loud ecurity and management oftware uite · web browser ( microsoft ie or firefox) with adobe...

2
PRODUCT BRIEF CLOUDLINKSECURITY AND MANAGEMENT SOFTWARE SUITE Copyright © AFORE Solutions Inc. All rights reserved. Rev 1.0 Concerns over cloud security, manageability, performance, and reliability have been the biggest barriers to the more rapid and wider spread adoption of cloud services. Leveraging the cloud offers enterprises significant cost savings and flexibility and Cloud Service Providers compelling revenue generating opportunities. AFORE’s CloudLink™ software suite combines cloud infrastructure security and manageability with performance monitoring to protect mission critical data in motion and at rest. SECURE, MANAGE, AND MONITOR PRIVATE, HYBRID, AND PUBLIC CLOUDS CloudLink™ is installed as a virtual appliance in private, hybrid, and public clouds to secure virtual resource pools – virtual machines (VM), networks, and data stores – in multi-tenant environments. All network and storage data is encrypted with the enterprise having full control over encryption keys and security policy. CloudLink™ seamlessly integrates with virtualization and cloud infrastructures and it can be set up as a cloud service template – making it easy to order and self- provision. CLOUDLINK ARCHITECTURE CloudLink consists of three key components and can be installed into data centers and cloud environments without impacting the existing network and storage infrastructure. CloudLink vNode is a software virtual appliance deployed in the cloud. The vNode acts as the communications endpoint between VMs in the virtual data center (VDC) and the enterprise network. vNode works with the gateway on the enterprise side for end-to-end performance monitoring and testing. Inside the cloud, vNode interacts with the cloud infrastructure layer to encrypt storage, collect logs and events, monitor the VMs and storage, and feed the management information back to the enterprise. CloudLink Gateway is a software virtual appliance deployed inside the enterprise data center. The CloudLink Gateway communicates with CloudLink vNodes deployed in the cloud to create a secure Ethernet overlay to the enterprise specific VDCs. The CloudLink Gateway authenticates vNodes, monitors connectivity, initiates performance testing, and pushes the enterprise controlled encryption keys via the secure tunnel to the vNodes deployed in the cloud. CloudLink Center is a management application that can be utilized as a web application or as a VMware vCenter™ plug-in. It manages the CloudLink Gateway and vNode, administers trust policies, configures encrypted storage volumes, monitors end-to-end network performance, reports events, logs and alarms, and presents the enterprise topology. BENEFITS For the enterprise: - Security and privacy in the cloud. - Secure disaster recovery into the cloud. - Enterprise controls its VDCs in the cloud. - Layer 2 Ethernet Overlay for easy workload migration to the cloud. - Seamless integration of cloud VDC with enterprise IT infrastructure. - No application or network changes required. - Powerful network performance monitoring and fault diagnostics. - Ease compliance auditing. - Integration with VMware ™ to ease management. For the Cloud Service Provider: - Adding encryption services into cloud service portfolio for broader customer appeal. - Broadens potential customer base by enabling hosting of workloads subject to regulatory compliance. - Tenant-based storage encryption facilitates coexistence of multiple tenants on a single host/storage array. - Powerful network performance monitoring and fault diagnostics.

Upload: vodieu

Post on 06-Jul-2018

216 views

Category:

Documents


0 download

TRANSCRIPT

Page 1: LOUD ECURITY AND MANAGEMENT OFTWARE UITE · Web Browser ( Microsoft IE or Firefox) with Adobe Flash™ plugin 512 MB Memory 8 GB Storage ... -tenant cloud environment Cloud Link guards

PRODUCT BRIEF

CLOUDLINK™ SECURITY AND MANAGEMENT

SOFTWARE SUITE

Copyright © AFORE Solutions Inc. All rights reserved. Rev 1.0

Concerns over cloud security, manageability, performance, and reliability have been the biggest barriers

to the more rapid and wider spread adoption of cloud services. Leveraging the cloud offers enterprises

significant cost savings and flexibility and Cloud Service Providers compelling revenue generating

opportunities. AFORE’s CloudLink™ software suite combines cloud infrastructure security and

manageability with performance monitoring to protect mission critical data in motion and at rest.

