VPN-Cubed™: Customer Controlled Security for the Cloud

VPN-Cubed® is the first commercial solution that enables customer control in a cloud, across multiple clouds, and between private infrastructure and the clouds.

VPN-Cubed provides an overlay network that allows YOU control of addressing, topology, protocols, and encrypted communications for YOUR devices deployed to virtual infrastructure or cloud computing centers.  When using public clouds your corporate assets are going into 3rd party controlled infrastructure.  This could be public clouds like Amazon EC2.  It could be “gated community” clouds from Telcos like BT, ATT and more.  In both cases you are deploying to 3rd party control, yet Enterprise checks and balances require you to exhibit control over your computing infrastructure.  VPN-Cubed gives you flexibility with control in 3rd party environments.

Despite our product having the word “vpn”  (virtual private network) in its name, VPN-Cubed is more than a simple VPN, it is an overlay network that is configured as easily as a traditional VPN.  X-cloud control, administrative simplicity.  To quote one of the leading security bloggers “this is not your father’s VPN”.

Now you can confidently leverage the cloud for redundancy, failover and scalability during critical transitions; whether scaling up to grow the business or scaling down to cut costs.

What's the story?
CohesiveFT is not a cloud. Rather, we are a complement to virtualization and cloud-computing solutions. Our Elastic Server® platform helps you create individual virtual servers, customized with components you choose, and deployed to the cloud or virtual environment. (check it out, the Community Edition is free.)

Enterprise customers require clusters of servers, configured to fit their unique infrastructure and use-case, yet security is the gating factor preventing Enterprise cloud adoption. According to a recent IDC survey, 74% of IT executives/CIOs cited security as the top challenge preventing their adoption of the cloud services model. Today, clouds are secured by their providers; CohesiveFT's VPN-Cubed helps customers augment key compliance and governance requirements with a layer of cloud security that the customer controls.

Download our VPN-Cubed Overview PDF   Learn more about CohesiveFT and the VPN-Cubed Package Service.  Download our VPN-Cubed Overview PDF (4 MB) .
 
...

Quote This!We are looking forward to partnering with CohesiveFT to enable both security and control for our clients' cloud based assets.  VPN-Cubed can remove some of the typical and understandable enterprise reluctance to implement cloud computing by establishing a secure and encrypted bridge between private infrastructure and publicly available clouds.Quote This!
ʉ۬
-Jeff Schneider,
Founder and CEO
MomentumSI

GigaSpaces and CohesiveFT Joint Webinar
GigaSpaces and CohesiveFT will be presenting a joint webinar Cloud Enablement with Security and Control on Nov 18th.  Space is Limited Register Today!

What would I use if for?  What are some use-cases?
Use-case #1: I have software that REQUIRES multicast for service discovery.  A surprising number of virtual appliances built for virtual infrastructure but not cloud infrastructure REQUIRE multicast protocols in order to function.  This is also true of many enterprise software packages (grid computing packages, database clusters, wikis and more).  Even inside the enterprise complexity and lead times prevent shared use of available resources in disparate customer controlled data centers because VLAN reconfiguration would be too expensive.  VPN-Cubed allows you to get the multicast traffic into the overlay network before it is rejected by the underlying network infrastructure.  This allows you control of your protocols.   VPN-Cubed Use-case #1 Diagram
     
Use-case #2: I am an early adopter of cloud computing and love the flexibility provided by public cloud like Amazon EC2 but I want to control my own network addresses, not be given some different set of VLAN addresses when I reboot my servers.  VPN-Cubed gives you control of your addressing allowing you to give your cloud servers static addresses that only change when YOU want them to.  Local infrastructure control of addressing in the public clouds!



   VPN-Cubed Use-case #2 Diagram
     
Use-case #3: I have completed some of my “datacenter to cloud” migrations but am now under pressure to use new monitoring and management tools.  Can’t I use my existing datacenter NOC (network operations center)?  VPN-Cubed allows you to simply set up an overlay network for the express purpose of connecting cloud VLANS (at EC2 for example) to data center management installations using popular commercial systems like Tivoli, Unicenter, OpenView, as well as leading open source systems like Nagios, Hyperic and GroundWorks.


   VPN-Cubed Use-case #3 Diagram
     
Use-case #4: I am a cloud early adopter and I want to use both Amazon EC2 USA and Amazon EC2 Europe for both fail over and data privacy issues.  How can I securely link the two environments and treat them as one logical network?  VPN-Cubed does this “out of the box” with a pre-packaged solution “VPN-Cubed for EC2” available for self-service clients as well as those needing some professional services support.

Check out our New VPN-Cubed for EC2 Paid AMIs and get your VPN-Cubed overlay network up and running in EC2 NOW! 		  VPN-Cubed Use-case #4 Diagram
     
Use-case #5: I have an ISV who has a hardware (or software) solution which I would like to evaluate but it will be quite disruptive for me to install. Isn’t there some way I can test their solution as if it was on my local network?  VPN-Cubed allows your ISV to install their solution as a virtual server in a public cloud like EC2, yet make it available to a DMZ or particular set of VLANs in your corporate environment.  The burden of testing the ISV solution should rest with your vendor with minimal impact or workload on your team.


   VPN-Cubed Use-case #5 Diagram
     
Use-case #6: I don’t use public clouds but my organization uses virtual infrastructure extensively (VMware, Citrix Xen, etc.).  We have multiple data centers which we attempt to use flexibly between business units, but the IT organization can’t keep up with the VLAN changes needed to make business units comfortable with shared infrastructure.  VPN-Cubed works in private clouds or virtual infrastructure environments allowing overlapping infrastructure sharing arrangements to be constructed.  Business unit demands can  be rapidly constructed using overlay networks provided by VPN-Cubed.

   VPN-Cubed Use-case #6 Diagram

What's included?
VPN-Cubed is offered as a packaged service. While most implementations will vary based on a customer's unique topology, the basic services includes:
 * An overlay network created through the use of VPN-Cubed Managers.  VPN-Cubed Managers can be thought of as virtual switches, virtual routers, or virtual bridges depending on the topology needs.
 * Customer controlled addressing, topology, protocols and encryption for up to 50 cloud or virtual infrastructure devices utilizing up to 4 VPN-Cubed Managers.
 * 1-year configuration support included (up to 12 hours of tele-consultation)
 * Additional devices beyond base package - optionally available
 * Additional VPN-Cubed Managers for more complex installs - optionally available
 * Overlay network design services - optionally available

Download the VPN-Cubed data sheet for additional details.

Technical Overview
Interested in the finer details of why VPN-Cubed is different than a regular VPN or tunnel? Check out this VPN-Cubed Technical Overview for more details.

VPN-Cubed: Technical Overview Drawing 1
  VPN-Cubed: Technical Overview Drawing 2

Technical specifications:
 * Customer-controlled security using an encrypted LAN in a single cloud and an encrypted WAN across multiple clouds
 * Enhanced security via VPN-Cubed, in addition to customer's cloud vendor VLAN, and individual virtual server firewalls
 * Multicast support in the cloud enables seamless software compatibility without costly changes
 * Customer-controlled network addresses for their devices in a cloud or across multiple clouds
 * Enables failover strategies from one cloud vendor to another
 * Available for use with most operating systems, virtual environments and third-party cloud offerings including Amazon EC2 and Flexiscale
 * Patent-pending solution

Support for...
 * Virtualization Formats: VMware (Workstation, Virtual Server, ESX Server), Citrix Xen, Microsoft Hyper-V, Open Source Xen, Parallels (Workstation, Server), Amazon AMI, KVM, Sun (xVM and  xVM Ops Center 2.0), and others as requested.
 * Operating Systems: Windows Server 2008, Debian (Etch, Lenny), Ubuntu (8.04LTS), Fedora 9, CentOS 4, Red Hat Enterprise Linux 5, openSuse, Novell SLES, and others.
 * Clouds: Amazon EC2, ElasticHosts, Flexiscale, GoGrid, Mosso, and others as requested.

Hey, I have more questions...

This product includes software developed by the OpenSSL Project for use in the OpenSSL Toolkit (http://www.openssl.org/)