Page 76 - CDM Cyber Warnings February 2014
P. 76
PrivateCore vCage
PrivateCore vCage is a hardened, Linux Kernel Virtual Machine protects any application while in use on commodity x86 servers,
(KVM) based hypervisor with memory encryption that uniquely combining the security of on-premise with the flexibility of the
resides completely within the CPU memory (Last Level, or L3, cloud. For the first time, enterprises and cloud service providers
cache). This memory encryption protects the hypervisor and can securely and verifiably execute applications on servers
any virtual machines while in use on commodity x86 servers outside their physical control.
without changing the existing software stack.
PrivateCore vCage secures OpenStack servers in untrusted
Enterprise cloud adoption is restrained by a lack of private environments from persistent malware, malicious hardware
computing in the cloud, and the critical missing element to devices, and insider threats. Private and public clouds can
enabling private computation in the cloud is securing data-in- contain thousands of compute nodes spread across geographic
use. While data-in-motion and data-at-rest security are mature boundaries and in remote locations. Compromising one
and well-understood, data-in-use remains exposed to anyone compute node can jeopardize the security of the entire compute
with physical access to servers or the IT hardware supply chain. infrastructure.
Bridging the gap between data-at-rest and data-in-transit
encryption, vCage encrypts data-in-use to create a secure Benefits:
infrastructure to run any virtual machine, anywhere, on demand.
● Validates server integrity and counters advanced persistent
This unique technology reduces the security perimeter of a cloud threats (APTs) like rootkits and bootkits that can bypass
server to a single component: the Central Processing Unit traditional anti-virus software
(CPU). Based on the open source Linux KVM hypervisor, vCage ● Secures the IT supply chain against malicious server
runs existing virtual machine images without modification and hardware
is compatible with popular management frameworks such as ● Prevents unauthorized physical access to data in use
OpenStack. increases visibility and control over server infrastructure
Through innovative advancements in virtualization and �Most Innovative
cryptography, PrivateCore can virtualize physical security and
Intrusion Prevention System for 2014� - CDM
protect data-in-use. PrivateCore vCage software transparently
CYBER DEFENSE MAGAZINE - ANNUAL EDITION 76
