Category Archives: Cloud Servers
Porticor's new key technology simplifies data encryption in the cloud
Data at rest has long been protected by technology called public key infrastructure (PKI), in which data is encrypted when it's created by a public key and only decrypted, in theory, by an authorised person holding the private key. But extending this type of data protection to the cloud can be complicated.
The migration to the cloud has introduced a new set of complex security issues for IT teams to manage due to the lack of direct control over the security of the data. Moreover, cloud providers believe that data security is a shared responsibility, where the service provider assures physical security and the subscribers must secure their servers and data. Presumably this would include a strategy for encryption and key management which requires that the keys be stored outside the cloud rather than in it.
Startup security company Porticor just released a solution that addresses the concern about data at rest in the cloud. Porticor offers a split key encryption solution where the cloud customer is the only one who knows the master key. What's more, Porticor handles all the complexity of encrypting data so the customer barely needs to think about it. The security and convenience is all in the unique implementation of key management.
The fundamental problem of encrypting data in the cloud is where to store the keys. The customer can't store the keys on a disk in the cloud because they could be vulnerable to hackers. The customer could allow a vendor to store its keys, but that means putting trust in a third party. The customer could bring the keys back into his own data center, but that seems to defeat the purpose of outsourcing data center services to the cloud. Porticor now offers an alternative for key management that is both simple and secure.
Porticor's approach is based on the concept of the safe deposit box that has two keys - one for the customer and the other for the banker, or in this case, the Porticor Virtual Key Management Service. Just like the safe deposit box, the customer can't decrypt the data without the key held by Porticor, and Porticor can't decrypt the data without the master key held by the customer. In practice, the customer actually has one key per project, which is usually an application. Porticor has thousands of keys, one for each file or disk belonging to that project. Still, the keys must pair up in order to provide access to the encrypted data.
Beyond the keys being split between the customer and Porticor, the unique part of the solution is the keys themselves are encrypted by the customer's master key, which only the customer holds and knows. As a result, Porticor holds project keys but the vendor can't read them because they are encrypted. By encrypting the "banker" keys with the customer master key, Porticor gives the customer complete mitigation of end data protection. The customer must write down the master key and literally store it in a steel box. Once that is done, no one in the world other than the steel box ever sees the key. (Another option is to put the master key in an escrow service.)
Architecturally, the Porticor solution sits between the cloud based server and storage, ensuring that every bit of data between the servers and the storage is encrypted and every bit of data moving from storage to the servers is decrypted for customer initiated processes. The piece in the middle is the heart of the Portico solution, the Virtual Private Data (VPD) application. VPD is a virtual appliance that encrypts any disk or storage array with encryption algorithms such as AES-256. VPD retrieves the "banker" keys as well as requesting from the customer its key.
Read the original:
Porticor's new key technology simplifies data encryption in the cloud
Can a private cloud drive energy efficiency in datacentres?
As more and more companies virtualise datacentres, Jenny Williams asks if stepping into a private cloud would really mean greater energy efficiency.
A private cloud tipping point will be reached by the end of 2012. According to Neil MacDonald, vice president and Gartner fellow, more than half of the workloads in datacentres will have been virtualised, providing the foundation for private cloud computing capabilities to cut datacentre costs and increase energy efficiency.
However, TechTargets Data Centre Decisions 2011 survey found 57% of UK and European users are not using or considering using private cloud computing over the next 12 months.
With so many private cloud infrastructure offerings on the market from VMwares vSphere to Microsoft HyperV and System Centre and new products such as Dells pre-packaged private cloud for datacentres, vStart 200 are energy-efficient private cloud datacentres at an industry tipping point, or is it all merely market hype?
Virtualisation is being used to significantly reduce power usage in datacentres. According to Computer Weeklys sister title, SearchVirtualDatacentre, Palmers College in Essex reduced over 20 IBM servers to three in a server virtualisation and datacentre consolidation project.
The datacentre now uses VMware vSphere 4.1 servers and saves 19% of its capital budget by removing disaster recovery (DR) and server replacement costs.
We save roughly another 80% on power compared to what we would be using if our servers were not virtualised, says Dan Byne, IT manager at Palmers College.
Analyst Gartner believes private cloud platforms will further enhance server and storage virtualisation energy efficiencies. Private cloud platforms allow businesses to protect data using an internal, corporate network behind a firewall.
