RSA, a security division of EMC, has unveiled a shared vision with Intel and VMware for building a secure, transparent and accountable infrastructure for business-critical cloud services.
RSA, Intel, VMware and GRC experts from Archer Technologies have demonstrated a vision for a trusted cloud infrastructure that delivers operational benefits for organisations and service providers running private clouds.
The companies said that the new concept provides greater visibility into actual conditions within the bottom-most layers of the cloud; finer controls to enforce differentiated policies in private clouds; and streamlined compliance by providing automated processes for collecting, analysing and reporting infrastructure-level activities and events.
The foundation for the new computing infrastructure is a hardware root of trust derived from Intel Trusted Execution Technology (TXT), which authenticates every step of the boot sequence, from verifying hardware configurations and initialising the BIOS to launching the hypervisor, the companies said.
Once launched, the VMware virtualisation environment collects data from both the hardware and virtual layers and feeds a continuous, raw data stream to the RSA enVision Security Information and Event Management platform. The RSA enVision is engineered to analyse events coming through the virtualisation layer to identify incidents and conditions affecting security and compliance.
The information is then contextualised within the Archer SmartSuite Framework, which is designed to present a unified, policy-based assessment of the organisation’s security and compliance posture through a central dashboard, RSA said.
Reportedly, RSA Security Briefs are designed to provide security leaders with guidance on pressing information security risks and opportunities. Each security brief is created by a select response team of experts who mobilise across organisations to share knowledge on a critical emerging topic.
Pat Gelsinger, president and chief operating officer of EMC Information Infrastructure Products, said: “For the cloud to mature into an enterprise-grade platform running high-value business processes and data, we must be able to trust the security of the underlying physical and virtual infrastructure without question.
“Today most organisations have little to no visibility into what’s occurring within the infrastructure layers of clouds, making it impossible to verify their security. Together our companies are demonstrating that internal and external clouds can be visible, measurable and reportable for the secure management of a company’s most important business processes.”
