Cloud Virtualization Security

Cloud Virtualization Security

In January of 2018, Cloud Hopper exposed a major issue in cloud operations – a lack of external protection for cloud virtualization servers.  These servers connect the physical and virtual cloud systems and infecting a small number of these devices exposes millions of virtual devices to any manner of attacks.  Against security best practices, there does not exist any third-party protection for these machines – just whatever the hardware manufacturer provides out of the box.

Bear Differentiator

Bear is able to provide a hierarchical series of policies through its sophisticated workflow engine-based agents that can handle multiple parties at the same time.  Bear also effortlessly crosses the virtual and physical boundaries and can extend coverage accordingly.  Finally, Bear provides instance-based agents for each device (virtual or physical) and can readily scale up or down as required.

These features enable Bear to provide third-party protection for virtualization servers which, in turn, enables a large series of potential benefits:

Cloud Providers can:
  • Run one layer of protection completely controlled by the provider
  • Operate on physical and virtual machines with no customer disruption
  • Solve same physical device communications control issues
  • Enable deep logging/auditing that can be expanded into customer controls
  • Support storage-friendly security
    • Encrypt down to the packet/fragment/bit level
    • Decrypt once on a device for transparent data-in-transit protection
    • Manage independent protection of any customer security controls
    • Provide inline volume encryption that is controlled externally
      • Keys can even be managed on the chip
  • Supports ABAC
    • Enable Attribute-Based Access Control (ABAC) which requires extensive granularity
    • Provide LDAP extensions as the device agents extend into user-device and even user-device-application paradigms
Cloud Consumers receive an independent layer of security and fully control that protection
  • Providers handle all interactions through completely automated/anonymized interchange

Bear enables all of these features through an intuitive interface that is familiar to network and system administrators found in most system integrators and solution providers. By emulating best practices in network security, Bear enables integrators and providers to quickly gain market traction in this critical new vertical.

Contact Us to learn more about Bear Security Services