Drawbacks to Traditional Approaches When Securing Cloud Environments



Similar documents
H Y T RUST: S OLUTION B RIEF. Solve the Nosy Neighbor Problem in Multi-Tenant Environments

HyTrust Logging Solution Brief: Gain Virtualization Compliance by Filling Log Data Gaps

Can You be HIPAA/HITECH Compliant in the Cloud?

How to Achieve Operational Assurance in Your Private Cloud

CloudControl Support for PCI DSS 3.0

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

Protect Root Abuse privilege on Hypervisor (Cloud Security)

PICO Compliance Audit - A Quick Guide to Virtualization

Control your corner of the cloud.

Securing Privileges in the Cloud. A Clear View of Challenges, Solutions and Business Benefits

Secure Multi Tenancy In the Cloud. Boris Strongin VP Engineering and Co-founder, Hytrust Inc.

Preparing an RFI for. This RFI has been updated to reflect the new requirements in Version 3.0 of the PCI DSS, which took effect January 2015.

QTS Leverages HyTrust to Build a FedRAMP Compliant Cloud

Seven Things To Consider When Evaluating Privileged Account Security Solutions

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Is Your Vendor CJIS-Certified?

Secret Server Qualys Integration Guide

HOW OBSERVEIT ADDRESSES KEY HONG KONG IT SECURITY GUIDELINES

Best Practices for Building a Security Operations Center

ProtectV. Securing Sensitive Data in Virtual and Cloud Environments. Executive Summary

Securing Remote Vendor Access with Privileged Account Security

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

Managing Privileged Identities in the Cloud. How Privileged Identity Management Evolved to a Service Platform

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

PCI DSS 3.0 Compliance

TRIPWIRE NERC SOLUTION SUITE

PCI Compliance for Cloud Applications

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Privileged Session Management Suite: Solution Overview

Guideline on Auditing and Log Management

Achieving PCI COMPLIANCE with the 2020 Audit & Control Suite.

CA ControlMinder for Virtual Environments May 2012

Securing Virtual Applications and Servers

How To Manage Security On A Networked Computer System

CA Technologies Solutions for Criminal Justice Information Security Compliance

Netzwerkvirtualisierung? Aber mit Sicherheit!

USM IT Security Council Guide for Security Event Logging. Version 1.1

Trust but Verify: Best Practices for Monitoring Privileged Users

White Paper. Managing Risk to Sensitive Data with SecureSphere

RSA Security Solutions for Virtualization

Enterprise Security Solutions

RE Think. IT & Business. Invent. IBM SmartCloud Security. Dr. Khaled Negm, SMIEEE, ACM Fellow IBM SW Global Competency Center Leader GCC

Solving the Online File-Sharing Problem Replacing Rogue Tools with the Right Tools

IBM InfoSphere Guardium Data Activity Monitor for Hadoop-based systems

How To Secure A Database From A Leaky, Unsecured, And Unpatched Server

privileged identities management best practices

BalaBit IT Security Insight Singaporean Internet Banking and Technology Risk Management Guidelines Compliance

Compliance Guide ISO Compliance Guide. September Contents. Introduction 1. Detailed Controls Mapping 2.

Netwrix Auditor. Сomplete visibility into who changed what, when and where and who has access to what across the entire IT infrastructure

What s Wrong with Information Security Today? You are looking in the wrong places for the wrong things.

Leveraging Microsoft Privileged Identity Management Features for Compliance with ISO 27001, PCI, and FedRAMP

How To Comply With Ffiec

Compliance Guide: PCI DSS

Strengthen security with intelligent identity and access management

2: Do not use vendor-supplied defaults for system passwords and other security parameters

SecureVue Product Brochure

VMware vcloud Networking and Security

Regulatory Compliance Using Identity Management

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

Windows Least Privilege Management and Beyond

SANS Top 20 Critical Controls for Effective Cyber Defense

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

Safeguarding the cloud with IBM Dynamic Cloud Security

AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE

The Need for Real-Time Database Monitoring, Auditing and Intrusion Prevention

PowerBroker for Windows Desktop and Server Use Cases February 2014

Host Hardening. Presented by. Douglas Couch & Nathan Heck Security Analysts for ITaP 1

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Learn the essentials of virtualization security

