Government, Enterprise and Midmarket Organizations are utilizing Cloud Hosting providers like Amazon (AWS), Microsoft (Azure), Google, Rackspace and others to expand their compute and storage capacity. While these hosting services are responsible for securing the underlying infrastructure, customers are ultimately responsible for securing their applications and data and identifying potential weaknesses and suspicious activity on their network. Cloud-based network intrusion detection (IDS), port scanning, host, application and vulnerability discovery and intrusion prevention (IPS) add this needed security to cloud applications.
CounterSnipe’s IDS/IPS for the Cloud allows organizations to cost-effectively protect the security of their deployments and meet regulatory compliance mandates, including PCI DSS, ISO 27001, SOX, GLBA and HIPAA/HITECH. CounterSnipe provides IDS, internal and external vulnerability scanning and IPS, via a hardware or virtual appliance or in a Security-as-a-Service mode, managed by CounterSnipe’s simple, hosted user interface, the Threat Management Console. CounterSnipe offers 24/7 management and health monitoring for organizations’ cloud networks, or organizations with internal security resources, can utilize the Threat Management Console to manage their hosted network security themselves. Automatic asset discovery and vulnerability scans enable organizations to maintain an inventory of running instances to understand their points of exposure. CounterSnipe IDS/IPS for the Cloud is based on light weight sensors that scan and report on malicious traffic using a fine tuned malware and vulnerability rule set. The events then are correlated, separate from the sensors, thus not affecting the server performance.
Following are key features and functions of CounterSnipe’s IDS/IPS for the Cloud:
Asset Grouping for better asset management
Broad scanning and detection visibility
Dashboards and reports available out of the box
Single web-based console for entire environment
Customized alerting and escalation procedures
Scheduled asset scanning
Automated signature deployment
Custom rule creation and editing
Unlimited internal and external port scans
Deploys in public and private clouds and supports elastic scaling
Provides a single view into cloud, hosted and on-premises
Includes thousands of IDS signatures with daily updates
Managed Security Service Providers (MSSPs) can also utilize CounterSnipe’s IDS/IPS for the Cloud technology to offer this security service to their customers. CounterSnipe provides a reliable, highly flexible and scalable deployment to help MSSPs quickly deploy and monitor customer environments with asset discovery, vulnerability assessment, behavioral monitoring, threat detection and security intelligence.