Solution overview
Amazon Web Services (AWS) allows you to provision a (logically isolated) virtual network called a Virtual Private Cloud (VPC). AWS represents a new paradigm in network design, replacing network hardware with purely logical management tasks. Part of the tradeoff for this simplicity is obfuscation of AWS security. As more subnets are added to your Amazon Web Services VPC it becomes harder to visualize your architecture and the access it provides. As the VPC grows and connects other VPCs, virtual networks and legacy physical networks it gets even more difficult to understand AWS security: what is exposed to the internet, where attackers can go, and what access a given host has.
Unify physical and cloud security
With RedSeal your physical, virtual and AWS Virtual Private Cloud (VPC) become a unified security architecture—capable of being modeled, tested and measured. Once integrated with your Amazon VPC, RedSeal gives you the means to assess the security controls of your cloud-based assets as well as your connected corporate data center. You’ll be able to analyze both east-west and north-south traffic as well as microsegmentation. RedSeal can also drill-into the AWS VPC ruleset providing the user with the specific rules that apply to an individual host. This feature makes it easy for cloud policy management and network security teams to ensure that only authorized access is allowed, increasing AWS security.
Model, test and measure cloud and hybrid architecture
RedSeal also integrates with Amazon AWS Config allowing you to track and store the history of Amazon VPC configurations and configuration changes in Amazon Simple Storage Service (Amazon S3). With AWS Config, you get the information you need to strengthen AWS security defenses in your AWS environment.
You can:
Unify security architecture across hybrid data center
RedSeal models your AWS VPC fabric along with your physical and private cloud assets. This provides a single comprehensive model to view and query your entire cloud network.
Validate policy compliance instantly
The integration between AWS Config and RedSeal enables customers to define access policies and validate any Amazon VPC changes against them to ensure secure access.
Verify compliance with industry configuration guidelines
AWS Config and RedSeal can determine if network devices comply with configuration guidelines like STIGs and RedSeal’s best practice checks.
Validate VPC Configuration
The combination of AWS Config and RedSeal enables you to verify and validate all aspects of the VPC deployment and configuration changes over time.
Learn how a hospital at a large U.S. healthcare system used RedSeal to effectively secure their cloud environment.