40Cloud addresses these security challenges and more, providing a comprehensive solution delivered
in a SaaS model. The 40Cloud solution makes your public cloud private by building a new virtual
private network over your AWS deployment. This network uses encrypted VPN links to interconnect all
your AWS regions as well as your enterprise sites.
40Cloud’s Cloud Network Firewall enables you to define and enforce firewall policies including
identity-based access rights, for your entire AWS deployment with just a few mouse clicks. Our
automation module facilitates automatic Security Group configuration as well as automatic configuration
of other AWS security and networking elements.
Using 40Cloud, the Gateways are the only entry-points to your AWS cloud deployment.
All employees or other remote users accessing your cloud servers will connect to the Gateways using standard VPN technology and will have their identity authenticated. The Gateways are also the enforcement point of Access Control Policies. The Gateways are self-installed on a dedicated instance, typically one per AWS VPC, and can be interconnected in a mesh of VPN links to other Gateways and on premise firewall devices.
A single software agent, installed one per EC2 instance, is in charge of enforcing the configured security policies on the virtual server itself. The Agent facilitates the construction of the secured and encrypted communication links with the other agents in its data-center and the 40Cloud Gateways.
Web Admin Console
The 40Cloud Web Admin Console is used to monitor and configure firewall policies, user roles and access rules, as well as build the static VPN connectivity. Use the Web Admin Console’s intuitive UI to monitor network connectivity status, system events and alarms. The Web Admin console will normally be used by your system administrators, Security and/or DevOps teams.
How It Works
AWS Use Cases
The 40Cloud solution is integrated with the AWS native security mechanism, Security Groups. Privacy is achieved by using VPN technologies for all traffic flowing outside the AWS cloud and by using security groups inside the AWS cloud.
Identity-based Network Access
40Cloud enables you to centrally control back-end access to your entire AWS deployment, so that no one gains access unless they are authenticated. In addition, authorization is enforced on all remote VPN users by means of central, identity-based Access Rights policies (i.e., who can access what). These policies are configurable and can be integrated with existing (on-prem or cloud-based) identity-based authentication and authorization systems, such as Active Directory (AD) or RADIUS.
The 40Cloud Gateways connect a company’s private cloud, enterprise sites or a deployment in non-AWS cloud into the AWS deployment. Using IPSec connections and VPN technologies, the 40Cloud Gateways can securely connect any remote site to the AWS cloud, in any topology or IP addressing setup. The 40Cloud solution ensures that your company’s data in-motion is fully encrypted on every hop and that firewall policies are deployed to control access to it.
40Cloud’s solution securely connects VPCs on multiple AWS regions into a single, fully connected ‘global VPC’. In addition, you can define global firewall policies that will be automatically configured by 40Cloud to the relevant AWS security groups on all regions. Using 40Cloud, the connectivity between the regions is VPN based and highly available.
40Cloud provides an extensive security solution that protects healthcare providers and suppliers with a HIPAA compliant, scalable solution. 40Cloud assumes a Business Associate role (HIPAA BAA) to comply with national healthcare standards.
40Cloud unites and encrypts bi-directional data transfer between your AWS deployment, hospitals, remote offices, private cloud and mobile devices. It incorporates firewall policies, integrates an identity and access management (IAM) solution, collects security and network events, and initiates alerts and notifications.
40Cloud’s comprehensive solution requires a minimal learning curve – even non-expert IT professionals can quickly implement the solution. The APIs offer automation of AWS Security Groups, VPC routing and other security and network configurations so that minimal manual intervention is required.
The 40Cloud solution reduces operating costs by simplifying and automating security configurations, and fortifying your organization’s security without requiring in-house security expertise. The SaaS-based solution allows you to select the plan that fits your requirements as your AWS deployment develops.
40Cloud delivers a dynamic security solution that scales with the AWS deployment, growing with you as your organization adds users, data traffic, devices and geographic locations. The automation engine and northbound REST APIs allow you to scale cloud security operations to any required level, and to simplify operational and maintenance tasks.
Support, support, support:
The 40Cloud team is with you from the start, to help implement any network or data security task, easily and on time.