The document discusses a webinar about securing servers in public and hybrid clouds using RightScale and CloudPassage. CloudPassage's Halo product provides security capabilities like network access control, configuration monitoring, and intrusion detection. RightScale helps deploy and manage servers across multiple clouds. A demo showed integrating CloudPassage Halo with RightScale for consistent security configuration of servers deployed in different clouds.

12. Your Servers… Your Responsibility Direct from Amazon AWS Customer Responsibility Provider Responsibility “… the customer should assume responsibility and management of, but not limited to, the guest operating system.. and associated application software...” “ it is possible for customers to enhance security and/or meet more stringent compliance requirements with the addition of… host based firewalls, host based intrusion detection/prevention, encryption and key management.” Amazon Web Services: Overview of Security Processes (2011) Physical Facilities Hypervisor Compute & Storage Shared Network Virtual Machine Data App Code App Framework Operating System

13. CloudPassage Halo was purpose-built to actively protect servers in any cloud. RightScale can ensure secure server configurations across multiple clouds .

14. Halo GhostPorts two-factor access control Halo REST API for integration & automation Halo is a security Software-as-a-Service providing all you need to secure your cloud servers . Halo TM Functional Capabilities Dynamic network access control Configuration and package security Server account visibility & control Server compromise & intrusion alerting

15. Compute Grid User Portal https RESTful API Gateway https CloudPassage Halo Halo Daemon Policies, Commands, Reports www-1 Halo www-1

16. Compute Grid User Portal https RESTful API Gateway https CloudPassage Halo Policies, Commands, Reports www-1 Halo Policies & Commands www-1

17. Compute Grid User Portal https RESTful API Gateway https CloudPassage Halo Policies, Commands, Reports www-1 Results & Updates Halo www-1

18. Compute Grid User Portal https RESTful API Gateway https CloudPassage Halo Policies, Commands, Reports www-1 Halo www-1 State and Event Analysis

19. Compute Grid User Portal https RESTful API Gateway https CloudPassage Halo Policies, Commands, Reports www-1 Halo Alerts, Reports and Trending www-1

21. Features & Pricing Dynamic network access control ✔ ✔ Server compromise & intrusion alerting ✔ ✔ Configuration and software security ✔ ✔ Server account visibility & control ✔ ✔ REST API access ✔ GhostPorts multi-factor authentication ✔ Data storage One day Two years Maximum scanning frequency Daily Hourly Servers protected Up to 25 Unlimited FREE $0.10/hour

25. What do we Mean by Cloud Computing? RightScale

26. RightScale Manages IaaS Clouds RightScale

27. Complete Systems Management

29. Parenthesis : What are ServerTemplates? Custom MySQL 5.0.24 (CentOS 5.2) Custom MySQL 5.0.24 (CentOS 5.4) MySQL 5.0.36 (CentOS 5.4) MySQL 5.0.36 (Ubuntu 8.10) MySQL 5.0.36 (Ubuntu 8.10) 64bit Frontend Apache 1.3 (Ubuntu 8.10) Frontend Apache 2.0 (Ubuntu 9.10) - patched CMS v1.0 (CentOS 5.4) CMS v1.1 (CentOS 5.4) My ASP appserver (windows 2008) My ASP.net (windows 2008) – security update 1 My ASP.net (windows 2008) – security update 8 SharePoint v4 (windows 2003) – 32bit SharePoint v4 (windows 2003) –64bit SharePoint v4.5 (windows 2003) –64bit … Configuring servers through bundling Images: A set of configuration directives that will install and configure software on top of the base image Configuring servers with ServerTemplates: CentOS 5.2 CentOS 5.4 Ubuntu 8.10 Ubuntu 9.10 Win 2003 Win 2007 Base Image Very few and basic

31. CloudPassage / RightScale Integration Demo

34. Additional Slides

37. Common data exposure vectors in the cloud Data is typically exposed in the following three states: In Process At Rest In Transit