SECURE, MANAGE, AND MONITOR PRIVATE, HYBRID, AND PUBLIC CLOUDS

CloudLink™ is installed as a virtual appliance in private, hybrid, and public clouds

to secure virtual resource pools – virtual machines (VM), networks, and data

stores – in multi-tenant environments. All network and storage data is encrypted

with the enterprise having full control over encryption keys and security policy.

CloudLink™ seamlessly integrates with virtualization and cloud infrastructures and

it can be set up as a cloud service template – making it easy to order and self-

provision.

CLOUDLINK ARCHITECTURE

CloudLink consists of three key components and can be installed into data centers

and cloud environments without impacting the existing network and storage

infrastructure.

CloudLink vNode is a software virtual appliance deployed in the cloud. The vNode

acts as the communications endpoint between VMs in the virtual data center

(VDC) and the enterprise network. vNode works with the gateway on the

enterprise side for end-to-end performance monitoring and testing. Inside the

cloud, vNode interacts with the cloud infrastructure layer to encrypt storage,

collect logs and events, monitor the VMs and storage, and feed the management

information back to the enterprise.

CloudLink Gateway is a software virtual appliance deployed inside the enterprise

data center. The CloudLink Gateway communicates with CloudLink vNodes

deployed in the cloud to create a secure Ethernet overlay to the enterprise

specific VDCs. The CloudLink Gateway authenticates vNodes, monitors

connectivity, initiates performance testing, and pushes the enterprise controlled

encryption keys via the secure tunnel to the vNodes deployed in the cloud.

CloudLink Center is a management application that can be utilized as a web

application or as a VMware vCenter™ plug-in. It manages the CloudLink Gateway

and vNode, administers trust policies, configures encrypted storage volumes,

monitors end-to-end network performance, reports events, logs and alarms, and

presents the enterprise topology.

BENEFITS

For the enterprise:

- Security and privacy in the cloud.

- Secure disaster recovery into the

cloud.

- Enterprise controls its VDCs in

the cloud.

- Layer 2 Ethernet Overlay for easy

workload migration to the cloud.

- Seamless integration of cloud

VDC with enterprise IT

infrastructure.

- No application or network

changes required.

- Powerful network performance

monitoring and fault diagnostics.

- Ease compliance auditing.

- Integration with VMware ™ to

ease management.

For the Cloud Service Provider:

- Adding encryption services into

cloud service portfolio for

broader customer appeal.

- Broadens potential customer

base by enabling hosting of

workloads subject to regulatory

compliance.

- Tenant-based storage encryption

facilitates coexistence of multiple

tenants on a single host/storage

array.

- Powerful network performance

monitoring and fault diagnostics.

Page 2: LOUD ECURITY AND MANAGEMENT OFTWARE UITE · Web Browser ( Microsoft IE or Firefox) with Adobe Flash™ plugin 512 MB Memory 8 GB Storage ... -tenant cloud environment Cloud Link guards

PRODUCT BRIEF

CLOUDLINK™ SECURITY AND MANAGEMENT

Copyright © AFORE Solutions Inc. All rights reserved. Rev 1.0

CLOUDLINK KEY FEATURES

Encryption of Data in Motion/Virtual Private Network (VPN)

data center inside the enterprise and a virtual data center inside the cloud. All communications between the

enterprise and the cloud is encrypted using AES

Secure Ethernet Overlay ― CloudLink’s Layer 2 Ethernet extension functionality allows enterprises to easily migrate

their workloads between enterprise data centers and cloud data centers without changing existing applications and

VMs. CloudLink’s secure Ethernet overlay is WAN ag

Encryption of Data at Rest ― CloudLink provides enterprises with the option to encrypt data at rest using AES

encryption technology. In a dynamic and multi

problems and storage layer side attacks. Encryption of data at rest enables enterprises to meet storage data deletion

compliance requirements when moving workloads out from the cloud while defending against malicious or

misbehaving co-tenants.

TrustWatch Performance Monitoring and

and monitoring into the cloud enabling

CloudLink continually reports traffic

statistics on a per tunnel and per VM basis

by monitoring the network’s end-to-end

availability, throughput, round trip latency,

packet loss, and security policy. It also

provides a suite of tests and diagnostics

tools to isolate performance and SLA issues.

