We all know the Internet is not secure, yet more companies are turning to the cloud for business solutions. With that in mind, I spoke with Philippe Courtot, CEO of Qualys, a security provider that offers a unique hybrid of the cloud model.
QualysGuard is a suite of services that scan your network for vulnerabilities, ensuring that all devices are in compliance with company security policy, as well as external regulations.
The service is used by 200 of the Forbes Global 2000, Courtot tells me.
The cloud's silver lining: Tethered security
What is unique is the delivery model, which begins as SaaS in the cloud, though not of the free-floating kind, you might say. It is tethered to an appliance that Qualys puts behind your firewall. Once connected, Qualys manages the device, which in turn manages numerous aspects of the security of your network. One of the company's largest customers -- Courtot wouldn't say who -- has more than 223 managed security appliances worldwide.
[ For more on cloud computing's impact on IT, see "The dangers of cloud computing," "Cloud options for IT that IT will love," and "Nick Carr: The many ways cloud computing will disrupt IT." ]
The hardened appliances sit behind the firewall with all data encrypted and almost no way to actually access the box. There is a small keypad that will allow a security manager to put in originating IPs and credentials; otherwise, the box is closed.
It's a nice compromise. As Courtot points out, businesses in aggregate shell out about $84 billion to manage 400 million Exchange clients, while with Google Mail, there is no infrastructure. In theory, those Exchange servers behind your firewall are more secure than Google Mail, which just sits out there, untethered, in the cloud.
Qualys hybrid model means the user has no infrastructure to speak of, yet gets the behind-the-firewall security many companies demand.
Currently Qualys remotely manages about 7,000 appliances worldwide.
Where an appliance makes sense
You might think of the setup like iTunes and iPod. If you want to listen to iTunes, you need a device: the iPod. Here, if you want to have your data checked, the appliance is the device, but it's on your site.
I think the hybrid idea has legs. As Courtot says, whenever you have to gather and probe data, the idea of an appliance makes sense.
The health-care industry seems a logical fit, and when I asked Courtot, he said, yes, Qualys is working with Kaiser on just such a solution.
Get the independent advice and expertise you need to support a virtual workforce.
The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.
Download now »
Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.
Download now »
A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.
Download now »
Sign up to receive Cloud Computing Resource Alerts
2403 Recommendations
