loud ecurity and management oftware uite · web browser ( microsoft ie or firefox) with adobe...
TRANSCRIPT
PRODUCT BRIEF
CLOUDLINK™ SECURITY AND MANAGEMENT
SOFTWARE SUITE
Copyright © AFORE Solutions Inc. All rights reserved. Rev 1.0
Concerns over cloud security, manageability, performance, and reliability have been the biggest barriers
to the more rapid and wider spread adoption of cloud services. Leveraging the cloud offers enterprises
significant cost savings and flexibility and Cloud Service Providers compelling revenue generating
opportunities. AFORE’s CloudLink™ software suite combines cloud infrastructure security and
manageability with performance monitoring to protect mission critical data in motion and at rest.
SECURE, MANAGE, AND MONITOR PRIVATE, HYBRID, AND PUBLIC CLOUDS
CloudLink™ is installed as a virtual appliance in private, hybrid, and public clouds
to secure virtual resource pools – virtual machines (VM), networks, and data
stores – in multi-tenant environments. All network and storage data is encrypted
with the enterprise having full control over encryption keys and security policy.
CloudLink™ seamlessly integrates with virtualization and cloud infrastructures and
it can be set up as a cloud service template – making it easy to order and self-
provision.
CLOUDLINK ARCHITECTURE
CloudLink consists of three key components and can be installed into data centers
and cloud environments without impacting the existing network and storage
infrastructure.
CloudLink vNode is a software virtual appliance deployed in the cloud. The vNode
acts as the communications endpoint between VMs in the virtual data center
(VDC) and the enterprise network. vNode works with the gateway on the
enterprise side for end-to-end performance monitoring and testing. Inside the
cloud, vNode interacts with the cloud infrastructure layer to encrypt storage,
collect logs and events, monitor the VMs and storage, and feed the management
information back to the enterprise.
CloudLink Gateway is a software virtual appliance deployed inside the enterprise
data center. The CloudLink Gateway communicates with CloudLink vNodes
deployed in the cloud to create a secure Ethernet overlay to the enterprise
specific VDCs. The CloudLink Gateway authenticates vNodes, monitors
connectivity, initiates performance testing, and pushes the enterprise controlled
encryption keys via the secure tunnel to the vNodes deployed in the cloud.
CloudLink Center is a management application that can be utilized as a web
application or as a VMware vCenter™ plug-in. It manages the CloudLink Gateway
and vNode, administers trust policies, configures encrypted storage volumes,
monitors end-to-end network performance, reports events, logs and alarms, and
presents the enterprise topology.
BENEFITS
For the enterprise:
- Security and privacy in the cloud.
- Secure disaster recovery into the
cloud.
- Enterprise controls its VDCs in
the cloud.
- Layer 2 Ethernet Overlay for easy
workload migration to the cloud.
- Seamless integration of cloud
VDC with enterprise IT
infrastructure.
- No application or network
changes required.
- Powerful network performance
monitoring and fault diagnostics.
- Ease compliance auditing.
- Integration with VMware ™ to
ease management.
For the Cloud Service Provider:
- Adding encryption services into
cloud service portfolio for
broader customer appeal.
- Broadens potential customer
base by enabling hosting of
workloads subject to regulatory
compliance.
- Tenant-based storage encryption
facilitates coexistence of multiple
tenants on a single host/storage
array.
- Powerful network performance
monitoring and fault diagnostics.
PRODUCT BRIEF
CLOUDLINK™ SECURITY AND MANAGEMENT
Copyright © AFORE Solutions Inc. All rights reserved. Rev 1.0
CLOUDLINK KEY FEATURES
Encryption of Data in Motion/Virtual Private Network (VPN)
data center inside the enterprise and a virtual data center inside the cloud. All communications between the
enterprise and the cloud is encrypted using AES
Secure Ethernet Overlay ― CloudLink’s Layer 2 Ethernet extension functionality allows enterprises to easily migrate
their workloads between enterprise data centers and cloud data centers without changing existing applications and
VMs. CloudLink’s secure Ethernet overlay is WAN ag
Encryption of Data at Rest ― CloudLink provides enterprises with the option to encrypt data at rest using AES
encryption technology. In a dynamic and multi
problems and storage layer side attacks. Encryption of data at rest enables enterprises to meet storage data deletion
compliance requirements when moving workloads out from the cloud while defending against malicious or
misbehaving co-tenants.
TrustWatch Performance Monitoring and
and monitoring into the cloud enabling
CloudLink continually reports traffic
statistics on a per tunnel and per VM basis
by monitoring the network’s end-to-end
availability, throughput, round trip latency,
packet loss, and security policy. It also
provides a suite of tests and diagnostics
tools to isolate performance and SLA issues.
CloudLink collects logs and events
associated with the enterprise resource
pool and reports them via CloudLink Center
to the enterprise IT administrator for
monitoring and auditing purposes.
CloudLink includes key management to
facilitate encryption based on trust policies.
Manageability and Control ― CloudLink
Center presents a comprehensive suite of
management tools including a topology
map, performance dash board, alarm monitoring and in
vCloud™ based solutions. CloudLink Center provides a Web
vCenter™ plug-in. CloudLink software applia
VMware vSphere™ platform. The solution supports VMware vSphere™ and VMware™ vCloud™ APIs for seamlessly
integration with external cloud management platforms
Technical Specifications
Enterprise Side
VMware ESXi/ESX™ 4.x+ or VMware Player™
vCenter is optional
Web Browser ( Microsoft IE or Firefox) with Adobe Flash™ plugin
512 MB Memory
8 GB Storage
For more information please contact us at
www.aforesolutions.com.
ANAGEMENT SOFTWARE SUITE
Copyright © AFORE Solutions Inc. All rights reserved. Rev 1.0
Encryption of Data in Motion/Virtual Private Network (VPN) ― CloudLink establishes a secure VPN tunnel between a
data center inside the enterprise and a virtual data center inside the cloud. All communications between the
is encrypted using AES-256 encryption technology.
CloudLink’s Layer 2 Ethernet extension functionality allows enterprises to easily migrate
their workloads between enterprise data centers and cloud data centers without changing existing applications and
VMs. CloudLink’s secure Ethernet overlay is WAN agnostic, working over Internet, IP VPN, and Carrier Ethernet WANs.
CloudLink provides enterprises with the option to encrypt data at rest using AES
encryption technology. In a dynamic and multi-tenant cloud environment CloudLink guards against data remanence
problems and storage layer side attacks. Encryption of data at rest enables enterprises to meet storage data deletion
compliance requirements when moving workloads out from the cloud while defending against malicious or
onitoring and Diagnostics ― CloudLink extends carrier grade performance management
enabling an end-to-end network and security view from an enterprise to a cloud.
statistics on a per tunnel and per VM basis
end
availability, throughput, round trip latency,
provides a suite of tests and diagnostics
te performance and SLA issues.
associated with the enterprise resource
pool and reports them via CloudLink Center
CloudLink includes key management to
facilitate encryption based on trust policies.
CloudLink
Center presents a comprehensive suite of
management tools including a topology
rformance dash board, alarm monitoring and in-band diagnostics and integrates seamlessly with VMware
vCloud™ based solutions. CloudLink Center provides a Web-based interface and can also be configured as a VMware
in. CloudLink software appliances conform to the OVF standard and can be deployed as a vApp onto a
VMware vSphere™ platform. The solution supports VMware vSphere™ and VMware™ vCloud™ APIs for seamlessly
integration with external cloud management platforms.
Cloud Side
VMware ESXi/ESX™ 4.x+ or VMware Player™ VMware vCenter™
• VMware ESX/ESXi™ 4.x+
Web Browser ( Microsoft IE or Firefox) with Adobe Flash™ plugin • Active cloud service account
• 512 MB Memory
• 8 GB Storage
For more information please contact us at [email protected] or visit our website
CloudLink establishes a secure VPN tunnel between a
data center inside the enterprise and a virtual data center inside the cloud. All communications between the
CloudLink’s Layer 2 Ethernet extension functionality allows enterprises to easily migrate
their workloads between enterprise data centers and cloud data centers without changing existing applications and
nostic, working over Internet, IP VPN, and Carrier Ethernet WANs.
CloudLink provides enterprises with the option to encrypt data at rest using AES-256
Link guards against data remanence
problems and storage layer side attacks. Encryption of data at rest enables enterprises to meet storage data deletion
compliance requirements when moving workloads out from the cloud while defending against malicious or
carrier grade performance management
end network and security view from an enterprise to a cloud.
band diagnostics and integrates seamlessly with VMware
based interface and can also be configured as a VMware
nces conform to the OVF standard and can be deployed as a vApp onto a
VMware vSphere™ platform. The solution supports VMware vSphere™ and VMware™ vCloud™ APIs for seamlessly
Active cloud service account
or visit our website