CloudLink collects logs and events

associated with the enterprise resource

pool and reports them via CloudLink Center

to the enterprise IT administrator for

monitoring and auditing purposes.

CloudLink includes key management to

facilitate encryption based on trust policies.

Manageability and Control ― CloudLink

Center presents a comprehensive suite of

management tools including a topology

map, performance dash board, alarm monitoring and in

vCloud™ based solutions. CloudLink Center provides a Web

vCenter™ plug-in. CloudLink software applia

VMware vSphere™ platform. The solution supports VMware vSphere™ and VMware™ vCloud™ APIs for seamlessly

integration with external cloud management platforms

Technical Specifications

Enterprise Side

VMware ESXi/ESX™ 4.x+ or VMware Player™

vCenter is optional

Web Browser ( Microsoft IE or Firefox) with Adobe Flash™ plugin

512 MB Memory

8 GB Storage

For more information please contact us at

www.aforesolutions.com.

ANAGEMENT SOFTWARE SUITE

Copyright © AFORE Solutions Inc. All rights reserved. Rev 1.0

Encryption of Data in Motion/Virtual Private Network (VPN) ― CloudLink establishes a secure VPN tunnel between a

data center inside the enterprise and a virtual data center inside the cloud. All communications between the

is encrypted using AES-256 encryption technology.

CloudLink’s Layer 2 Ethernet extension functionality allows enterprises to easily migrate

their workloads between enterprise data centers and cloud data centers without changing existing applications and

VMs. CloudLink’s secure Ethernet overlay is WAN agnostic, working over Internet, IP VPN, and Carrier Ethernet WANs.

CloudLink provides enterprises with the option to encrypt data at rest using AES

encryption technology. In a dynamic and multi-tenant cloud environment CloudLink guards against data remanence

problems and storage layer side attacks. Encryption of data at rest enables enterprises to meet storage data deletion

compliance requirements when moving workloads out from the cloud while defending against malicious or

onitoring and Diagnostics ― CloudLink extends carrier grade performance management

enabling an end-to-end network and security view from an enterprise to a cloud.

statistics on a per tunnel and per VM basis

end

availability, throughput, round trip latency,

provides a suite of tests and diagnostics

te performance and SLA issues.

associated with the enterprise resource

pool and reports them via CloudLink Center

CloudLink includes key management to

facilitate encryption based on trust policies.

CloudLink

Center presents a comprehensive suite of

management tools including a topology

rformance dash board, alarm monitoring and in-band diagnostics and integrates seamlessly with VMware

vCloud™ based solutions. CloudLink Center provides a Web-based interface and can also be configured as a VMware

in. CloudLink software appliances conform to the OVF standard and can be deployed as a vApp onto a

VMware vSphere™ platform. The solution supports VMware vSphere™ and VMware™ vCloud™ APIs for seamlessly

integration with external cloud management platforms.

Cloud Side

VMware ESXi/ESX™ 4.x+ or VMware Player™ VMware vCenter™

• VMware ESX/ESXi™ 4.x+

Web Browser ( Microsoft IE or Firefox) with Adobe Flash™ plugin • Active cloud service account

• 512 MB Memory

• 8 GB Storage

For more information please contact us at [email protected] or visit our website

CloudLink establishes a secure VPN tunnel between a

data center inside the enterprise and a virtual data center inside the cloud. All communications between the

CloudLink’s Layer 2 Ethernet extension functionality allows enterprises to easily migrate

their workloads between enterprise data centers and cloud data centers without changing existing applications and

nostic, working over Internet, IP VPN, and Carrier Ethernet WANs.

CloudLink provides enterprises with the option to encrypt data at rest using AES-256

Link guards against data remanence

problems and storage layer side attacks. Encryption of data at rest enables enterprises to meet storage data deletion

compliance requirements when moving workloads out from the cloud while defending against malicious or

carrier grade performance management

end network and security view from an enterprise to a cloud.

band diagnostics and integrates seamlessly with VMware

based interface and can also be configured as a VMware

nces conform to the OVF standard and can be deployed as a vApp onto a

VMware vSphere™ platform. The solution supports VMware vSphere™ and VMware™ vCloud™ APIs for seamlessly

Active cloud service account

or visit our website