Secure Cloud Infrastructure
The very benefits of cloud – real-time deployment, disbanding of compute infrastructure and rapid time to availability of application services – means that cloud, network and security operations teams have less visibility and knowledge about how cloud activities are impacting overall enterprise network topology and risk to any critical data that rides on it. Yet, those teams are still responsible for the protection of critical enterprise and customer data assets.
Lumeta ESI enables virtual machine asset visibility, visualize how cloud infrastructure is altering the network topology, and design critical alerts if network segmentation policies are violated – all in real time.
How It Works
Comprehensive View of the Network
Comprised of multiple network crawling methods including network, host, enhanced perimeter and leak path discovery, Lumeta ESI uses a combination of recursive network indexing techniques to find everything that’s on the network (not just an IP range that is assumed to be in use by the administrator), resulting in a comprehensive, authoritative view of the entire routed infrastructure – all IP connections and devices, including those previously unknown. ESI acts in real time to detect changes to the network’s security.
Visibility into the Dynamic Nature of the Cloud in Real Time
Lumeta ESI discovers, maps and alerts about network topology changes, including transitory virtual machines (VMs), AMIs and other virtualized network functions (gateways, switch/router/firewall and forwarding devices). ESI forms a holistic view of both physical and virtual networks, providing perspective of network vulnerability from within a network data center and throughout any cloud instances.
Amazon Web Services (AWS)
Lumeta ESI for AWS is available on AWS Marketplace with an hourly or annual subscription basis, or in a “Bring Your Own License” (BYOL) model.
By using the Lumeta ESI AMI within AWS, IT professionals can:
- Gain critical insight into the real-time, dynamic nature of the cloud, by performing discovery within a private virtual cloud instance inside AWS. This is accomplished by “pointing” Lumeta ESI internally within AWS to crawl and discover virtual routers, firewalls, gateways, AMIs and other cloud resources.
- Get visibility into the entire enterprise – AWS instances and on-premises physical or virtual infrastructure – while taking advantage of the ease, affordability and scale of AWS compute resources to run the Lumeta ESI Command Center. Instead of deploying an ESI Command Center on-premises, spin up a virtual ESI Command Center instance in the AWS cloud and connect it to ESI Scouts (sensors) deployed within the network to assess enterprise-based network assets and routes.
- Continuously monitor the network edge. From the ESI Command Center within AWS, interrogate and analyze firewall gaps on the enterprise network edge in real time.