Novell aims to tighten cloud security

We've talked in the past about how some security features in proxies may be moving to the cloud (and about how some are already in the cloud). In the cloud computing has also brought about security concerns, and rightly so. ZDNet reported on a new offering from Novell to address some of these concerns last week:

Novell has unveiled a cloud-computing identity and access management service, designed to extend corporate security policies to hosted facilities.

On Wednesday, Novell demonstrated an advanced prototype of its Cloud Security Service, which is due for release to enterprise organisations as a product early in 2010.

Novell said the new service, which has been in a private joint-development phase with hosting partners, is based on existing components used in its Access Manager, Sentinel and Identity Manager products.

"We have a prototype, but we haven't had to build a brand-new product. It's been more of a repackaging and adding of features and functions to existing technologies, and then building those out as a cloud-computing service," Markus Krauss, vice president of identity and access management, EMEA, told ZDNet UK.

"Most of the connectivity is already there in our standard products, but now we combine them differently and enhance their functionality to be more cloud-specific," he added.

Based on more than 60 cloud patents and patent applications, the service uses proxy technology to avoid exposing critical information, according to Novell. It also supports a number of industry standards used in public and private clouds.

Krauss said the Cloud Security Service product comprises enterprise connectors to annex part of the cloud under existing security controls, a broker to provide a secure bridge, identity connectors to control user access and roles, and event-tracking connectors to report on what is happening in the cloud.

"If you have governance, risk-management and compliance activity in your organisation, the cloud becomes absolutely seamless for you from a policy point of view — because, through the connectors, we integrate the cloud as part of your standard infrastructure. It becomes fully transparent," he said.

It's interesting that Novell uses proxy technology to accomplish their security in the cloud, which shows more than ever proxies are an important component in the network infrastructure.