Dome9: Airtight Security for Your Cloud Servers

Secure Access Lease

With Dome9, all your cloud servers are fully protected by default. To gain access to a server, the admin requests a secure access lease, which by default provides access for 1 hour, for a specific server and protocol, connecting from a specific IP. Dome9 Central notifies the Dome9 Agent on your cloud server that there is a new policy to enforce (e.g., Allow SSH from IP address 78.111.23.124). The Agent then opens the designated port, enabling the identified user to gain access and carry out his tasks. After the lease expires (default is 1 hour), Dome9 Central notifies the Dome9 Agent to close the cloud server port. Learn More

Secure Access Lease Invitations

Dome9 Central can generate invitations for secure, third-party access. Secure access lease invitations are one-time access passes for a specific port on a cloud server. The invitation grants the recipient secure access to the specified port without the need to log in or authenticate through Dome9 Central. Once the secure access lease invitation has been activated, Dome9 Central automatically configures the cloud server firewall with the new policy (e.g., allow 1 hour MySQL access to a specific cloud server, from a unique IP). Secure access lease invitations are time-limited (max. 24 hours) so cloud servers are secure by default. Learn More

Multi-tiered Administration

Dome9 offers several tiers of administration. Super-users have full control over all cloud servers managed in Dome9 Central. The super user can grant partial or limited access to delegated administrators, and limit that access to a predefined set of machines. A super user, for example, can grant a developer RDP access to a specific staging server, and not to any production machines. Learn More

Consolidated Security Management

Dome9 centrally manages the cloud security configurations of multiple environments (e.g., Rackspace, EC2, GoGrid, etc.) through its unified manager, Dome9 Central. Whether it’s Linux IPTables, Windows GUI based Firewalls, and/or EC2 Security Groups, cloud security policy management is consolidated in Dome9 Central.

Account Activity Auditing

Dome9 auditing provides full, account-level visibility and logging of user activity. Advanced filters help you drill down to see when users have logged on to Dome9 Central, changed cloud security policies, sent secure access invitations, and accessed cloud servers.

Multi-Platform Security Groups

Dome9 Security Groups provides group-based policy management across multiple servers and clouds. Consolidate management of multiple cloud servers under an umbrella ‘Group’ profile and then, when you add a server to a Dome9 Security Group, its policy is automatically inherited from the Group profile. Learn More

Security Auto Scaling

Dome9 auto scaling gives you on-the-fly security for any servers you add across any clouds. Leveraging either Dome9 Connect for API-based deployments or a unique pairing key for Dome9 Agent-based, your servers are dynamically paired with your Dome9 account and secured automatically by your default Dome9 Security Group. Auto scaling makes your security as elastic as your infrastructure. Learn More

1-Click Instant Access

Dome9 Instant Access gives you time-based secure access via a single button in your browser. Available today for Google Chrome users, Dome9 Instant Access eliminates the need to login to Dome9 Central to get access, automatically notifies you when your secure access lease is about to expire, and allows you to extend your lease with a single click. Learn More

 

Leave a Reply