Introducing USM Anywhere: Unified Security Management in the Cloud for the Cloud

This post was originally published here by Denny LeCompte.

In case you haven’t heard yet, we’ve just launched a brand-new product—AlienVault USM Anywhere™—the latest product to leverage AlienVault’s unique, unified approach to security management. A cloud-based security monitoring platform, USM Anywhere combines the essential security capabilities needed for effective threat detection, incident response, and compliance management. Unlike other security solutions, USM Anywhere monitors cloud, hybrid cloud, and on-premises environments all from a single pane of glass. Because it’s delivered as a service, customers can sign on and start detecting security threats in just minutes.

AlienVault® successfully pioneered this comprehensive approach to security management with our first USM product, Unified Security Management™, now known as USM Appliance™. USM Appliance opened up effective threat detection and response to organizations of all sizes, especially those with limited resources—time, budget, or staff—to deploy a suite of heavy enterprise solutions. It delivers five security essentials in a single on-premises appliance that can be deployed in hours with little or no professional services required. USM Appliance also receives continuous threat intelligence updates from the AlienVault Labs Security Research Team—a boon to IT departments that don’t have in-house research teams to constantly scour the global threat landscape for emerging threats. With over 5000 customers, USM Appliance has proven the immense value of AlienVault’s unified approach to security.

So where does USM Anywhere fit in? We’ve seen a couple of tectonic shifts happening in the IT world, and these changes have shaped our new product. First, our customers have been moving more and more of their infrastructure to the cloud—a trend that has been accelerating in recent years. Cloud providers like Amazon Web Services and Microsoft Azure have moved well beyond the experimental phase. In the nascent days of cloud infrastructure, the early adopters were developers who wanted to bypass IT and build applications quickly without the constraints of IT rules. Of course, as developers succeeded and started to deliver apps sitting in the cloud, those experiments became production environments that suddenly needed all of those IT rules, because those rules are what ensure high availability and security.

The IT professionals who inherited these cloud infrastructure environments began asking us to deliver a solution to monitor their cloud environments. It had been challenging for them to find security tools that were truly designed to monitor threats inside cloud environments. Unfortunately, many so-called cloud security monitoring tools are, in reality, retrofits of legacy on-premises security products. They can monitor servers running in the cloud, but they don’t really “know” that they’re in the cloud, and they’re not able to monitor all the new elements of a cloud environment that simply did not exist in the traditional data center. What’s more, they often do not work across cloud and on-premises environments. This disconnect forces IT security professionals to run two siloed security systems, which is a hassle and potentially creates security blind spots.

Consequently, when we started our cloud security journey, we knew that we needed to build something from the ground up that would natively and centrally monitor both cloud and on-premises security. That is USM Anywhere.

The architectural principle behind USM Anywhere was to build a powerful security analysis platform that is agnostic to the environment, and then combine that with native sensors that are hyper-aware of each different environment and its unique elements. Thus, USM Anywhere has sensors for AWS, Azure, VMware, and Hyper-V. Each sensor has some common functionality to talk to the USM Anywhere Secure Cloud, but mostly it leverages specific knowledge about the infrastructure it was built to monitor. For instance, USM Anywhere “knows” about AWS CloudTrail—just allow the sensor to access it, and it starts looking for threats in your AWS environment. The same is true for Azure. On premises, USM Anywhere’s virtual sensors take advantage of the unique attributes of VMware and Hyper-V.

From our early success with our unified security approach in USM Appliance, we knew that our customers needed a single pane of glass to monitor all their critical infrastructure, and so, we faced a big decision about how to deliver USM Anywhere. Here’s where the other big shift in IT came into play. Not only is infrastructure moving to the cloud, but really, just about everything is moving to the cloud. The reality is that most applications run more cost-effectively when they are delivered as software-as-a-service (SaaS) solutions because SaaS vendors can achieve economies of scale for single applications that elude even the most well-run IT shop. That math applies to security vendors as well.

Our customers tell us that they love USM Appliance because it solves their security challenges while being both easy to use and affordable. We knew that with a SaaS delivery model, we could make USM Anywhere even faster to deploy, easier to use, and much more cost-effective—all while delivering the same unified security essentials approach to tackle today’s rapidly evolving security challenges. As a result, you can start detecting threats sooner and at a significantly lower total cost of ownership. AlienVault manages the USM Anywhere Secure Cloud, so you no longer need to worry about system upgrades, uptime, scalability, or the security of the system itself. We take care of all of that for you. Simply drop a sensor into your environment and log into your USM Anywhere account to start managing your incident response and security analysis.

Customers are already letting us know that USM Anywhere is helping them realize hybrid cloud security. Jason Weitzman, a long-time customer of USM Appliance and security engineer at Colony Starwood Homes, was looking for an all-in-one solution for his hybrid cloud environment. Though he considered products offered by Rapid7 and LogRhythm, he was keen to test out USM Anywhere and has been impressed with the results.

“With USM Anywhere, I can monitor both my cloud environment and my local environment together, and I no longer have to use my own hardware for number crunching and analysis – that’s all handled by USM Anywhere in the cloud,” said Jason. “This product brings together everything I need under one roof and the enhanced reporting and dashboard make things much easier to manage for small teams—in this case a team of one. In my experience, AlienVault is the only company that makes this possible.”

Now, if you are reading this and are wondering if AlienVault is no longer investing in our USM Appliance, please do not worry. While we recognize that cloud is becoming ubiquitous, we also recognize that many of our customers still want or need an on-premises solution. USM Appliance isn’t going away, nor is it in maintenance mode. In fact, we’ve more than doubled the size of the USM Appliance team, and we will continue to add rich features to the product. We don’t have a favorite child. We now have a family of stellar Unified Security Management products, so you can choose the one that best suits your organization’s security needs. But, you should do yourself a favor and try one out today.

Photo:krollontrack

Ad

No posts to display