• Welcome Guest

CloudLink® Secure Virtual Storage Appliance (VSA) resolves security concerns for enterprises wanting to leverage the cloud for mission critical workloads and data while meeting security regulatory compliance requirements such as PCI DSS, HIPAA and SOX. It provides a solution to encrypt data at rest and in motion in multi-tenant virtualized and cloud environment via a virtual storage encryption overlay. CloudLink Secure VSA supports VMware vSphere, vCloud Director based private, public or hybrid clouds, Amazon AWS, Microsoft Azure and CA AppLogic based cloud. CloudLink Secure VSA is compatible with Cisco ISR G2/UCS-E series. By deploying a CloudLink virtual appliance on Cisco ISR G2/UCS-E  and a CloudLink VSA virtual appliance in an external cloud, it empowers an enterprise to have complete control of its sensitive data in the cloud by maintain the control of encryption keys and security policies.

  • Cloudlinklogo

Concerns over cloud security, manageability, performance, and reliability have been the biggest barriers to the more rapid and wide-spread adoption of cloud services. Leveraging the cloud offers enterprises significant cost savings and flexibility and Cloud Service Providers compelling revenue generating opportunities. AFORE’s CloudLink® Secure VSA, integrated with Cisco® ISR G2, combines cloud infrastructure security and manageability with performance monitoring to protect mission-critical data in motion and at rest.

Secure, Manage & Monitor Private, Hybrid & Public Clouds

CloudLink Secure VSA is installed as a virtual appliance in private, hybrid, and public clouds to secure data in multi-tenant environments. All network and storage data are encrypted with the enterprise having full control over keys and security policy. CloudLink Secure VSA integrates seamlessly with virtualization and cloud infrastructures. 

Enterprise-Controlled Security

CloudLink affords organizations complete and sole control over the keys used to encrypt their sensitive data.  It can manage keys internally, in Microsoft Active Directory, or entrust them to a key manager for the highest level of key protection.  In addition, CloudLink provides administrators fine-grained tools to monitor network and storage performance as well as the security of their cloud-based virtual data centers.

Easy to Use

The efficacy of any security measure is ultimately determined by how easily it is deployed, managed and used.  CloudLink Secure VSA is designed to deliver industrial-strength encryption in the least obtrusive manner.  Featuring a light-weight installation procedure, enterprises can deploy CloudLink on Cisco UCS-E series blades inside Cisco ISR G2 routers, within one hour. It is suitable for any IaaS cloud environment and requires no changes to the workloads making use of the secure storage and networking it provides. Furthermore, this solution is completely transparent to end-users.  

Empowers Next Generation IT

When considering adopting cloud deployment, IT departments are faced with the dilemma of potential cost savings at the expense of diminished control over security.  By providing simple, secure, highly effective and easy-to use data security, CloudLink Secure VSA integrated with Cisco ISR G2 allows organizations to go where they have been reluctant to go up until now: moving mission-critical workloads and sensitive data  securely to multi-tenant virtual data centers, be they Private, Public or Hybrid Cloud environments. 

There are a myriad of use cases benefitting from the security and performance monitoring capabilities of CloudLink Secure VSA integrated with Cisco ISR G2: securing data in cloud storage, securing data for cloud-based Disaster Recovery scenarios,  and secuing data for cloud based application hosting.

CloudLink Key Benefits

 

  1. Enabling customers to meet regulatory compliance requirements while ealizing  the cost benefits of cloud services. 
  2. Reducing the cost of encryption of data at rest in a multi-tenant virtualized infrastructure. It requires no change of workloads and works with existing key management solutions. 
  3. Protecting existing storage investment as CloudLink Secure VSA encryption works on any storage systems.

 

The CloudLink Secure VSA solution consists of three key components. 

CloudLink vNode is a virtual appliance deployed in the cloud.  The vNode acts as a secure Virtual Storage Appliance, consuming virtual disks provided by the shared, multi-tenant storage and providing encrypted storage to authorized workloads over NFS and CIFS/SMB. 

CloudLink Gateway is a virtual appliance deployed on Cisco ISR G2 router inside the enterprise data center. The CloudLink Gateway authenticates vNodes, monitors connectivity, and initiates performance testing.  In addition, it generates the enterprise controlled encryption keys, places them in the secure key store and delivers them via the secure tunnel to the vNodes deployed in the cloud.  The CloudLink Gateway can also provide encrypted storage to authorized enterprise workloads.

CloudLink Center is a management application that can be accessed via either a web browser or a VMware vCenter™ plug-in provided with the product. It manages the CloudLink Gateway and vNode, administers trust policies, controls encrypted storage volumes, monitors end-to-end network performance, reports events, logs and alarms, and presents the enterprise topology.

CloudLink Key Features:

1.     Native support for virtualized cloud environments - CloudLink understands the virtual environment topology and resource elements in multitenant environments. It automates deployment in multiple cloud environments including Amazon AWS, Microsoft Azure and VMware vCloud. It is integrated with VMware vCenter for efficient management and advanced security monitoring.  It provides end-to-end encryption of VM storage and WAN traffic in virtualized environments. 

2.     Encryption of data at rest - CloudLink provides enterprises with the option to encrypt data at rest using AES-256 encryption technology. In a dynamic and multitenant cloud environment, CloudLink guards against threats posed by persistent data artifacts, such as snapshots and suspension images and storage layer side attacks. Encryption of data at rest enables enterprises to meet data remanence compliance requirements when workloads are moved out of the cloud while malicious or misbehaving co-tenants are remediated.

3.     Secure virtual private network (VPN) overlay - CloudLink establishes a secure VPN tunnel between a data center inside the enterprise and a customer virtual data center inside the cloud.  All communications between the enterprise and the cloud is encrypted using AES-256 encryption technology.

4.     Manageability and control – CloudLink empowers enterprise IT and security administrators with manageability and control of their workloads in the cloud environment with full control of data security, performance monitoring, accessing logs, and extend its domain control, directory service and encryption key management service from enterprise data center environment into its virtual data centers in the cloud.    

5.     Pre-Integration with RSA Data Protection Manager (DPM) and Microsoft Active Directory – CloudLink has been integrated with RSA DPM and Microsoft AD for secure encryption key management. The integration of these technologies is intended to enable enterprises and cloud service providers to securely encrypt data at rest in cloud infrastructures while leveraging robust, enterprise-wide key management.

Office Facilities US & Canada
Support Model Direct to customer
Support Coverage Hours 24x7 Standard business hours, with after hours pager support
TAC Hotline +1 (866) 356-4060
TAC Support Alias support@aforesolutions.com
TAC URL http://www.aforesolutions.com/resources/support/

Resources

Compatibility

Version Verified Compatible Cisco Product Date Tested
2.0.1 Cisco Cloud Connector
  • Cisco Cloud Connector Hosting Cisco UCS-E Series
05/30/2013
Cisco_compatible
The Cisco Compatible logo is used to signify that the PARTNER product has undergone technical interoperability testing with the Cisco product specified. The interoperability testing is conducted by a third party laboratory based on testing criteria set forth by Cisco. PARTNER is solely responsible for the support and warranty of its product. Placement of the PARTNER product or information pertaining thereto, on the Cisco Marketplace website does not constitute an offer to sell the PARTNER product in any way. For further information on the PARTNER products, please visit the PARTNER company website.

No reviews yet.