Welcome!

@CloudExpo Authors: Liz McMillan, Mehdi Daoudi, Elizabeth White, Pat Romanski, Yeshim Deniz

Related Topics: @CloudExpo, Cloud Security

@CloudExpo: Article

CloudPassage: "Only Security Platform Purpose-Built for Cloud"

Company VP Joerg Rathenberg Interviewed at Cloud Expo

CloudPassage delivers a server security platform that's been "purpose-built for the cloud," according to the company. I spoke at Cloud Expo with Joerg Rathenberg, the company's VP of Marketing. Joerg was with IBM early in his career, "helping to build a new IBM in Eastern Europe as the cold war came to an end," he says.

Today, he focuses on CloudPassage's Halo product, which provides automated vulnerability management, compliance monitoring, network access control, server account administration, and security event alerting through REST APIs in all types of cloud environments.

"CloudPassage is securing cloud servers on the IAAS level," he told me. "Any company that runs its servers in the cloud will need to secure these servers, and CloudPassage will help them do this in an automated and scalable way."

Me: And delivered as SaaS, right?

Joerg: Yes, being a true cloud player, of course our product is delivered as Software-as-a-Service. Pricing is on a utility model - pay as you go - although as you know, we offer a free version as well.

Me: So what sort of customer engages initially with the free version? And how do you convince them to upgrade?

Joerg: The main group of people signing up are the ones responsible for running the cloud servers. In medium and small companies, these can be part of the development team, typically run by DevOps, SysAdmins and others.

In enterprises, often the Business Units go and subscribe to their own cloud servers for development. Here it is often the developers, product managers or product architects who come and sign up for Halo Basic, our freemium product, which is available for up to 25 servers without time limitation. They don't need a credit card or sign contracts, and they can secure their servers within a few minutes.

The upgrade to Halo Professional happens when companies start running more than 25 servers in the cloud. Other features include a very comprehensive API, and full access to two years' worth of detailed security log data. This is important to those companies with compliance requirements like PCI, HIPAA, and others.

Me: What sorts of security and related technical burdens do you eliminate for your customers? And how do you provide them the control they need?

Joerg: Companies go to the cloud to take advantage of economies of scale and flexibility. So, if an e-Tailer does not need the 500 additional cloud servers that the used to get through the holiday season, they simply turn them off and don't have to pay for them any longer.

Any company that subscribes to an Amazon EC2, Rackspace, Terremark, Gogrid or other cloud server solution is sharing the responsibility of securing their cloud servers. The problem is that traditional security systems don't support the architectural challenges and elastic capabilities of the cloud. CloudPassage Halo is the only cloud infrastructure platform expressly designed for the cloud and delivered as a service.

Me: How flexible is this, really?

Joerg: Using Halo, our customers can move their servers from one provider to another anytime they want - such as, if it's cheaper for them to do so - and retain their security. They can scale up and down, automatically deploy thousands of servers and be assured that they are secure. It doesn't matter if these servers are located in the public, private or hybrid cloud.

(Additionally,) a "single pane of glass" allows them to manage their entire cloud infrastructure from one central place. Security functionality includes host-based firewalls, vulnerability scanning, account management, two-factor authentication, and more.

Me: Revisiting an earlier question, then, what sorts of companies - by vertical markets and size - benefit the most from CloudPassage? Put another way, are there any limits to the type of customer that can succeed with your company?

Joerg: Because Halo is delivered as a service hosted in the cloud, it is infinitely scalable. At this stage, a lot of our customers come from business models that are leveraging the cloud. In particular SaaS providers are a perfect match.

Me: Oh, I see...

Joerg: For example, companies like Zappos, Foursquare, Avatar NewYork, ExoIS and others are investing in could deployments and rely on Halo for securing their infrastructure.

Three business models are particularly prominent: App Development - Development shops, integrators, but also Enterprise BU's who need fast, inexpensive and agile environments and need to protect their IP; Permanent App Hosting - these are the SAAS providers, social media and gaming companies that require scalable, elastic computing; Temporary Elastic Workloads - retail, life science, financial services and media companies with seasonal or project-driven spikes who need to protect their IP and their big data deployments.

