Your SlideShare is downloading. ×
Unisys Stealth Solution Suite - Secure Data Center Segmentation: Cloak your Strategic Applications
Unisys Stealth Solution Suite - Secure Data Center Segmentation: Cloak your Strategic Applications
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Unisys Stealth Solution Suite - Secure Data Center Segmentation: Cloak your Strategic Applications

116

Published on

To learn more visit: http://www.unisys.com/stealth …

To learn more visit: http://www.unisys.com/stealth

Data Centers have evolved becoming more cost effective and efficient. Due to Consumerization of IT, cloud computing and breach attempts, companies have started to compartmentalize their networks and data centers by reclassifying their data based on need-to-know access. Unisys Stealth is designed to securely segment Data Centers protecting business data and systems by cloaking your strategic assets.

Unisys Stealth is different from traditional physical segmentation and enables security by using communities of interest (COIs) to simplify your network and protect your strategic servers and applications. Stealth is easy to integrate into existing environments, simultaneously offering superior security with no application changes. The Unisys Stealth Solution results in equipment cost savings, simplified administration and much higher data and application protection.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
116
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
1
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Unisys Stealth Solution Suite Secure Data Center Segmentation: Cloak your Strategic Applications Data Center Evolution Data centers have evolved significantly over the last decade driven by business requirements to become more cost effective and efficient, and enabled by technology created to do just that. First, enterprises consolidated the data centers creating a unified corporate computing center. Next, servers and storage were virtualized to make data centers more effective and easier to manage, and to improve the environmental footprint. To further drive down operational costs, the management of the data center may have been outsourced and automated. Consolidation Virtualization Outsourcing Management & Automation Unisys Stealth Securely Segments Data Centers Unisys Stealth™ is designed to protect business data and systems by creating a communications tunnel that is cloaked to any users or devices except those who are pre-identified as part of the “secure community” referred to as a Community of Interest (COI). This is unlike traditional solutions, which use physical topology to cordon off and protect high value servers, virtual workloads and applications. In a traditional tiered network, security is accomplished by physical segmentation. This requires additional network equipment and is subject to the risks of VLANs and firewalls. For example, if a configuration element is incorrect, VLANs “fail open” and a communication path is established. Segmentation Traditional Data Center Segmentation Today, the explosion in consumerization of IT, cloud computing and increasingly sophisticated breach attempts are driving more change and innovation to address new challenges in protecting high value corporate IP and assets. Enter the era of Data Center Segmentation: the latest evolutionary phase to properly manage the impact and leverage the potential of new computing while tightly controlling access to corporate servers, data, and applications. . Maintaining multiple physical networks is expensive and complex, and managing user privileges which change as business requirements evolve can force physical network reconfigurations.
  • 2. In contrast, Stealth enables security by using COIs, allowing the network to be simplified while protecting visibility and access to different servers and applications. Stealth Data Center Segmentation Unisys Stealth is Easy to Integrate In the case of flat network configurations, user access to servers and applications is often managed at a higher level, not at the network level. Enforcing security is a challenge because once on the network, users can find other systems even if they cannot access them directly, therefore setting the stage for exploiting vulnerabilities. Unisys Stealth is easy to integrate into environments configured as flat networks, all while offering superior security with no application changes. Regardless of the starting point, Unisys Stealth can be deployed on top of the existing infrastructure. At the endpoints, Unisys Stealth can be configured to communicate via Stealth-secure channels and nonStealth paths concurrently. If the Welfare Applications in this example are strategic programs, only the users who dynamically receive the matching COI key information based on their user credentials will be able to see and access the servers housing those applications. If an endpoint tries to connect to Welfare Apps and does not have the correct COI key configuration, which means that the endpoint is not a recognized member of the COI, Stealth “fails closed” and no communication path is established. Stealth encrypts data moving between Stealth secured endpoints with FIPS140-2 certified AES 256 encryption. In addition, the Stealth message is formatted with specific COI key information which does not allow the message to be reassembled by any software other than another Stealth endpoint with matching COI keys. At the endpoints, Stealth can be configured to communicate via Stealth-secure channels and non-Stealth paths concurrently. Stealth safeguards each endpoint by not interacting with any non-matching COI traffic. Stealth does not respond to any inquiring “pings” on the network or to any messages directed to it from a non-COI member. The communications and the endpoints themselves are dark, keeping them from discovery by hackers. You can’t hack what you can’t see. Managing Stealth devices and users is simple. Unisys Stealth integrates with Microsoft Active Directory and other identity management systems so that you can quickly set up and manage COIs. Users and systems are assigned to COIs based on their identity, not by physical location, so as these resources move between projects, a simple Active Directory change is all that is required. The Stealth Solution results in equipment cost savings, simplified administration, and significantly higher data and application protection. Unisys Security At Unisys, we design and develop mission-critical solutions that secure resources and infrastructure for governments and businesses. Our approach integrates resource and infrastructure security, creating the most effective and efficient security environment possible and freeing our client to focus on best serving its citizens and customers. Unisys security solutions can be found worldwide in 600+ airports, 1,500 government agencies, 100+ banks, among others. Acknowledgements Unisys Stealth Solution Suite provides AES-256 encryption and a FIPS 140-2 certified cryptographic engine, which uses SecureParser®, a product of Security First Corporation. For more information visit www.unisys.com/stealth ©2014 Unisys Corporation. All rights reserved. Specifications are subject to change without notice. Unisys, the Unisys logo and Unisys Stealth Solution are registered trademarks or trademarks of Unisys Corporation. All other trademarks referenced herein are acknowledged to be the property of their respective owners. Printed in the United States of America January 2014

×