Enterprises can now extend their IT/Corporate Controls, Security Standards, Visibility and Compliance to AWS using AppDimensions
November 30th, 2017
CloudFabrix is pleased to showcase AppDimensions’ capability that allows enterprises to extend their IT/Corporate Controls, Security Standards, Visibility, and Compliance to AWS. Customers can gain instant insights into their AWS environments’ security conformance, regulatory compliance, best practices adherence, application performance, and cost/resource utilization, all under one easy-to-use web portal.
Cloud adoption is on the rise, but many enterprises feel challenged in effectively ensuring security and compliance of their dynamic and complex cloud environments, since they require continuous analysis of operational and configuration data from multiple sources. AppDimensions effectively solves this problem by leveraging it’s highly scalable Data/Analytics Fabric and by collecting, monitoring, and analyzing data from multiple AWS services and workloads to provide a continuous and aggregated view of the c security conformance and compliance withing the customer’s AWS environment.
AppDimensions provides real-time dashboards and a CXO intelligence portal where CXO users can gain aggregate level insights for their AWS implementation, covering all accounts, services, and workloads. IT Admins & SREs can gain granular and deeper technical insights into the current state and behavior of operational areas such as Performance, Security, Compliance, etc. or specific AWS services like VPC, IAM, S3, EC2, etc. This helps uncover any issues in configuration or usage of AWS services and workloads. To enable faster root cause analysis, each Insight is further broken down into Rules, that check for various conditions/data points and present information in a concise manner. All Rules that have failed indicate a problem area that needs to be addressed to increase security conformance/compliance. Customers are also equipped to identify a list of problems/issues and receive recommendations to stay secure and compliant.
Specifically, AppDimensions can help address AWS Cloud Governance in the following 5 areas:
1) Security Conformance:
Security is an ongoing concern, on the cloud this problem is even more exacerbated because of the open and shared responsibility of cloud deployment model. Enterprises are looking for ways to continually ensure that their cloud resources and services are configured to operate securely and comply with security requirements and regulations.
AppDimensions collects data from key AWS services like VPC, IAM, S3, EC2, etc. and ensures security conformance. Common scenarios include: ensuring VPCs are configured per best practices, inter VPC traffic flows through firewall, traffic is allowed only from whitelist hosts, and IAM password policies are strictly configured. S3 bucket access policies do not allow unauthorized access and CloudWatch/CloudTrail and Flow logs are leveraged to detect non-compliant changes and suspicious activities.
2) Regulatory Compliance:
Many enterprises are required to maintain ongoing compliance with industry regulations, like HIPAA, PCI, etc., which need application level intelligence and assurance that workloads are configured in a certain way and operate within the purview of compliance requirements.
AppDimensions deploys compliance specific Outcomes/Insights and performs various checks against utilized AWS services and running workloads. For example, HIPAA mandates web server access control regulations, audit control regulations, logging in app servers, session auto logoff for ASP applications and more. AppDimensions provides insights into level of compliance and provides list of problems/issues that are uncovered.
In most cases, enterprises also have a requirement to follow certain corporate/IT standards and rules that mandate usage of certain vendors, licenses, technologies, configuration choices, and application modes or designs.
AppDimensions can gain access to relevant services and dynamically assess the usage of such standards and provide instant insights. For example, an enterprise may want to ensure usage of third party firewall in AWS for specific traffic flows or source/destination combinations, stringent IAM password policies, or enforce certain naming conventions for VMs.
4) Best Practice Adherence:
Whatever is the chosen cloud, enterprise want to leverage their existing knowledge base and adhere to best practices and vendor recommendation in their implementation. In most cases, these practices are published as documents, and enterprises feel challenged to enforce this in a way that is automatic and repeatable.
With AppDimensions, enterprises can track and enforce adherence to best practice automatically. For example, AppDimensions can track and enforce AWS CIS benchmark that captures best practice configurations for many key AWS services like VPC, IAM, EC2, etc.
Cost spending can quickly go out of control in the cloud, especially given the elastic nature of the cloud and easy way to provision resources and VMs. This will not only lead to resource sprawl, but also increase operational overhead, increase attack surface, and increase overall spend.
With AppDimensions, enterprises can obtain an aggregate view of overall resource utilization levels and spending in key areas like VMs, Storage Services, etc. and show insights in relation to pre-determined levels and the allocated budget. For example, is the prod AWS environment quarterly spending within 10% of allocated budget, spending report by department, environment, identifying under-utilized VMs, etc.
AppDimensions is able to deliver this value based on its modern Microservices and Containers based architecture and extensibility principles. At its core, AppDimensions uses a distributed and highly scalable Data & Analytics Fabric that can collect, monitor, and analyze data from various sources through out-of-box connectors and extensible plugins. In the case of AWS Governance, AppDimensions natively integrates with various AWS services (VPC, IAM, S3, EC2, etc), collects various data points, analyzes the data from an Outcomes point of view, and presents Insights.
If you would like to learn more about our solution or interested in a demo, please contact us at firstname.lastname@example.org