Virtualization Technology News and Information
Article
RSS
Xceedium Announces Privileged User Protection for AWS Cloud Management APIs

Xceedium, Inc., the premier provider of privileged identity management for the hybrid cloud, today announced it has enhanced Xsuite to include protection for the Amazon Web Services management APIs that advanced cloud customers use to monitor and configure their AWS environments. The latest version of Xsuite now includes a privileged API proxy-enabling access control, monitoring, and auditing for scripts and tools accessing AWS management APIs.

Xsuite's new API Proxy extends the security and auditing capability Xsuite already provides for instances running on AWS and the AWS Management Console. With the advent of software defined infrastructure, many advanced organizations are bypassing the web-based AWS management console and automating operational tasks­­-utilizing AWS SDKs for Python, PHP, and others, and DevOps tools (e.g., Chef or Puppet) that call AWS' REST-based management APIs. Xsuite now provides an extra layer of protection so AWS customers can control access, monitor, and audit exactly what scripts are doing.

The AWS management console, and its associated APIs, powers a system capable of altering an organization's underlying cloud infrastructure in seconds. It enables organizations to monitor, control, configure, and scale their environments like never before. This powerful management system reinforces the need for customers to adopt a "shared responsibility security model." With the shared responsibility model, customers must understand the risks, how to utilize AWS security features, and what additional security and audit controls are necessary to mitigate risks and meet compliance mandates. The Xsuite AWS API Proxy was designed to deliver the extra protection and auditing enterprise customers require.

The Xsuite AWS API Proxy enables customers to: 
  • Impose a single point of access control, monitoring, and audit for all activity associated with the AWS Management Console and its underlying REST API set
  • Enforce role-based API access control on scripts interacting with the management plane for AWS Public, Government, and VPC clouds
  • Create a full bi-directional audit trail of all API calls and responses
  • Attribute AWS API activity to a specific user without requiring customers to add and maintain users in the AWS Identity and Access Management (IAM) system
  • Use alternative credentials that are only valid with the Xsuite AWS API Proxy and cannot be used with AWS services directly­-ensuring all privileged API calls are controlled and logged
  • Vault and manage the credentials used by scripts to access AWS APIs and eliminate the practice of sharing these important keys
The Xsuite AWS API Proxy is licensed and configured through the Xsuite policy management engine. The API Proxy capability is deployed as separate Amazon Machine Instances (AMIs) and leverages AWS auto scaling to meet performance requirements and support the dynamic environments advanced AWS customers are implementing.
Published Tuesday, July 30, 2013 8:15 PM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
top25
Calendar
<July 2013>
SuMoTuWeThFrSa
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910