In a report titled Shrinking Data Centers: Your Next Data Center Will Be Smaller Than You Think, Gartner analyst David Cappuccio says private clouds and resource pooling enhance vertical scalability in the datacentre, while at the same time improving the productivity-per-kilowatt ratio.
By 2018, Cappuccio predicts data centres will take up only 40% of the space they occupy today, mainly housing core business services. Sanjay Mirchandani, EMC CIO and
Here is the original post:
New Key Technology Simplifies Data Encryption in the Cloud
Data at rest has long been protected by technology called public key infrastructure (PKI), in which data is encrypted when it's created by a public key and only decrypted, in theory, by an authorized person holding the private key. But extending this type of data protection to the cloud can be complicated.
The migration to the cloud has introduced a new set of complex security issues for IT teams to manage due to the lack of direct control over the security of the data. Moreover, cloud providers believe that data security is a shared responsibility, where the service provider assures physical security and the subscribers must secure their servers and data. Presumably this would include a strategy for encryption and key management which requires that the keys be stored outside the cloud rather than in it.
Startup security company Porticor just released a solution that addresses the concern about data at rest in the cloud. Porticor offers a split key encryption solution where the cloud customer is the only one who knows the master key. What's more, Porticor handles all the complexity of encrypting data so the customer barely needs to think about it. The security and convenience is all in the unique implementation of key management.
BACKGROUND: Startup Porticor launches with encryption technology for cloud computing
SECURITY STARTUPS: 6 new security companies to watch
The fundamental problem of encrypting data in the cloud is where to store the keys. The customer can't store the keys on a disk in the cloud because they could be vulnerable to hackers. The customer could allow a vendor to store its keys, but that means putting trust in a third party. The customer could bring the keys back into his own data center, but that seems to defeat the purpose of outsourcing data center services to the cloud. Porticor now offers an alternative for key management that is both simple and secure.
Porticor's approach is based on the concept of the safe deposit box that has two keys -- one for the customer and the other for the banker, or in this case, the Porticor Virtual Key Management Service. Just like the safe deposit box, the customer can't decrypt the data without the key held by Porticor, and Porticor can't decrypt the data without the master key held by the customer. In practice, the customer actually has one key per project, which is usually an application. Porticor has thousands of keys, one for each file or disk belonging to that project. Still, the keys must pair up in order to provide access to the encrypted data.
Beyond the keys being split between the customer and Porticor, the unique part of the solution is the keys themselves are encrypted by the customer's master key, which only the customer holds and knows. As a result, Porticor holds project keys but the vendor can't read them because they are encrypted. By encrypting the "banker" keys with the customer master key, Porticor gives the customer complete mitigation of end data protection. The customer must write down the master key and literally store it in a steel box. Once that is done, no one in the world other than the steel box ever sees the key. (Another option is to put the master key in an escrow service.)
Architecturally, the Porticor solution sits between the cloud based server and storage, ensuring that every bit of data between the servers and the storage is encrypted and every bit of data moving from storage to the servers is decrypted for customer initiated processes. The piece in the middle is the heart of the Portico solution, the Virtual Private Data (VPD) application. VPD is a virtual appliance that encrypts any disk or storage array with encryption algorithms such as AES-256. VPD retrieves the "banker" keys as well as requesting from the customer its key.
Porticor says this is military-grade security since only one party -- the customer -- holds the master key to unlock the data. (Hint: Don't lose the master key or you're up the creek without a paddle.) The master key only needs to be brought out of the steel vault when the entire server cluster is rebooted, which should be a rare occurrence. When new application servers are created, they inherit the encryption automatically through the VPD.
Visit link:
Cloud computing 'made in Germany' stirs debate at CeBIT
When it comes to cars or machines, "made in Germany" is seen worldwide as a sign of quality, but some firms are now extending it to "cloud computing", the buzzword at this year's CeBIT tech fair.
It may seem paradoxical to impose borders on this multi-billion-dollar industry, which allows users to store data remotely rather than on individual machines, but this is exactly the aim of Deutsche Telekom.
The head of the German communications giant, Rene Obermann, told visitors to the CeBIT this year that "the 'German Cloud' could present a competitive advantage for us."
Why? In a word, security.
Having lived through first a Nazi dictatorship, then a Communist one, Germans are especially sensitive when it comes to data protection and Deutsche Telekom hopes to leverage this to its advantage.
