Floating security tools make the cloud more secure

Cloud computing offers efficiency and economy, but IT professionals still worry about the weak security inherent in the technology (see “IT Experts: Security Risks of Cloud Computing Outweigh Benefits,” 12 April 2010 HSNW). Where there is a security need, there is a business opportunity, and securing the cloud is going to be big business.

Some companies hope to enjoy a first-mover advantage. Layer 7 Technologies — an outfit that handles security for XML Web services and what the world now calls clouds — has introduced a new collection of tools for securing and managing sky-high infrastructure and applications.

Cade Metz writes that on Monday, the Canadian company introduced a family of products dubbed CloudSpan, and it spans (just about) everything tagged with the now ubiquitous cloud moniker. It serves “cloud providers” that offer up virtual infrastructure services similar to Amazon EC2, enterprises that run applications atop such services, and companies that merely run Web-based applications like Google Apps or Salesforce.com (Metz notes that software as a service — SaaS — is no longer called software as a service: it is called cloud).

For cloud providers, Layer 7 Technologies’ suite includes something called CloudControl, a way for the provider to oversee access, security, monitoring, and billing for the services it offers up to world+dog. It is available as either a hardware appliance or as a Web service, and it is pitched as a tool not only for an Amazon-like “public clouds” but also the “private clouds” a provider might build on behalf of other businesses.

“This is sold to an Amazon or a Rackspace or a telco that are starting to come up with similar offerings,” Scott Morrison, chief architect and VP of engineering at Layer 7, told Metz. “It gives you the ability to define access control policies, manage SLAs into those services, and also to keep track over what’s going on for billing purposes.”

For enterprises running applications atop a cloud — be it public or private — Layer 7 offers CloudProtect. If you deploy, say, an Oracle database on Amazon EC2, this provides security around the application itself. “It allows you to take applications and put them into a virtualized application container,” Morrison says. “You don’t have to worry about hardening your operating system, configuring it, putting up the firewalls, making sure it’s patch complaint, making sure it shouldn’t be running services it shouldn’t. You install your application on one of our devices and all of the communications go through our single policy-control point.”

Then there is CloudConnect, which secures SaaS application like Google Apps or Salesforce.com. “This provides single sign-on and security for all your SaaS cloud applications.”

All three products in the CloudSpan suite are available as of right now. You can learn more here.