Friday, September 9, 2011

Sample Security tools for the Cloud Computing Environment

I listed the sample essential Security tools for the Cloud Computing Environment. I welcome any comments.

Security Controls
Sample Tools
Identity and Access Management (IAM)
IAM is on the top of list due to its crucial importance to any organization’s IT asset. IAM is the lock to the front door of business data and assets. Poorly defined and implemented IAM can negatively impact productivity and overall security of organization. Centralized and Enterprise wide IAM with Identity Federation and Extension to the Cloud is the best industrial practice. Good tools including
·         Symplied suite of IAM products,
·         Ping Identity,
·         CA, Oracle, IBM and Microsoft IAM suite of Products, etc
The most innovative products are from Symplified, not from big and old companies such as Oracle or IBM.
Security Event Management tools (SIEM)
Due to the requirements of continuous monitoring, SIEM knowledge become important.
Sample tools including
·         Arc Sight,
·         Q1Labs, etc
Encryption
With the Cloud Computing become main stream, Encryption knowledge and experience is more relevant due to more data move to the cloud. Understanding of FIPS 140-2 requirements and some strong encryption such as AES, 3DES is necessary for the data security in the cloud.
Anti Virus, Network IDS/IPS, and other security monitoring tools
Organization will need to understand basic deployment model and configuration and administration of these tools. Sample tools including
Sample Anti Virus tools including
·         McAfee,
·         Symantec,
·         Trend Micro,
·         Webroot,
·         Norton,
·         AVG etc.
Sample network IDS/IPS tools including
·         Barracuda,
·         Checkpoint,
·         CISCO IPS,
·         eEye,
·         Juniper’s IDP,
·         McAfee’s NSM,
·         Radware’s IDS,
·         Sourcefire’s ETM,
·         IBM Proventia IPS,
·         Watchguard,
·         TippingPoint,
·         Corero, etc
Enterprise Forensics Tools
Forensics tool is needed for the Cloud Security professionals to aid in Forensics investigation and litigation process. The following are sample tools:

·         EnCase Enterprise,
·         ProDiscover,
·         Forensic,
·         EnCase,
·         Sleuth,
·         dtSearch,
·         Paraben, etc

Logging and Auditing tools such as
Centralized log and event correlation  with analytic capability is essential for fraud and vulnerability detection and investigation, sample tools including:
·         Sensage,
·         Splunk etc
Data Leakage Prevention tools
Proactive tools for preventing data loss is become important in the cloud, sample tools including
·         Vontu,
·         Orchestria ,
·         Verdasys, etc
Vulnerability management and penetration testing program.
A good vulnerability management tool would include capabilities for asset management, vulnerability assessment, configuration management, patch management, remediation, reporting, and monitoring. In realty, the tool only provides part of the above functionality. Cloud Service Provider will need a combination/integration of those tools to get best results
Sample tools including
·         McAfee's Foundstone Enterprise(www.mcafee.com),
·         StillSecure (www.stillsecure.com),
·         eEye Digital Security (www.eEye.com),
·         Symantec/Bindview (www.bindview.com),
·         Attachmate/NetIQ (www.netiq.com), etc

Infrastructure and/or application vulnerability scanning toolsets.
The following are sample tools/vendors. Some tools can be installed in premises or used in the cloud.
·         Qualys,
·         Cenzic,
·         Fortify,
·         Nessus etc
Application Security Assessment
Sample tools includes
·         BurpeSuite,
·         Paros,
·         HP WebInspect,
·         IBM Rational AppScan,
·         Cenzic Hailstorm etc
DR tools
Sample tools including
·         VMWare SiteRecovery Manager,
·         SunGard,
·         Barracuda Backup Service,
·         Double-Take Software etc.

2 comments:

  1. As you provided table listing sample essential Security tools for the Cloud Computing Environment.Its really interesting to read for those who are working in the area of security of those who are new to it.Good work man!
    digital signature PDF

    ReplyDelete
  2. I have used AVG protection for a number of years, and I'd recommend this solution to everyone.

    ReplyDelete