"In Germany, the data protection laws are very strict. But several operators do not come from Germany and do not adhere to these standards," said Obermann.
He is aiming at the 3.6 million prosperous German small and medium sized firms who have not yet taken the leap to storing their data using cloud computing. Only 12 percent have done so.
"It's an enormous potential," said Obermann, vaunting the advantage of his firm's 30 giant servers or "datacenters" across Germany.
However, Sergei Schlotthauer, head of the German IT security lobby Egosecure, accused Deutsche Telekom of "playing on people's fears."
"For me it makes no difference. Our clients are well aware that with the Internet it is difficult to localise something," he said.
Go here to see the original:
Dome9 Security Launches Free Cloud Security For Unlimited Number Of Servers
SAN MATEO, Calif. March 7, 2012 Dome9 Security, the leading provider of cloud security firewall management for public and private clouds, as well as for dedicated and virtual private servers (VPS), today announced Dome9 Lite Cloud a powerful new free cloud security service that provides centralized firewall management for an unlimited number of servers and clouds in virtual private, cloud, collocated, and hosted environments. Starting today, the service is available at no cost via http://www.dome9.com/LiteCloud.
Today there are more than 30 million cloud servers in use, and most are vulnerable to attack because their built-in security stacks such as the host firewall are too difficult to manage. For the first time, developers and administrators can simplify security management for an unlimited number of servers, including secure access to any server in any cloud, by using Dome9 absolutely free.
Dome9s Lite Cloud offers GUI-based firewall management for an unlimited number of Windows and Linux servers and clouds. The free Lite Cloud service makes it simple to scale security to any sized infrastructure and ensure cloud server firewalls are not misconfigured or left unmanaged and exposed to brute force attacks and exploit vulnerabilities. It includes features such as activity logging and auditing, support for multiple administrators, and Dome9 Security Groups; and is fully expandable to Dome9s Business Cloud service, which offers many expanded capabilities. Using Dome9s centralized GUI-based approach, IT teams can avoid the hassle of individually managing IP tables or the Windows firewall, and secure access to any cloud server.
Dome9 is launching the new Lite Cloud free service to ensure that every cloud server has the necessary baseline level of security, said Dave Meizlik, Dome9 VP of Marketing and Business Development. Security is the number one concern among cloud adopters, and now Dome9 has taken price out of the equation to ensure every cloud server is secured, with absolutely no limit to the number of servers you can protect.
Since Dome9 is an on-demand security management service, signup and setup take less than five minutes and do not require a credit card. New customers of Dome9s free Lite Cloud service receive the enhanced features of Dome9s Business Cloud service for 30 days, including Dome9s patent-pending Secure Access Lease technology providing 1-click, time-based access to any server and cloud. Lite Cloud customers can seamlessly upgrade to Dome9s Business Cloud with just a few clicks and for just 4 cents per hour per server.
Dome9 Security is the only cloud security service to automate cloud firewall management for public and private clouds, as well as for dedicated and Virtual Private Servers (VPS), across all platforms. Dome9 closes a critical gap in todays cloud computing server security ports such as SSH, RDP, and MYSQL left open so administrators can connect to and manage their cloud servers. This common practice leaves servers vulnerable to hackers who need only guess the correct username and password or exploit any protocol vulnerability to gain unauthorized control of a server. Dome9 secures all administrative ports for all servers and clouds enabling secure access, on-demand. Its key innovation is the ability to provide secure access leasing dynamically generated, time-based secure access to cloud servers which enables customers to close all server administrative ports by default.
About Dome9 Security
Dome9, the leader in cloud security management, automates and centralizes cloud firewall management across all servers and clouds. Available for both enterprises and hosting providers, and as a free offering, Dome9 supports clouds, VPS, dedicated servers, and Amazons EC2 Security Groups, across all major operating systems and service providers. Dome9 is headquartered in Tel Aviv, Israel, with U.S. offices in San Mateo, Calif., and is venture backed by Opus Capital Ventures. For more information, visit: http://www.dome9.com/.
View post:
Dome9 Security Launches Free Cloud Security For Unlimited Number Of Servers
Could the digital 'cloud' crash?
By Steven McIntosh Newsbeat reporter
When Megaupload was taken down last month, users around the world lost access to files they had uploaded.
The site was shut down by prosecutors in the US after it was claimed users were illegally sharing music and movies, costing copyright holders an estimated $500m (315m).
