You are here

Integration with OpenStack

Integration with OpenStack

Carriers, service providers, government agencies, and enterprises are adopting OpenStack for a number of reasons. OpenStack is open source and avoids license costs. It also brings a number of strong features around multi-tenancy and infrastructure abstraction that allow organizations to develop cloud solutions on their own infrastructure. Lastly, OpenStack is designed to enable the adoption of DevOps, an approach designed to address the historical challenges associated with sequential hand-offs between development and operations organizations.

Download the Data Sheet - Securing OpenStack Deployments - Enable the Adoption of DevOps with Confidence

While OpenStack has proven to produce substantial value in terms of agility and cost reductions, new risks are introduced that traditional perimeter security models are unable to detect and control. Catbird allows moving the perimeter inward, protecting each micro-segment defined in OpenStack. This allows smaller but more fine-grained security to be applied to each micro-segment, which is a more secure and more scalable model than applying a large course-grained security policy at the traditional network perimeter. 

Using Catbird Insight’s superior visualization and analytics, network, security and cloud staff alike can access real-time or point-in-time analytics of all virtual data center assets, events, data flows, alerts, and security policy effectiveness. Catbird Secure delivers a flexible platform to ensure that all OpenStack assets receive policy-defined protection from inception to retirement, regardless of owner or datacenter location. In addition to vulnerability management, IDS/IPS, and NetFlow, Catbird delivers innovative advanced network visualization and reporting for top compliance framework criteria (e.g. PCI, HIPAA, FISMA). 

OpenStack Security

Catbird’s solution for OpenStack is a 100 percent software solution built on a two-tier architecture. Catbird’s control center runs as a guest, typically in the management space. A guest appliance is placed on each compute node (no guest OS footprint) and provides layer 2 data path integration at the vNIC level allowing Catbird to see all network traffic and correlate to the vNIC, VM, and Tenant without deploying appliances in the Tenant space (which would be visible and count against Tenant quota). Catbird has a fully developed northbound API set and also exports netflow and CEF for complete enterprise integration. 

The net effect of Catbird’s visualization and automation improves security ROI by optimizing activities necessary to ensure a transparent risk posture, minimizing governance costs, and simplifying compliance management and auditing. Catbird’s software has been certified for several OpenStack distributions including HPE OpenStack and Mirantis OpenStack. Our product is the first solution to enable security policy to move across on- and off-premise infrastructure and across the leading cloud platforms (VMware ESX, NSX, and OpenStack). 


Related News: