CloudPassage Halo - November 2011
GhostPorts enables strong protection of administrative network access, with the flexibility to allow authorized access from anywhere, easily and securely. This is the most secure way to control access to administrative services on cloud servers.
With Halo GhostPorts, administrators can lock down all administrative, development, or other sensitive network access. GhostPorts allows you to open temporary network access for a single, dynamic IP address after the user requesting access has strongly authenticated.
After being configured by the Halo administrator, GhostPorts will verify end-user identities using single or two-factor authentication. Until a user authenticates, server management ports remain invisible. Authenticated users will be allowed to access the server for a finite period of time, after which the access is automatically removed, returning the server to a secure state.
GhostPorts is a feature of Halo Professional. If you don't yet have Halo Professional, you can try GhostPorts for free and receive a free YubiKey® now through January 31st, 2012.
For more information on GhostPorts please see the GhostPorts User Guide.
Security Event Logging & Alerting
Halo's security logging and alerting capabilities detect a broad range of events and system states, alerting you when they occur. The platform allows users to define which events generate logs or alerts, whether they are critical, and who will receive them. Given Halo's amazing flexibility and speed, you can use groups and profiles to create virtually unlimited eventing scenarios.
Combining configuration assessment checks with security eventing provides you with the flexibility to monitor system security events both at the OS and application level. Halo provides real-time visibility, since log entries and alerts can be generated on any rule created from these checks.
The Server Event Log provides a secure and permanent record of relevant events happening in your cloud servers. Events can include anything you can detect with Halo's Configuration Security module running on your individual server instances, as well as cloud-specific events such as the creation and state change of cloud instances.
The Server event log allows security staff and auditors to track security events of a Halo-protected cloud deployment without the risk of individual servers having their own internal auditing and log data lost or tampered with. All of the Server event log data is stored in a permanent record managed by the Halo Grid, and provides very detailed sorting, filtering, and retrieval options.
Server Account Management
Halo's Server Account Management gives Halo administrators the ability to create, edit, and disable user accounts on their cloud servers through the centralized Halo administration portal, either manually or through an API.
Administrators have rich visibility and control over the user accounts on their servers, including tracking logins, privileges, and managing password policies across all systems. This gives security groups a centralized place to review user accounts that can access all systems in their cloud deployment.
Halo Master Accounts enable large organizations and service providers to manage and monitor multiple Halo accounts from one location. All Halo sub-accounts linked to a Master Account will retain their own users, policies, and data. This allows for central management of and visibility into multiple discrete sub-organizations, customers, or other policy domains.
Master Accounts provide centralized visibility into the usage and operations for multiple Halo deployments, which can now be segmented for individual projects or clients. Sub-accounts can be moved in or out of a master account at any time, allowing the collection of multiple pre-existing Halo accounts under a single Master Account to help organizations manage their Halo usage.