Fortune 500 Healthcare Co.
In the AWS console, only a single account and region can be seen in the list view of VMs. While this is useful, the lists do not provide a visual mapping of the complete AWS environment, which hampers troubleshooting security issues.
Cloudvisory continuously discovers AWS infrastructure, delivering an interactve visual mapping of AWS Accounts, Regions, VPCs, VMs, network flows and even other hybrid or multi-cloud environments. This mapping illustrates the exact make up of the AWS enviornment. As new workloads spin up or down the mapping will be immediately refreshed for an up-to-date representation of the deployment.
Tags and Meta Data are critical for organizing workloads and associated security policies into groups to speed management and control. In AWS you can manage tags to organize workloads, but there is not an option to organize Security Groups based on Infrastructure memberships. Additionally, certain Tags need to be managed securely which is not yet an option in AWS. In many cases, Dev/Ops teams are using complex coding and scripting in an attempt to organize Security Groups or worse, they are using very “open,” and generic settings which leave the environment at risk.
CSP's Security Orchestration plane allows for the creation of natural language policies and the association of those policies to workloads via Infrastructure memberships, Tags, Secure Tags and Group memberships (such as application or application tier). This orchestration plane allows for the organization, automated calculation, and provisioning of immutable policies, even as the environment undergoes change. Granular and more segmented policy control becomes a reality using Cloudvisory. The graphical user-interface provides dramatic ease of use, speeding up Dev/Ops and insuring consistent and perfect security.
Using the AWS Console to list and manage security groups is limited to a single Account in a single Region.
1) Automated and continuous Discovery and Visualization of your entire AWS Deployment
2) Organization and Orchestration of granular, micro-segmented Security Group Policies
3) The automatic provisioning of exacting security controls
4) The non-stop monitoring and enforcement of data flows and policies to ensure security policies remain immutable and the environment remains protected.
Cloudvisory’s Security Platform (CSP) provides the necessary automation vital to your AWS cloud security strategy. CSP’s audit, compliance, microsegmentation and enforcement helps deliver immutable security across your AWS and Hybrid deployments.