Secure Cloud Infrastructure
The very benefits of cloud – real-time deployment, disbanding of compute infrastructure and rapid time to availability of application services – means that cloud, network and security operations teams have less visibility and knowledge about how cloud activities are impacting overall enterprise network topology and risk to any critical data that rides on it. Yet, those teams are still responsible for the protection of critical enterprise and customer data assets.
Lumeta Spectre enables virtual machine asset visibility, visualize how cloud infrastructure is altering the network topology, and design critical alerts if network segmentation policies are violated – all in real time.
How It Works
Comprehensive View of the Network
Comprised of multiple network crawling methods including network, host, enhanced perimeter and leak path discovery, Lumeta Spectre uses a combination of recursive network indexing techniques to find everything that’s on the network (not just an IP range that is assumed to be in use by the administrator), resulting in a comprehensive, authoritative view of the entire routed infrastructure – all IP connections and devices, including those previously unknown. Spectre acts in real time to detect changes to the network’s security.
Visibility into the Dynamic Nature of the Cloud in Real Time
Lumeta Spectre discovers, maps and alerts about network topology changes, including transitory virtual machines (VMs), AMIs and other virtualized network functions (gateways, switch/router/firewall and forwarding devices). Spectre forms a holistic view of both physical and virtual networks, providing perspective of network vulnerability from within a network data center and throughout any cloud instances.
Amazon Web Services (AWS)
Lumeta Spectre for AWS is available on AWS Marketplace with an hourly or annual subscription basis, or in a “Bring Your Own License” (BYOL) model.
By using the Lumeta Spectre AMI within AWS, IT professionals can:
- Gain critical insight into the real-time, dynamic nature of the cloud, by performing discovery within a private virtual cloud instance inside AWS. This is accomplished by “pointing” Lumeta Spectre internally within AWS to crawl and discover virtual routers, firewalls, gateways, AMIs and other cloud resources.
- Get visibility into the entire enterprise – AWS instances and on-premises physical or virtual infrastructure – while taking advantage of the ease, affordability and scale of AWS compute resources to run the Lumeta Spectre Command Center. Instead of deploying an Spectre Command Center on-premises, spin up a virtual Spectre Command Center instance in the AWS cloud and connect it to Spectre Scouts (sensors) deployed within the network to assess enterprise-based network assets and routes.
- Continuously monitor the network edge. From the Spectre Command Center within AWS, interrogate and analyze firewall gaps on the enterprise network edge in real time.
Related AWS Documentation