Risk
6/10/2009
12:13 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Layer 7 Brings Governance To The Cloud

Layer 7 SecureSpan Virtual Appliance lets organizations secure cloud-based interactions, monitor service-level conformance

VANCOUVER, British Columbia—June 9, 2009—Layer 7 Technologies, the leading vendor of governance and security solutions for application services, today announced the availability of the Layer 7 SecureSpan Virtual Appliance for cloud governance. The Virtual Appliance offers all the features of the SecureSpan family of hardware appliances, including sophisticated runtime governance, agent-less SOA management and industry-leading XML security in a VMware or ESX-based soft appliance. The Layer 7 Virtual Appliance for cloud governance allows organizations to secure cloud-based interactions, monitor service level conformance and adapt to changing conditions and needs.

Traditionally, Layer 7 customers have deployed the SecureSpan Virtual Appliance as a budget-friendly alternative to hardware appliances. The SecureSpan Virtual Appliance for cloud governance incorporates the new Layer 7 Enterprise Service Manager (ESM), which is a lightweight method of centrally managing, tracking and measuring application services no matter where those services reside: in enterprise SOAs, as part of a Software-as-a-Service offering or in cloud (both public and private) initiatives. With the Virtual Appliance for cloud governance, Layer 7 customers can seamlessly reuse their existing, on-premise SOA governance solution for their cloud-based initiatives.

"Cloud governance is uniquely demanding because of the complexity related to vendor contracts, expectations regarding service level agreements (SLAs) and the increasingly complex regulatory environment," said David Linthicum, cloud and SOA expert and founder of Blue Mountain Labs. "Traditional hardware appliances and monitoring tools were not intended for deployment in a cloud computing environment. They are unable to provide a centralized, accurate snapshot of the entire global network and they cannot give the ROI of a virtual appliance. Layer 7, on the other hand, offers an innovative and effective solution for private and public cloud deployments, while also providing centralized management, tracking and measurement of services. Layer 7 is the 'real deal' when it comes to runtime governance solutions for the extended enterprise, including SOA and cloud initiatives."

"Many organizations are reluctant to move forward with a cloud strategy because of justified concerns related to security and control. Layer 7 guides businesses and government agencies into the cloud in a controlled and secure manner," said Scott Morrison, chief architect for Layer 7 Technologies. "Layer 7's governance program provides the means to control, monitor and adapt application services, regardless of whether they reside on-premises or in the cloud. These capabilities clear the way for organizations to embrace cloud computing in a secure, managed and incremental fashion."

In addition to cloud governance, Layer 7 enables organizations to control, monitor and adapt application services in a variety of enterprise settings, including internal environments and between external domains (such as partners or branch offices). Only Layer 7's highly automated and interoperable gateway solutions, available as hardware, software and virtual (VMware) appliances, are capable of holistically governing today's complex and ever-changing ecosystem of application services, no matter where they reside.

Available resources:

  • InfoWorld Webinars "Three-part series on Cloud Governance and Security -- May 28, Cloud Control: Governance in the Cloud (recorded session) http://w.on24.com/r.htm?e=146747&s=1&k=AB2A7C2727D0056E74FB3B89F0BE0E34 -- June 11, Making the Business Case and ROI for Cloud http://www.accelacomm.com/jaw/Layer7email/11/50463323/ -- Sept 17, Cloud Security and Governance Best Practices http://www.accelacomm.com/jaw/Layer7email/11/50463464/

  • White paper " "Steer Safely into the Clouds: Why You Must Have Cloud Governance Before You Move Your Apps," available at http://www.layer7tech.com/main/images/Steer%20Safely%20into%20the%20Clouds%20v3.0.pdf

  • Data Sheet " "SecureSpan XML Virtual Appliance" http://www.layer7tech.com/main/solutions/cloud-computing.html

  • Podcast " Scott Morrison, Layer 7's chief architect and vice president of engineering, discusses the challenges and importance of cloud governance. www.layer7tech.com/resources/files/Layer%207_Cloud%20podcast.mp3. About Layer 7 Technologies

    Layer 7 Technologies is a leader in security and governance for application services, whose turnkey solutions feature sophisticated runtime governance, agent-less Web services management and industry-leading XML security. Founded in 2003, Layer 7's products include the SecureSpan family of XML appliances, which help organizations address security, visibility and governance issues. Layer 7 enables organizations to control, monitor and adapt their Web services, no matter where they originate " in the enterprise or in the cloud. Layer 7 has been positioned in the "Leader" quadrant in Gartner, Inc.'s Magic Quadrant for Integrated SOA Governance Technology Sets*. For more information, visit us at www.layer7tech.com.

    Comment  | 
    Print  | 
    More Insights
  • Register for Dark Reading Newsletters
    White Papers
    Flash Poll
    Current Issue
    Video
    Slideshows
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2011-3154
    Published: 2014-04-17
    DistUpgrade/DistUpgradeViewKDE.py in Update Manager before 1:0.87.31.1, 1:0.134.x before 1:0.134.11.1, 1:0.142.x before 1:0.142.23.1, 1:0.150.x before 1:0.150.5.1, and 1:0.152.x before 1:0.152.25.5 does not properly create temporary files, which allows local users to obtain the XAUTHORITY file conte...

    CVE-2013-2143
    Published: 2014-04-17
    The users controller in Katello 1.5.0-14 and earlier, and Red Hat Satellite, does not check authorization for the update_roles action, which allows remote authenticated users to gain privileges by setting a user account to an administrator account.

    CVE-2014-0036
    Published: 2014-04-17
    The rbovirt gem before 0.0.24 for Ruby uses the rest-client gem with SSL verification disabled, which allows remote attackers to conduct man-in-the-middle attacks via unspecified vectors.

    CVE-2014-0054
    Published: 2014-04-17
    The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External ...

    CVE-2014-0071
    Published: 2014-04-17
    PackStack in Red Hat OpenStack 4.0 does not enforce the default security groups when deployed to Neutron, which allows remote attackers to bypass intended access restrictions and make unauthorized connections.

    Best of the Web