FacebookTwitterLinkedInYouTube


Support Login  |  Partner Login  |  Contact Us
products section
Home » Products » Solutions » By Use Case
» Cloud Services Security

Cloud Services Security

As enterprises worldwide are increasing their reliance on Cloud Service providers for critical business functions such as email (Google Mail, Hosted Exchange), collaboration (Google Apps, Hosted Sharepoint), CRM (Salesforce.com), and storage (Dropbox, Amazon S3), an enterprise can reap numerous compelling benefits, but they come with a new set of risks.

These services were traditionally deployed within the enterprise perimeter on systems and networks secured by the enterprise. In the Software-as-a-Service (SaaS) model offered by Cloud Service providers, enterprise employees are users of services hosted outside the enterprise perimeter, greatly limiting the security controls around application usage and information that might be stored and retrieved outside the organization.  Often, the use of these services is at the initiative of teams or business units, without corporate security being consulted. Typically, this structure leaves an enterprises’ conventional network security monitoring devices blind to the content being transferred between the enterprise and the SaaS provider.

Other risks include:

  • Emergence of new protocols at traditional monitoring points. Instead of content being transferred over open email protocols such as SMTP, use of new protocols such as Microsoft MAPI do not allow traditional network security solutions to inspect content; 
  • Reliance on SSL encryption. Hosted services rely on encryption via SSL/TLS between the end-user and application provider. In the absence of a means of decrypting this traffic, network security devices cannot inspect the contents of underlying sessions;
  • Blind to advanced threats.Client-system focused malware can be downloaded or distributed through an organization without the possibility for intervention by an enterprises’ network security tools.

Collectively, this creates new risks around the potential for sensitive information to be transferred outside the organization in violation of policy or the possibility for advanced threats to enter the enterprise’s network.

 

Fidelis XPS for Cloud Services Security

Fidelis XPS’ Cloud Services Security solution reestablishes visibility into all traffic between an enterprise and its providers. Through a solution that combines Fidelis XPS and Fidelis SSL Inspector, enterprises can gain the necessary visibility and control to decrease their risk with their use of SaaS applications. By identifying the use of SaaS applications, as well as content inspection of all traffic between the enterprise and its SaaS providers visibility is restored that had been lost when key applications are moved to external providers of critical IT services.

Enterprises gain complete visibility and control around their use of Cloud Services, in order to:

  • Ensure the use of authorized Cloud Service applications;
  • Prevent the transfer of unauthorized content to the Cloud Service applications;
  • Authenticate Cloud Service Providers to prevent “Man-In-The-Middle” attacks.

Organizations utilize Fidelis XPS and Fidelis SSL Inspector to secure their utilization of Cloud Services in the following ways:

  • Decrypt SSL: Fidelis SSL Inspector ensures that all SSL traffic is decrypted and made available to the Fidelis XPS sensor for inspection.
  • Inspect all SaaS applications:Fidelis XPS decoders inspect SaaS applications

- Fidelis XPS HTTP decoder inspects and controls web-based SaaS applications such as Salesforce.com, Google Apps and Amazon S3.

- Fidelis XPS Exchange/MAPI decoder inspects and controls hosted Exchange services such as Microsoft Exchange 360 and Aptix.

  • Authenticate SaaS Providers: Fidelis XPS SSL decoder verifies the authenticity of all SaaS providers using SSL.
  • Enterprise-Controlled Security Practices:The solution is deployed at the enterprise, therefore it does not require active cooperation from the service provider so that an enterprises’ current security policies can continue to be enforced consistently across all providers.

Contact us today to learn more about Fidelis XPS and Fidelis SSL Inspector— the only network security solution tested, installed, and securing cloud services for enterprises and governments around the globe.

secondary navigation resources