Implementing Alert Logic Security-as-a-Service in AWS Cloud Environment
Apr 27, 2016
Running a business in today’s complex and daunting world, whether a small or enterprise-level organization, comes with a plethora of compliance and governance requirements. Depending on the industries or markets the business operates in, any number of financial, risk, taxation, or legal governance mandates from local, state, and national levels can affect business operations. Failure to adhere to any of these mandates could mean fines or expenses that directly impact profitability.
Navigating this seemingly constantly changing landscape can be a challenge for any business from both a resource perspective as well as a sunken cost perspective, but one of ClearScale’s clients made it a mission to provide a single-stop-solution for businesses by providing a SaaS workflow management tool that helps their business customers track, analyze, and identify compliance and governance risks inside of their companies. Unfortunately, the client was hosting their existing SaaS application in Rackspace and needed to find a way to move into the AWS Cloud to allow the solution to scale effectively.
ClearScale, an AWS Premier Consulting Partner, worked closely with the client to understand the ultimate goals and requirements they had. Creating staging, production, and disaster recovery environments and integrating a Continuous Integration and Deployment (CI/CD) pipeline that would host their .NET application was a straight-forward request, but the real challenge came when the client requested to have a single security solution wrapped around the application that would be deployed in the cloud.
The Challenge: Implementing an All-in-One Security Suite
The client preferred deploying their SaaS solution in AWS in a way that provided a full suite of security protections. They required that whatever security solution ClearScale implemented be an all-in-one suite so that it could fully protect using an Intrusion Prevention System (IPS), an Intrusion Detection System (IDS), a Web Application Firewall (WAF), and logging. Their concern was that there were individual products in the market that could do each of these items well, but they really needed a singular solution to allow them to manage all of them easily.
Moreover, they required that any solution ClearScale was able to deliver had to be able to handle all of the predefined checks around Payment Card Industry Data Security Standard (PCI DSS) and Service Organization Control 2 (SOC 2) compliance.
The Solution: Alert Logic Security-as-a-Service
ClearScale evaluated a number of possible off-the-shelf products on the market that might be able to accomplish what the client needed. Ultimately, selecting Alert Logic’s Security-as-a-Service suite of solutions was the recommendation ClearScale made to the client. By providing full-stack security with full visibility at each security layer, Alert Logic is able to monitor and provide active defense for applications and architecture deployed in the cloud, whether it is AWS, Google, or Azure.
The award-winning and industry-recognized Security-as-a-Service suite provides vulnerability scanning, detection analysis, blocking logic, and incident reporting holistically across the entire application and surfaces that information cleanly and concisely through a single application interface.
This happens with a variety of products within the suite. From Cloud Insight, designed to identify vulnerabilities in AWS implementations, to Threat Manager, designed to detect hostile and targeted intrusions, to Web Security Manager used as a Web Application Firewall and Active Watch for detection and response.
Alert Logic Diagram
The Benefits: End-to-End Security Protection
Implementing this solution allowed the client to provide their customers not only a robust AWS Cloud-based application for their compliance and governance needs with high availability, scalability, and disaster recovery mechanisms, but it provided end-to-end protection from an intrusion and defense perspective as well as a vulnerability identification perspective. In this manner, ClearScale’s client was going over and beyond simply providing a corporate workflow management tool that helped customers navigate a constantly changing compliance landscape; they were providing additional peace of mind through a comprehensive and robust security layer.
Since 2011, ClearScale has made it our mission to understand the intricacies of our client’s requests and transform those into robust designs and implementations. ClearScale’s proven capabilities and certifications in AWS Services have benefited numerous clients over the years. Discovering new and novel approaches to implementing third-party applications that bridge the gap between complex requirements and available AWS Services is what makes ClearScale a clear choice when you need a partner when your organization is ready to move or enhance your presence in the Cloud.
Learn more about ClearScale’s cloud security services here.