CloudPassage is a security SaaS company offering the industry’s only server security and compliance product purpose-built for elastic cloud environments. The company addresses the technical challenges of securing highly dynamic cloud hosting environments where consistent physical location, network control and perimeter security are not guaranteed.
CloudPassage Halo is the first fully elastic, portable security solution for protecting cloud servers. Halo provides vulnerability management, compliance monitoring, centralized iptables/NetFilter firewall management, and server account auditing. Future features will include intrusion detection & prevention, remote server forensics, and fully portable host-to-network VPN capabilities.
The Halo platform is provided to CloudPassage and Rightscale customers as a security Software-as-a-Service. This makes the Halo products easily accessible without the need for hardware, complex deployment or special expertise. The major components of the Halo platform include:
- Halo Daemon: The Halo Daemon is a very lightweight (~2 Mb) and well-protected software component that runs as a service on each cloud server. The Halo Daemon monitors important server security factors, e.g. IP addressing, installed software, running processes and open network ports. The Halo Daemon provides information to the Halo Grid as needed, and responds to commands from the Halo Grid to take actions such as updating iptables firewall rules.
- Halo Grid: The Halo Grid is a powerful and sophisticated elastic compute cloud provides sophisticated analytics that evaluate data collected by the Halo Daemon, making decisions on exposures and compliance concerns to be reported and updates to security parameters such as iptables policies. The Halo Grid does the "heavy lifting" on behalf of the Halo Daemons, ensuring that customers' server resources and performance are preserved.
- Halo Portal: The Halo Portal is the single pane of glass used to manage all Halo product capabilities. Policy configuration, review of compliance status, evaluation of reported exposures and even generation of Halo Daemon installation scripts are all provided through the Halo Portal. The interface was designed in collaboration with UX/UI experts and real-world users of CloudPassage products to help provide easily accessible, intuitive functionality.
CloudPassage has partnered with RightScale to deliver CloudPassage’s Halo offering via a Rightscript. This CloudPassage Halo RightScript can be deployed to multiple clouds and servers with one click using the RightScale management platform. The script takes care of downloading, installing and activating the CloudPassage on your servers in just a few minutes.
Users of these images can use a new or existing CloudPassage account to monitor and maintain the security of their servers by ongoing verification and management of the server’s security configuration.
All RightScale customers can easily sign up for a free CloudPassage user account here.
CloudPassage will continue to expand its portfolio of Rightscripts it makes available in the RightScale library. Please check the library often for new CloudPassage Rightscripts and also for pre-hardened server templates in the future.