Me: How do you continue to improve Halo? That is, how much do you learn from your customers? How much additional research are you doing to ensure continuous improvement?

Joerg: We are working closely with a number of Lighthouse customers for different use cases. As an agile development shop we rely on beta programs and are able to react quickly. We also rely on primary research - just  in the process of wrapping up a survey administered to several thousand IT professionals, where we are testing for their cloud plans and their preferences."

Me: What are the Three Big Reasons a company should engage with CloudPassage?

Joerg: First, to remain competitive, companies have to invest in cloud technology today. CloudPassage has everything they need to secure their cloud servers.

Second, to this point CloudPassage offers the only security platform available, that is purpose-built for the cloud and delivered as a service.

Third, we understand that security is one of the main inhibitors for massive cloud deployment. So CloudPassage makes cloud security fast, simple and automated so that companies can leverage the elasticity and the economics of the cloud today.

Follow me on Twitter

More Stories By Roger Strukhoff

Roger Strukhoff (@IoT2040) is Executive Director of the Tau Institute for Global ICT Research, with offices in Illinois and Manila. He is Conference Chair of @CloudExpo & @ThingsExpo, and Editor of SYS-CON Media's CloudComputing BigData & IoT Journals. He holds a BA from Knox College & conducted MBA studies at CSU-East Bay.

Comments (0)

Share your thoughts on this story.

Add your comment
You must be signed in to add a comment. Sign-in | Register

In accordance with our Comment Policy, we encourage comments that are on topic, relevant and to-the-point. We will remove comments that include profanity, personal attacks, racial slurs, threats of violence, or other inappropriate material that violates our Terms and Conditions, and will block users who make repeated violations. We ask all readers to expect diversity of opinion and to treat one another with dignity and respect.


CloudEXPO Stories
In today's always-on world, customer expectations have changed. Competitive differentiation is delivered through rapid software innovations, the ability to respond to issues quickly and by releasing high-quality code with minimal interruptions. DevOps isn't some far off goal; it's methodologies and practices are a response to this demand. The demand to go faster. The demand for more uptime. The demand to innovate. In this keynote, we will cover the Nutanix Developer Stack. Built from the foundation of software-defined infrastructure, Nutanix has rapidly expanded into full application lifecycle management across any infrastructure or cloud .Join us as we delve into how the Nutanix Developer Stack makes it easy to build hybrid cloud applications by weaving DBaaS, micro segmentation, event driven lifecycle operations, and both financial and cloud governance together into a single unified st...
"Cloud computing is certainly changing how people consume storage, how they use it, and what they use it for. It's also making people rethink how they architect their environment," stated Brad Winett, Senior Technologist for DDN Storage, in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Sold by Nutanix, Nutanix Mine with Veeam can be deployed in minutes and simplifies the full lifecycle of data backup operations, including on-going management, scaling and troubleshooting. The offering combines highly-efficient storage working in concert with Veeam Backup and Replication, helping customers achieve comprehensive data protection for all their workloads — virtual, physical and private cloud —to meet increasing business demands for uptime and productivity.
While the focus and objectives of IoT initiatives are many and diverse, they all share a few common attributes, and one of those is the network. Commonly, that network includes the Internet, over which there isn't any real control for performance and availability. Or is there? The current state of the art for Big Data analytics, as applied to network telemetry, offers new opportunities for improving and assuring operational integrity. In his session at @ThingsExpo, Jim Frey, Vice President of Strategic Alliances at Kentik, discussed tactics and tools to bridge the gap between IoT project teams and the network planning and operations functions that play a significant role in project success.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In their Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, and Mark Lavi, a Nutanix DevOps Solution Architect, explored the ways that Nutanix technologies empower teams to react faster than ever before and connect teams in ways that were either too complex or simply impossible with traditional infrastructures.