Protecting the Palace: Cardholder Data Environments, PCI Standards and Wireless Security for Ecommerce Ecosystems

Tenable Webcast Summary Managing Vulnerabilities in Virtualized and Cloud-based Deployments

IDENTITY & ACCESS. Privileged Identity Management. controlling access without compromising convenience

ARS v2.0. Solution Brief. ARS v2.0. EventTracker Enterprise v7.x. Publication Date: July 22, 2014

Virtual Compliance In The VMware Automated Data Center

PowerBroker for Windows

Automating Cloud Security Control and Compliance Enforcement for PCI DSS 3.0

Virtualization Case Study

Learn the Essentials of Virtualization Security

IBM Software InfoSphere Guardium. Planning a data security and auditing deployment for Hadoop

Best Practices for PCI DSS V3.0 Network Security Compliance

Leveraging Privileged Identity Governance to Improve Security Posture

Feature. Log Management: A Pragmatic Approach to PCI DSS

SIEM SPEEDS TIME TO RESOLUTION (NOT JUST FOR SECURITY ISSUES)

Mitigating Information Security Risks of Virtualization Technologies

Network Access Control in Virtual Environments. Technical Note

Information Technology Policy

Securing Data in the Virtual Data Center and Cloud: Requirements for Effective Encryption

APPLICATION COMPLIANCE AUDIT & ENFORCEMENT

Transcription:

WHITE PAPER Drawbacks to Traditional Approaches When Securing Cloud Environments

Drawbacks to Traditional Approaches When Securing Cloud Environments Exec Summary Exec Summary Securing the VMware vsphere platform has emerged as an essential requirement for virtualizing critical workloads and ensuring their compliance with regulations. It s increasingly recognized as a prerequisite for achieving the financial rewards of greater virtualization and private cloud adoption without exposing the enterprise to greater and more concentrated risk. Several traditional physical data center security tools including password vaults, jump boxes, and administration session recorders - have been adapted to the virtual environment to address the platform s security needs. An analysis of the core functionality, value, and limitations of the tools concludes that each can potentially contribute to solving the platform security and compliance puzzle. However, these tools do not meet all the requirements of a complete solution, either individually or in combination. Many are also cumbersome, requiring changes in user behavior among operations teams. Recognizing the limitations of existing technologies, HyTrust purpose-built a solution that fulfills all the requirements for securing the virtualization platform. HyTrust Appliance gets the whole job done because it encompasses the benefits provided by the individual tools while integrating essential capabilities that they lack. By adding granular user and resource-based access controls, audit-quality logs linked to individual users, virtual resource isolation in multi-tenant clouds, and virtual infrastructure hardening, HyTrust Appliance overcomes the unique security challenges created by virtualization.

Drawbacks to Traditional Approaches When Securing Cloud Environments Introduction Introduction The vsphere platform provides basic security measures that are adequate when virtualization is limited to low tier applications such as development and testing. However, as enterprises virtualize production and other critical workloads with sensitive data, they discover new security and compliance risks. Among the most serious are: Root account sharing by privileged vsphere users makes it impossible to tie every administrative operation to a specific user. The result is lack of user accountability, no reliable audit trails, and violations of key administrative mandates in all major security regulations. The virtualization platform grants users very powerful privileges by default, while its limited access controls lack the granularity needed for effective separation of duties and least privilege access. The platform also lacks a viable way to grant the one-time permissions that privileged users need to do their jobs day-to-day (e.g., occasionally deleting production VMs in order to upgrade their applications). Isolation of each tenant s virtualized applications and data in multi-tenant cloud environments is a universal security and compliance requirement. The vsphere platform, however, doesn t provide the virtual resource controls and fine-grained user authorizations needed to fully segment the virtual infrastructure. In particular, the platform doesn t provide constraints to ensure that the privileged users who can access a tenant s VMs maintain the isolation between virtual switches, hosts, and other private cloud resources associated with each tenant. The platform s laundry list of logging limitations severely hampers compliance, audit support, and forensic analysis. In addition to the #1 concern an inability to associate a unique privileged user ID with every administrative action the platform doesn t record denied or failed operation attempts, details of virtual resource reconfigurations, the user s source IP address, and other necessary data. To make matters worse, users can bypass vcenter logging with direct-to-host access, and the platform doesn t centrally compile vcenter and host logs. This paper will examine how password vaults, jump boxes, and administration session recorders have been enlisted to solve these problems. The following sections will summarize each tool s core functionality, examine the security challenges it targets, identify its value and limitations as a solution, and specify its proper role in securing the virtual infrastructure. 1