But many people used the site legally to share personal files such as photos and documents.
It's now becoming more common for users to store their files online in what's referred to as "the cloud".
But how safe is cloud storage when prosecutors can close down massively popular websites without warning?
While certain sites or servers could be closed down, it would be practically impossible for the cloud as a whole to crash.
Rik Ferguson from internet security company Trend Micro says: "The cloud, much like the internet, is not one single system reliant on one single connection. For the whole cloud to disappear is pretty much inconceivable."
However, it is possible for individual cloud servers to fail as a result of physical damage to the hardware.
Will Shenton from Bedford, says he stands to lose hours of audio from his work as a DJ and producer.
Read more from the original source:
Computer Basics: What is the Cloud? – Video
07-03-2012 13:55 http://www.GCFLearnFree.org You may have heard people using terms like the cloud, cloud computing, or cloud storage. But what exactly is the cloud? Basically, the cloud is the internet - more specifically, it's all of the things that you can access remotely over the internet. When something is in the cloud, that means it is stored on servers on the internet, instead of on your computer. It lets you access your calendar, email, files and more, from any computer that has an internet connection. There are many reasons to use the cloud, but the main reasons are convenience and reliability. In the past, if you wanted to bring a file with you, you would have to save it to a USB flash drive, external hard drive, or CD-R disc. Saving a file to the cloud ensures that you'll be able access it with any computer that has an internet connection, so you don't have any physical media to keep track of. The cloud also makes it much easier to share a file with coworkers or friends, making it possible to collaborate over the internet. With the cloud, you're much less likely to lose your data, since it is stored on servers. However, just like anything online, there is always a risk that someone may try to gain access to your personal data, so it's important to choose a strong password and pay attention to any privacy settings for the service you're using. To learn more about the cloud, watch the following video.
See the original post here:
From scooters to servers: The best of Launch, Day One
Rafe's top picks from the big startup conference include a service to help you get financial aid, one to get you in shape, and cloud storage company with no servers.
The Space Monkey storage pod lives in your house.
I'm an official Grand Jury judge at the Launch startup conference that's in town right now. Tomorrow I'm supposed to render my judgment on the presenting companies to help determine which ones get pieces of the $1 million in investment prizes that have been contributed to this event. Nothing says I can't talk up the products I like ahead of time, though. Here are five. And some bonus picks.
1. Space Monkey This was the favorite of most of the judging panels today, as well as my top pick. Not only is it being a potentially very disruptive product, but it's got a killer value proposition for consumers as well as good sales potential. It's a faster, larger Dropbox for less money, and since it has a physical component it can be sold easily in retail. See my full writeup for more, including the significant challenges this business faces.
2. Alltuition The conference demos kicked off with what seemed like a very boring product: A Web service to help you find financial aid for college, and apply for all the various programs for which you might be eligible. But any parent can tell you how terrifying the mountain of paperwork can be, and how high the stakes are if you make mistakes on it. This service addresses a real need, not a want, and it has a tangible value. It's a good business.
The uGrokIt scanner is colored bright orange so you don't lose it. Because then what would you do?
3. uGrokIt I confess that I am ambivalent about this company, but everyone I talked to about it just loved it, and it is a fun idea. It's a gizmo for finding stuff that you lose in your house. You attach a paper-thin RFID tag to things that are likely to get lost (your 3-year-old's shoes, his favorite stuffed toy, your wallet, etc.) and then you can find these things later by docking your smatphone with a scanner gizmo (see picture) that will bleep like a metal detector as you get closer to your item. It has a range of 6 to 10 feet, which makes it easy enough to definitively, and quickly, sweep a room for an item.
4. Budge A little mobile service that helps you pace your fitness goals over time, and that includes nags (if you ask for them) and a way to join groups of people who have similar goals. There have been, and are, dozens or hundreds of fitness apps, but something about the philosophy and design of this one seemed, to me, to be completely dialed in. We'll see if it works over time (I'll let you know), but I have a better feeling about this fitness product than most that I see.
Bonus: In the "Demo pit" (showing off in the exhibit center but not presenting on stage) there was another fitness app I liked, Wello. It's a service that connects personal trainers to clients over Webcams. The idea is to free trainers from the lock that gyms have over them (and the fee that gyms take) and allow them a more flexible, and efficient schedule. Tags are cheap (a dollar each for now, less in the future) and unpowered, so you don't have to worry about replacing their batteries. But the scanner is big and bulky and can get lost itself. Still, the number of people I talked to who said they'd really like to have one of these in their kitchen stuff drawer for contingencies tells me the company is on to something. And I could see it selling extremely well on SkyMall or QVC.
Scoot CEO Michael Keating on his product.
See the article here:
Cisco rolls out UCS servers with Intel Xeon E5 chips
Cisco has expanded its data centre portfolio this week with servers and networking gear to better support virtualisation, cloud computing and Big Data.
Cisco says the rollout represents its third generation fabric computing platform and addresses data centre scale and promptness in responding to changing business needs.
As expected, the new servers in Ciscos Unified Computing System (UCS) fabric computing platform support Intels new Xeon processor E5-2600 line, also known as "Romley" and "Sandy Bridge", and includes multiple form factors, up to eight times the memory capacity and four times the I/O of previous UCS servers.
The UCS Manager now supports Ciscos UCS rack-mount servers, enabling those form factors to reach management parity with the UCS blade servers. Cisco also added fabric extenders, interconnects and I/O modules to support the new servers.
The new servers include one blade and two rack-mount units, all based on the Intel Xeon E5-2600 processor. The Cisco UCS B200 M3 Blade Server comes in a half-blade form factor supporting 24 DIMM slots and up to 80 gigabits of I/O bandwidth.
The UCS C220 M3 Rack Server is a one rack unit (1RU) unit, targeted at business workloads like web services to distributed databases. The UCS C240 M3 Rack Server is a 2RU server designed for storage-intensive workloads, from big data to collaboration.
The new rack mount servers and Ciscos existing rack-mount units can now be managed by Cisco UCS Manager. UCS blade and rack-mount servers can be managed uniformly within a single domain by UCS Manager, Cisco says.
In the second half of 2012, Cisco says it will deliver the capability for UCS Manager to control multiple UCS domains, which would improve scale. The centralised manager will be able to govern and orchestrate thousands of servers in or between global data centres, Cisco says.
Naturally, the network has to support these increasingly virtualised and distributed workloads. So Cisco rolled out the chassis I/O module 2204XP. It offers 80Gbps and 160Gbps down to each chassis to handle workload bursts. The module also offers load balancing across all ports.
Supporting it is the VIC 1240 interface card, which connects the server to the chassis I/O module and delivers the 80G to the server.
Read more from the original source:
New Cisco servers have Intel Xeon E5 inside
Cisco this week expanded its data center portfolio with servers and networking gear to better support virtualization, cloud computing and Big Data.
Cisco says the rollout represents its third-generation fabric computing platform and addresses data center scale and promptness in responding to changing business needs.
As expected, the new servers in Ciscos Unified Computing System (UCS) fabric computing platform support Intels new Xeon processor E5-2600 line also known as Romley and Sandy Bridge -- and includes multiple form factors, up to eight times the memory capacity and four times the I/O of previous UCS servers.
IT'S HERE: Intels Romley products could put crimp in competition
Also, the UCS Manager now supports Ciscos UCS rack mount servers, enabling those form factors to reach management parity with the UCS blade servers. Cisco also added fabric extenders, interconnects and I/O modules to support the new servers.
Cisco says it now has 11,000 UCS customers since the platforms introduction in 2009. And at a $1.3 billion annual run rate, UCS is the fastest growing product in Ciscos history, company officials said.
The new servers include one blade and two rack-mount units, all based on the Intel Xeon E5-2600 processor. The Cisco UCS B200 M3 Blade Server comes in a half-blade form factor supporting 24 DIMM slots and up to 80 gigabits of I/O bandwidth.
The UCS C220 M3 Rack Server is a one-rack-unit (1RU) unit, targeted at business workloads like Web services to distributed databases. The UCS C240 M3 Rack Server is a 2RU server designed for storage-intensive workloads, from big data to collaboration.
The new rack mount servers and Ciscos existing rack mount units can now be managed by Cisco UCS Manager. UCS blade and rack mount servers can be managed uniformly within a single domain by UCS Manager, Cisco says.
In the second half of 2012, Cisco says it will deliver the capability for UCS Manager to control multiple UCS domains, which would improve scale. The centralized manager will be able to govern and orchestrate thousands of servers in or between global data centers, Cisco says.
Read more from the original source: