March 03, 2014
$1,000/month for up to 20 servers for vCage Manager.
Trust no one. It's not just an X-Files slogan, it's the only way to assure a computing environment. It is the basis for the notion of trusted computing. When we look at major breaches where the adversary has used techniques such as memory scraping, we realize that any bit of the computing footprint that is left unprotected - no matter how small -offers a vector for compromise. vCage is exactly what it sounds like it is: a virtual cage around a computing asset.Today, we are increasingly accepting that it is a high probability that our computing infrastructure already has been compromised. Malware introduced by phishing or drive-by attacks may sit dormant for extended periods in our enterprise before it starts harvesting sensitive information. Much of that malware is zero-day and, as long as it keeps quiet, is not picked up by our scanners When it activates, though, it's likely too late.
vCage uses the trusted computing notion of attestation. This is tested proof that an asset is clean and protected. Typically, data is encrypted in motion and at rest. But it isn't encrypted when it is executing - in memory. One of the things that is exposed in memory is the encryption key. If that is extracted, the entire system is compromised. vCage protects data everywhere in the computing platform.
The vCage host is packaged as a stateless live image Linux KVM on a RAM disk - boot from it and attest it with the management server. Nothing outside the CPU is in clear text. The vCage manager provides provisioning, attestation and management reporting. The system currently support Linux, which is appropriate for most large organizations that use Linux as their core server structure.
At a glance
Price $1,000/month for up to 20 servers for vCage Manager.
What it does Secures servers with software-based attestation, full-memory encryption and OS hardening, providing a foundation for trusted computing.
What we liked Instantiates the concept that a system likely is already compromised into a trusted computing model that includes the entire computing infrastructure, including memory.
Sign up to our newsletters
SC Magazine Articles
- 'MEDJACK' tactic allows cyber criminals to enter healthcare networks undetected
- Samsung devices, including Galaxy S6, vulnerable to remote code execution
- Dridex banking malware spreading through new spam campaign
- U.S., China agree to cybersecurity code of conduct
- Suspicious activity on LastPass network, data compromised
- Former Georgia-Pacific sysadmin charged with damaging protected computers
- Harvard University announces network intrusion, possible data exposure
- Saboteurs leverage RIPv1 for DDoS reflection attacks
- More than 440K new Android malware strains found in Q1, study finds
- Apple releases OS X 10.10.4 and iOS 8.4, numerous bugs addressed