Drawbacks to Traditional Approaches When Securing Cloud Environments Password Vaults Password Vaults A password vault (PV) provides a way to associate every administrative log-in with a particular user when two or more privileged users share an account. In a typical implementation, each time a user seeks access to a system the PV randomly generates and issues a new temporary root password to the user, sets a configurable password expiration period, timestamps the event, and logs the user ID of the person the password was issued to. Once the temporary password expires it cannot be reused. Root password vaulting can solve part of the virtualization platform s anonymous user problem. It increases accountability by enabling a PV tool to record the beginning and ending times of each privileged user s administrative sessions. Linking a unique user ID to every session is a valuable first step toward creating an audit trail and complying with regulations. Password vaults can be supplemented with management functions such as approval workflows, account provisioning, and reporting. The primary limitation of a PV as a virtual infrastructure security solution is that it is not aware of the operations conducted by a user during an administrative session. It therefore cannot associate a user ID with a specific action performed using a shared account, which is essential for accountability, audit trails, and compliance. Evidence of this weakness shows up in some PV implementations that automatically log a user into a shared vcenter account. Even if a PV is integrated with vcenter s basic access controls and log mechanisms, it would suffer from the limitations of those functions described above. In particular, a PV that depends on vcenter s access controls cannot enforce object-level controls and therefore cannot provide the infrastructure segmentation that is essential in multi-tenant environments. In addition, a PV often requires a change in platform administration and associated user training. Administrators must log-in via the PV s console and then request access to a specific system, a cumbersome change from simply logging into vcenter directly. A root password vault can and should be a component of an effective virtual infrastructure security solution. As a standalone tool, it leaves most of the job undone. 2

Drawbacks to Traditional Approaches When Securing Cloud Environments Jump Boxes Jump Boxes In the context of virtual infrastructure security, a jump box is basically a server connected to vsphere management clients on one side and one or more vsphere management interfaces on the other. It can screen the virtualization platform from malware and other attacks, and it may have strong authentication features. If password vaulting is added to the jump box, it can provide the benefit of funneling all vcenter and ESX/ESXi access through a control point that associates a unique privileged user ID with every vsphere log-in. However, as mentioned above, this may require a productivity-reducing change in administrative behavior. A jump box typically provides little if any native functionality for controlling privileged use of the virtualization platform. It may be able to restrict users ability to connect to specified virtual machines (VMs) without being able to control vsphere administration privileges directly. Instead, the jump box may use vsphere APIs to control access to the virtual infrastructure using the platform s limited access control features. In this case, the jump box inherits the access control gaps that undermine the platform s security and compliance support for critical workloads. The jump box-based approach to virtual infrastructure security can t be considered operations-friendly and may also increase administrative costs. Authentication and access rules may need to be managed twice, on both the jump box and vcenter. If so, additional user training and process changes will be required. Because any controls are session-based, a jump box cannot provide a workflow for the frequent one-time privilege authorizations needed to keep virtualization operations running smoothly. Another limitation that jump boxes share with PVs is the inability to provide infrastructure segmentation for multi-tenant environments. Both tools rely on vcenter s access controls, so they lack the object controls needed to fully isolate each tenant s virtualized resources. Requiring all vsphere administrative activity to pass through a control point that strengthens authentication and shields the infrastructure from external attacks is a positive step toward securing critical virtualized workloads. But a jump box-based product that lacks robust vsphere access controls leaves key virtualization security challenges unaddressed. 3

