RSA has partnered with VMware and Intel to bolster the transparency of virtual infrastructures for organisations that need to monitor and prove the security of business critical applications in the cloud.
The partnership, which derived from RSA's vision - to reduce the complexity of regulatory compliance for data in the cloud - includes RSA, VMware and Archer Technologies, which was recently acquired by EMC and Intel.
RSA claimed that the alliance will enable organisations to "finally take full advantage of the cloud's significant efficiency, cost and scalability" and will allow them "migrate their mission critical business processes" to the cloud.
"Today most organisations have little to no visibility into what's occurring within the infrastructure layers of clouds making it impossible to verify their security," said Pat Gelsinger, former Intel exec and now president and chief operating officer of EMC's information infrastructure products.
"For the cloud to mature into an enterprise grade platform running high value business processes and data we must be able to trust the security of the underlying physical and virtual infrastructure," he said.
Art Coviello, president of RSA described the alliance as a ‘technical collaboration' that has not been seen in the security space for some years.
Proof of concept
Alongside the announcement, RSA released a security brief titled ‘Infrastructure Security: Getting to the bottom of compliance in the cloud' and unveiled a proof-of-concept that demonstrated how the alliance would work and what benefits it would have for enterprise customers and cloud service providers.
In the brief, RSA claimed that' verifying security from the bottom infrastructure layer is essential to building secure environments' and that the proof of concept begins with a description of what at the hardware layer.
The foundation for the partnership is hardware derived from Intel's Trusted Execution Technology (TXT), which will be rolled out with the next wave of Intel Westmere Processors this month.
According to Intel, TXT authenticates the boot sequence, from verifying hardware configurations and initialising BIOS to launching the hypervisor.
Once launched, VMware collects data from both the hardware and virtual layers and feeds it to the RSA enVision security information and Event Management platform.
The RSA enVision platform analyses events coming through the virtualisation layer to identify incidents and conditions affecting security and compliance, the vendor has claimed.
The information is then contexualised within the governance, risk and compliance software (GRC) from Archer SmarSuite Framework software which is designed to present policy-based assessment of the organisation security compliance posture through a central dashboard.
"We took a piece first of all from the Intel TXT chip set and that provides the basis to show that it is booted, we also took a piece from VMware vCentre Server and we took RSA enVision.
"We put them into Archer's government risk and compliance product to demonstrate the PCI Compliance dashboard," said Bret Harman chief technology at RSA.