OpenStack Horizon is restricted to a list view of instances for a single project and region at a specific time. There is no visual mapping of the OpenStack environment. Troubleshooting can be slow and inaccurate due to the rapid changing environment.
Cloudvisory continuosly discovers the OpenStack infrastructure providing a visual mapping of OpenStack Accounts, Regions, Projects, Instances, network flows and even other cloud providers. As new workloads spin up or down, the visualization tool is immediately updated.
Tags and Meta Data are critical for organizing workloads and associated security policies into groups. OpenStack tags must be assigned and managed per instance. After tags are set, the desired use is left up to the administrator. There is no direct corellation between tags and network security policies in OpenStack.
The Security Orchestration plane enables creation of natural language policies and the association of those policies to workloads via Infrastructure memberships and Tags and Group memberships (such as application or application tier). This orchestration plane enables automated calculation and provisioning of security policies, even as the environment undergoes change With security automation, the pace and accuracy of DevOps processing increases dramatically.
Creating policies in Cloudvisory can be done across Accounts, across Regions, across Projects, at the workload or logical group level, and even across other Cloud Providers simply and intuitively. This enables agile management, security, and dynamic control of the OpenStack deployment.
Cloudvisory can quickly identify non-compliant network flows and alert teams to potential threats. CSP continuously monitors security policies for needed adjustments, and alerts on non-compliant changes. Below, visual flow data specifically points out compliant and non-compliant flow details to quickly identify risk and potential malicious activity
Cloudvisory flow information is summarized per workload and logical group for a better understanding of the environment and faster triage of infected workloads or malicious behavior.
Cloudvisory is constantly monitoring the security policy state to confirm it remains immutable and compliant. If an unauthorized change to the policies is identified, Cloudvisory detects, alerts, and can take automatic corrective action to return the OpenStack environment to its secure state.
Cloudvisory’s Security Platform (CSP) leverages OpenStack’s strong native security controls to protect its environment. Cloudvisory’s Security Platform provides security automation ensuring Openstack workloads are more secure than those in traditional data centers.