Drawbacks to Traditional Approaches When Securing Cloud Environments Administration Session Recorders Administration Session Recorders For a variety of reasons, compiling comprehensive administrative event logs is very challenging in the virtual environment. That s why some organizations take the shortcut of recording streams of privileged user activity via continuous screen capture. This graphical approach to security information logging can show an unauthorized or dangerous user action as it occurred, once you know where and when to look for it in the library of video streams. Administration session recorders also enable impressive marketing demos. In some cases, screen capture video is the only option for recording privileged user activity. Jump boxes often employ RDP for vsphere administrative access, and since RDP sessions are graphical the jump box can t record event details in text logs. The necessity of using inadequate logging capabilities doesn t negate the security and compliance costs of doing so, though. Structured, detailed text logging of the key details of every event is the gold standard in information security for good reasons. Text-based logs are easy to filter and search, enabling access to relevant data in seconds. Operations managers, auditors, and forensic analysts, for example, can quickly and easily locate the details of a type of administrative operation conducted by a known or unknown user during any number of sessions or time periods. In addition, text logs can be used by log management and security information and event management (SIEM) systems to correlate administrative events with other security-related events. This analysis can create a clearer picture of an incident, and it can be used to automatically detect a possible breach or compliance violation and send an alert. Video screen capture provides at best a small fraction of these benefits: It s neither easy nor efficient to watch many hours of session video while hoping to spot some type of inappropriate action, especially if the search spans multiple users, sessions, and/or operations. Video can t be used by log management or SIEM systems for incident detection, analysis, or alerts. If the improper behavior doesn t come to light through some other means, and in a timely manner, it may either never be discovered or it may be uncovered long after costly damage could have been contained. Video may not record the source IP address of a session, which is a common compliance and forensic analysis requirement. If better technology wasn t available, an administrative session recorder could play a useful if relatively minor role in making the virtual infrastructure safe for critical applications and data. Once again, this is a tool that cannot be considered a solution on its own or in combination with a jump box and password vault. 4

Drawbacks to Traditional Approaches When Securing Cloud Environments Analysis Analysis It s not surprising that the tools examined in this paper do not adequately secure the virtual infrastructure and ensure compliance. They were not originally designed to protect a virtualization platform with a unique set of characteristics, including the need for more granular and extensive access controls and comprehensive, audit-quality logging. Nevertheless, the tools provide several building blocks for a true solution: HyTrust secures the virtual infrastructure and supports HIPAA compliance with: Password management that ensures all administrative activity is linked to a unique ID for each privileged user, despite root account sharing A control point for all privileged user interaction with the virtual infrastructure that can ensure all activity is recorded and subject to access control. Records of all privileged user activity 5

Drawbacks to Traditional Approaches When Securing Cloud Environments Solution Solution HyTrust recognized that the vsphere platform needed substantial access control and logging supplementation before it could host critical workloads without concentrating and increasing enterprise risk. It also knew that no combination of existing security tools could get the job done. So HyTrust developed HyTrust Appliance, the only solution purpose-built to secure the virtual infrastructure and enable compliance. HyTrust Appliance provides the relevant benefits of password vaults, jump boxes, and administration session recorders and adds the essential additional capabilities required for a complete solution. The patented solution overcomes the limitations of those tools with: Granular role-based and virtual resource-based access controls specifically designed to bring true separation of duties, least privilege access, and resource isolation in multi-tenant environments to the vsphere platform. These bedrock security practices are as fundamental in the virtual environment as they are in the traditional data center. Any tool or product that doesn t enable them cannot be considered a solution. Comprehensive and easily searched text logs of all privileged user actions conducted through any vsphere management interface. HyTrust Appliance uses root password vaulting and other measures to associate every record of every attempted operation with a unique privileged user ID. Real time detection and alerting of suspicious, dangerous, or unapproved user activity, enabling the enterprise to stop or contain threats quickly. HyTrust Appliance s detailed, centrally compiled logs also establish privileged user accountability and provide the thorough audit trail required for compliance, audit support, and forensic analysis. HyTrust delivers this integrated functionality in a way that is transparent to administrators and doesn t require changes to their approved behavior. This is important in getting the operations team to both accept and use the security solution. Other HyTrust Appliance capabilities that make it a complete solution include: Authorizing one-time permissions for privileged users based on a fast and efficient workflow, which maintains operations productivity along with security and compliance Hardening access to the virtualization platform through integration with leading multi-factor authentication solutions Hardening ESX/ESXi hosts with hypervisor configuration policy enforcement and automated remediation All of these capabilities are integrated and centrally managed, making deployment and use of HyTrust Appliance much easier than administering multiple tools. Enterprises that have virtualized, or plan to virtualize, mission critical applications and data need to strengthen the security and compliance of the virtual infrastructure without delay. There is no reason to use tools that don t get the whole job done when they can get a complete solution from HyTrust. 6

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information