HyTrust, VMware, Intel® Cloud Builders Enhanced Cloud Security Guide
Audience and purpose
This reference architecture explains a secure cloud infrastructure deployment and operation. It describes a cloud built with VMware vSphere*, Intel® Xeon® processor 5600 series-based server platforms, and a HyTrust Appliance* designed to enforce cloud security policies, including those based on platform trust attestation provided by Intel® Trusted Execution Technology (Intel® TXT). This reference architecture is tailored to aid security administrators responsible for design, implementation, validation, and utilization of cloud implementations. Hardware configuration, software configuration, and results from the implementation of specific test cases that demonstrate basic operational capabilities are covered in this document. This reference architecture is intended to complement product documentation and is provided as a starting point for the actual development of an enterprise cloud.
Cloud computing encompasses an on-demand, self-managed virtual infrastructure, which is provided as a service. This approach makes applications available, independent from the underlying infrastructure, allowing IT personnel to focus on delivering support and value. Increasingly, cloud computing architectures are built on virtualization technology. VMware is a proven leader in virtualization and is helping to establish and standardize cloud computing. Working with Intel and other industry leaders, VMware helps businesses of all sizes migrate to cloud computing, with the goal of addressing IT costs and complexities. Recent cloud computing customer surveys unanimously cite security, control, and IT compliance as primary issues that slow the adoption of cloud computing. These survey results denote concerns about change management, configuration management, access controls, auditing, and logging. Many customers have specific security requirements that must assure data location and integrity, and use legacy solutions that rely on fixed hardware infrastructures. Under current cloud computing conditions, the means to verify a service’s security compliance are labor-intensive, inconsistent, and non-scalable. For this reason, many businesses only deploy non-core applications in the public cloud and restrict sensitive applications to dedicated hardware.
Read the full Enhanced Cloud Security Guide..