Guidance for Security Compliance and Assurance of VMware and Amazon EC2 Workloads
Overview
This Guidance helps you gain visibility into all workload types through integration with Caveonix Cloud. This visibility can help you better understand your security compliance and assurance posture. When security findings are detected, this Guidance provides the ability to automate remediation so you can maintain your security stance. Additionally, you can easily share findings with necessary stakeholders, ranging from data analysts to audit teams to a Chief Security Information officer (CISO).
How it works
This architecture diagram shows you how to monitor security compliance and assurance for VMware, AWS, and hybrid workloads.
Well-Architected Pillars
The architecture diagram above is an example of a Solution created with Well-Architected best practices in mind. To be fully Well-Architected, you should follow as many Well-Architected best practices as possible.
Operational Excellence
This Guidance integrates with Security Hub in a bi-directional manner by passing findings and configuration information between Security Hub and Caveonix Cloud. This provides visibility across cloud and on-premises infrastructure. Caveonix Cloud brings additional scanning capabilities to AWS tools such as Security Hub by extending operational visibility to both data center and other cloud workloads.
Security
Security Hub provides aggregation of findings and reporting on security and compliance. The Guidance enhances this security posture by integrating findings from non-AWS systems. Compliance is continuously updated, and reporting is provided self-service to all data consumers, from the CISO to audit teams.
Reliability
VMware Cloud on AWS and Caveonix Cloud provide a cluster for the virtual machines, consisting of two or more physical EC2 hosts. In the event of failure, the virtual machines can fail over to the alternative running host.
Performance Efficiency
VMware Cloud on AWS has the ability to democratize advanced technologies by offering management of the VMware Software Defined Data Center (SDDC). This includes patch management and secure operations of this software stack, helping you to focus on your business and application layer, rather than the software and underlying AWS-hosted infrastructure. You can offload your VMware infrastructure management tasks with the confidence that VMWare Cloud on AWS manages VMWare workloads in a way that is aligned to VMWare management best practices.
Cost Optimization
Caveonix Cloud allows you to maintain both your VMware virtual machines and EC2 instances within AWS. This SaaS offering can also be extended into on-premise data centers, providing one common tool to maintain and enforce your security and compliance posture. A central view of all assets mapped to related applications provides a global view across cloud and data center environments. This allows you to track resource usage, identify orphaned systems, and provide configuration management governance so you can identify opportunities for cost optimization across all workloads.
Sustainability
The AWS data centers that host the services in this Guidance have been designed to offer a lower carbon footprint compared to traditional, on-premises data centers. AWS data centers are optimized for sustainability and scale resources based on demand.
Disclaimer
Did you find what you were looking for today?
Let us know so we can improve the quality of the content on our pages