Understanding and managing the security of your workloads in OpenStack can be challenging using OpenStack Horizon, the CLI, or the REST API. In all cases, getting the proper perspective of the current infrastructure and any changes to it over time can be difficult due to the lack of visual representations into the relationships of Regions, Projects, Instances, Security Groups, and the network flows between them. Here’s the value Visualization can bring to an OpenStack deployment.
OpenStack Horizon is restricted to a list view of instances for a single project and region at a specific time. There is no visual mapping of the OpenStack environment. Troubleshooting can be slow and inaccurate due to the rapid changing environment.
Tags and Meta Data are critical for organizing workloads and associated security policies into groups. OpenStack tags must be assigned and managed per instance. After tags are set, the desired use is left up to the administrator. There is no direct corellation between tags and network security policies in OpenStack.
The Security Orchestration plane enables creation of natural language policies and the association of those policies to workloads via Infrastructure memberships and Tags and Group memberships (such as application or application tier). This orchestration plane enables automated calculation and provisioning of security policies, even as the environment undergoes change With security automation, the pace and accuracy of DevOps processing increases dramatically.
Creating policies in Cloudvisory can be done across Accounts, across Regions, across Projects, at the workload or logical group level, and even across other Cloud Providers simply and intuitively. This enables agile management, security, and dynamic control of the OpenStack deployment.
Cloudvisory’s Security Platform (CSP) leverages OpenStack’s strong native security controls to protect its environment. Cloudvisory’s Security Platform provides security automation ensuring Openstack workloads are more secure than those in traditional data centers.