Capabilities delivered as part of the RSA solution include:
-- Dashboard views based on the RSA Archer eGRC platform designed to
enable fast and accurate assessment of security and compliance posture
across physical and VMware virtual infrastructure.
-- Top-Down Visibility for Control and Compliance: The RSA solution
includes a comprehensive, centralized library and ready reference of
security controls within the RSA Archer platform. This library has
been expanded to cover more than 100 VMware-specific controls that map
the most current, global regulations such as PCI-DSS and HIPAA. New
software available with RSA Archer automates the measurement of
several VMware configuration elements to simplify the task of
measuring compliance. RSA enVision is being enhanced to add further
intelligence to the RSA Archer platform by updating the compliance
assessments with security-relevant events. RSA enVision collects
security events from an ecosystem of products including the RSA Data
Loss Prevention suite, VMware vShield, VMware vCloud(TM) Director,
VMware vCenter Configuration Manager, EMC?? Ionix, and HyTrust
appliance to enrich the compliance reports provided by the RSA Archer
platform.
-- Process Automation for Managing Remediation of Security Policies: The
RSA Solution for Cloud Security and Compliance leverages automated
workflow and notification processes in RSA Archer to simplify the
tasks of remediating security issues.
"Our customers are excited about the opportunity to continue extending and optimizing their use of virtualization but are hesitant unless they can deliver proof of compliance against security standards such as PCI or HIPAA and VMware best practices," said Bret Hartman, Chief Technology Officer of RSA, The Security Division of EMC. "Today RSA is delivering the first step to give customers both the capability and confidence to extend their VMware deployments to handle business-critical applications while providing a simpler and easier way to help ensure compliance for cloud infrastructures."
The RSA Solution for Cloud Security and Compliance is the first in a series of steps to deliver on the vision of security and compliance for cloud infrastructure which EMC outlined at RSA Conference 2010 in conjunction with key partners Intel and VMware.
At VMWorld 2010, Booth 1000, EMC will feature demonstrations of the RSA Solution for Cloud Security and Compliance and will also show a technology preview demonstration for how the solution will evolve in the future to leverage VMware vSphere and Intel Trusted Execution Technology (Intel TXT) to ensure hardware root of trust and isolation of regulated workloads.
RSA is contributing actively in the Cloud Security Alliance (CSA) Consensus Assessments Project for developing an open question-set, based on the CSA Cloud Controls Matrix, for security assessment of cloud services. When this work is complete, the RSA solution will be enhanced to offer tenants a way to assess the security of cloud service provider environments and their internal datacenters using RSA Archer.
"Intel is working with VMware and EMC to enable a hardware-based root of trust for the cloud," said Boyd Davis, Intel Vice President & General Manager, Data Center Group Marketing, "We're excited to see RSA taking the first step in delivering products and solutions that support our shared vision."
