future?

3. No Awareness of Cloud-Native Services: Not only do agent-based security products fail to protect cloud-native services such as ELB and RDS, but they do not even allow these services to be modeled in instance security policies. For example, there is no way to specify in a security policy that an instance can get incoming connections only from an ELB or can send outbound traffic only to RDS. You have to resort to an overly permissive “open to all” approach because of these limitations.

4. Cloud-native security with cloud-agnostic policy automation wins: Managing security and compliance in a cloud-agnostic way is important not only for hybrid cloud scenarios but also for multi-cloud deployments where you may have workloads running on Azure and AWS and don’t want to be tied exclusively to one particular platform. You can achieve cloud-agnostic security management without having to install and manage agents. Cloud security platforms allow you to manage the security posture of multiple public cloud environments by specifying policies and rules (the “what” of cloud security) in a cloud-agnostic way while using the native capabilities of each cloud to implement and enforce the security policies (the “how”). You get the best of both worlds, because you are able to specify security policies once across multiple clouds, and then use the powerful controls provided by each cloud to implement them.

Figure 5: Combining cloud-native implementation with cloud-agnostic policies

5. Unnecessary tax on your AWS environment with agent-based approach: With agent-based solutions, not only do you have agents running in each instance and taking a bite out of CPU utilization, you also have these agents talking to a service controller and consuming bandwidth in your cloud environment. The overhead is, of course very small, but nevertheless it’s still a tax that you are paying on your cloud bill. In an agentless solution, the security platform talks directly to AWS through the cloud’s control plane API, without impacting performance or resource utilization in your cloud environment. 

For Top Cyber Threats, Look in the Mirror | @CloudExpo #Cloud #Analytics #Cybersecurity

A recent report by Praetorian, a cybersecurity company headquartered in Austin, TX, focused on threats that resulted in data compromise or access to sensitive information. Based on a review of 100 separate internal penetration test engagements the study identified the five most prevalent threats to corporate data. The amazing thing about these weaknesses is that the top four are all based on utilizing stolen credentials and the last one helps an attacker be more effective in using those stolen credentials. In other words, the enemy is right there in the mirror! The study spanned 75 unique organizations and only focused on security weaknesses that were used to obtain a full network compromise.

read more

Announcing @VirgilSecurity to Exhibit at @CloudExpo | #Cybersecurity #IoT

Virgil consists of an open-source encryption library, which implements Cryptographic Message Syntax (CMS) and Elliptic Curve Integrated Encryption Scheme (ECIES) (including RSA schema), a Key Management API, and a cloud-based Key Management Service (Virgil Keys). The Virgil Keys Service consists of a public key service and a private key escrow service. 


read more

Penta to Exhibit at @CloudExpo | @CloudExpo @PentaSecSystems #ERP #CRM

November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Penta Security is a leading vendor for data security solutions, including its encryption solution, D’Amo. By using FPE technology, D’Amo allows for the implementation of encryption technology to sensitive data fields without modification to schema in the database environment. With businesses having their data become increasingly more complicated in their mission-critical applications (such as ERP, CRM, HRM), continued attention to data security practices is crucial.

read more

Announcing @MathFreeOn to Exhibit at @CloudExpo | #SaaS #ML #AI #BI

SYS-CON Events announced today that MathFreeOn will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
MathFreeOn is Software as a Service (SaaS) used in Engineering and Math education. Write scripts and solve math problems online.
MathFreeOn provides online courses for beginners or amateurs who have difficulties in writing scripts. In accordance with various mathematical topics, there are more than 200 practical examples, explanations and scripts. This enables you to easily save the scripts and run them on ‘editor.’ You can also change variables or input values on the scripts.

read more

Cloudbric to Exhibit at @CloudExpo | @Cloudbric #IoT #Cyberaware #InfoSec

SYS-CON Events announced today that Cloudbric, a leading website security provider, will exhibit at the 19th International Cloud Expo, which will take place on November 1–3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Cloudbric is an elite full service website protection solution specifically designed for IT novices, entrepreneurs, and small and medium businesses. First launched in 2015, Cloudbric is based on the enterprise level Web Application Firewall by Penta Security Systems, which has served more than 2,900 customers for close to 12 years. Penta Security Systems is a global information security firm headquartered in Seoul, South Korea.

read more

Announcing @CalsoftInc to Exhibit at @CloudExpo | #Cybersecurity #SDN #API

Established in 1998, Calsoft is a leading software product engineering Services Company specializing in Storage, Networking, Virtualization and Cloud business verticals. Calsoft provides End-to-End Product Development, Quality Assurance Sustenance, Solution Engineering and Professional Services expertise to assist customers in achieving their product development and business goals. The company’s deep domain knowledge of Storage, Virtualization, Networking and Cloud verticals helps in delivering high quality products and services at the right time and cost. Our customer focused engagement models and innovative Accelerator IPs speed up time-to-market and accelerate revenue growth for their customers.

read more