CloudCloud Management

Unisys Brings ‘Stealth’ Enterprise Security To AWS Cloud

Darryl K. Taft covers IBM, big data and a number of other topics for TechWeekEurope and eWeek

Google + Linkedin Subscribe to our newsletter Write a comment

Unisys Stealth delivers micro-segmentation on the Amazon Web Services Cloud for improved security and management, lower costs and faster results

Unisys today announced it will provide enterprises with its Unisys Stealth micro-segmentation security solution on the Amazon Web Services (AWS) Cloud, available for customers to acquire and deploy from the AWS Marketplace.

The solution will provide advanced security to AWS customers, while providing Unisys clients with the ease of access and scale of the AWS Cloud. Unisys optimized its Stealth offering to give AWS customers a fast and convenient way to protect vital information and applications against evolving threats.

“Security and cloud computing are strategic priorities for businesses today,” said Peter Altabef, Unisys’ president and CEO, in a statement. “Enterprise-proven security that evolves to meet future threats will provide additional assurance to enterprises and governments that are moving core operations to the cloud. Integrating Stealth onto the AWS Cloud advances Unisys’ leadership in security, and reflects our commitment to continually deliver innovation that solves real-world business challenges.”

AWS provides a scalable, low-cost infrastructure platform used by more than a million active customers across 190 countries around the world. With Stealth on AWS, organizations can easily integrate additional protection, comply with regulations, and micro-segment off their virtual machines from neighbors when working on the cloud, Unisys said.

Priority

“Security is top of mind for our customers, and at AWS, it’s our number one priority,” said Stephen Schmidt, chief information security officer at AWS, in a statement. “Unisys Stealth on AWS provides extra layers of security for enterprises moving their workloads to the AWS Cloud.”

awsThe solution is another step in Unisys’ reinvention as an IT technology and services company focused on secure digital transformation. It also illustrates Unisys’ asset-light strategy of working with cloud technology providers, which complements Unisys’ own capabilities in infrastructure and service management, analytics, application services and software, as well as security.

“Enterprises can now use Stealth as their single platform for securing both their data center and their cloud environments, substantially reducing the complexity and cost of multiple platforms,” said Tom Patterson, vice president and general manager for global security solutions at Unisys, in a statement. “This comprehensive level of protection removes roadblocks for many organizations looking to leverage the cloud, and will unlock huge cost savings and business agility needed in today’s competitive environment.”

With Stealth on AWS, users can quickly and easily micro-segment their own portions of the cloud from other users while keeping their own encryption keys. They can unify their internal security protections with those on the cloud, enforce virtual machine-to-machine encryption in the cloud, and reduce attack surfaces.

Unisys Stealth software uses identity-based micro-segmentation techniques and encryption to protect data and applications on the AWS Cloud. Stealth protection makes data and applications invisible to hackers and unauthorized users by encrypting traffic between all Stealth-protected endpoints.

Companies and governments have been long advised to ‘segment’ their networks, so that an attack on one segment can’t affect the rest of the network, said Patterson. This good advice hasn’t changed, he added. “But since networks have evolved from very straightforward to include a complex web of mobile, cloud, IoT, clients and suppliers around the world, the technology needed to enforce these segments needed to evolve into these new ‘micro-segments,’” Patterson told eWEEK. “Micro-segments can be deployed and managed anywhere an IP packet can go, and thus are the affordable, scalable and trusted method needed in today’s operating environments.”

Potential

Patterson noted that Stealth originated a decade ago as part of a Unisys government project, and the company quickly realized its potential as a general use product. After several years of investment, Unisys brought it forth as a commercial product five years ago, and it now supports customers in the energy, public sector, U.S. Department of Defense, financial, retail, and healthcare sectors around the world.

In addition, Stealth on AWS allows organizations to extend entire workloads securely from data centers to the cloud; manage access via existing identity systems including Active Directory or LDAP; and easily add integrated supply chain partners to micro-segments without giving them broad access – at the packet level without any new hardware, firewall rules, or application changes.

Patterson says AWS has a lot of strong security built into its underlying framework. Yet, “Stealth helps users easily add layers of security that they control into their instances that run on top of AWS security,” he added. “This solution adds VM to VM encryption; extends micro-segments from the rest of their infrastructure directly into the cloud; lowers overall security management costs with identity-based management; and closes gaps between their data centers and the cloud with the use of a single security system where they can control their own encryption keys.”

Asked if there is any overhead associated with using Stealth, Patterson said: “Stealth works at the packet level, between layers two and three of the IP stack, which dramatically reduce any overhead normally associated with controls higher up the stack.  Additionally, our users report instances of improved performance since we greatly reduce the flow of unexpected packets that would otherwise need to be processed.”

Enterprises can acquire Stealth directly from the AWS Marketplace, where Unisys also offers an AWS Test Drive that enables organizations to access a private sandbox using Stealth. Using a step-by-step lab manual and video, they can learn more about Stealth and how it works, with no charges incurred as part of the AWS Free Tier.

Alternately, enterprises that want to dynamically extend their on-premise infrastructure to AWS can use Stealth’s “cloud bursting” capability, which automates the shifting of secure workloads directly into AWS.

Patterson told eWEEK that using Unisys Stealth has advantages over going private cloud.

“The public cloud holds intrinsic cost, scale, surge and agility advantages over building a private cloud on one’s own,” he said. “By adding Stealth security on top of AWS to provide the additional security needed for many privately-controlled networks, users can now enjoy the business benefits of the public cloud without having to change their security scheme. Our new Extended Data Center option for Stealth makes it both easier and more agile than building your own private cloud.”

Unisys Stealth for AWS offers two subscription choices: an hourly subscription for $.25 per hour and an annual subscription for $1,300 per year. Every endpoint to be Stealth-protected requires a subscription.

Originally published on eWeek.