enterprisesecuritymag

Dome9 Security: Innovatively Implementing Cloud-Agnostic Security Controls

Zohar Alon, Co Founder & CEO, Dome9 SecurityZohar Alon, Co Founder & CEO
In the present times, unlike traditional data centers, the enterprise data centers deploy layers of security measures to manage connection policies, access controls, and zone designations. Often the lift-and-shift approaches to security are not proved effective in the configurable, software-defined public cloud environment where simple changes to security policies can expose private resources to everyone. Besides that, merely moving an existing workload to the cloud without the appropriate security management measures in place for visibility or control can leave workloads exposed and less secure than if they remained within an enterprise data center. Administrators require solutions that allow complete visibility and active control of their cloud environments. Dome9, based in Menlo Park, CA, offers the right combination of cost-effective, comprehensive security management coupled with detailed visualization for security operations needed in today’s public cloud environment. “Securing enterprises’ cloud resources needs to have protection that includes firewall security management. Dome9 manages the cloud security stack, secures cloud servers, and makes them virtually invisible to hackers,” says Zohar Alon, Co Founder and CEO, Dome9.

Dome9 combines cloud-native security controls exposed by different public cloud providers through Application Programming Interfaces (APIs) with cloud-agnostic policy automation to provide comprehensive multi-cloud security management across AWS, Microsoft Azure, and other public clouds.

Dome9 Arc, the firm’s innovative Software as a Service (SaaS) platform, requires no software to install or agents to manage and can be set up in under five minutes, bestowing administrators the ability to manage security and compliance across accounts, regions, and clouds. The end-to-end control over the security posture of public cloud environments from a centralized console enables users to seamlessly visualize their network topology, security policies and configurations. Administrators can quickly assess the attack surface and identify risks and threats in live environments.

Dome9 manages the cloud security stack, secures cloud servers, and makes them virtually invisible to hackers


Dome9 Arc continuously monitors managed cloud environment for any changes made through the public cloud console or via the API. The system also automatically reverts unauthorized modifications to enforce a strict security gold standard at all times. All changes are audited and brought to the attention of administrators immediately.

The company also offers Dome9 Clarity, a powerful visualization tool that constructs a real-time topology of cloud assets, including security groups, instances, and more. Clarity gathers the required information and automatically categorizes cloud entities based on their exposure to the public, allowing admins to find misconfigurations and security threats and remediate them.

In an instance, Dome9 assisted Proofpoint, a security and compliance company, with Dome9 Arc. Proofpoint’s social media protection and compliance solutions are built on Apache Cassandra and while deploying it, the development team required protocol and port management with multiple security groups and rules, which posed a challenge. The solution simplified management efforts, allowed the Proofpoint team to have an IP list and applied it to a particular service or port in a security group, and seamlessly changed it across multiple security groups that reference the IP list. Additionally, Dome9 Arc also enabled Proofpoint to reliably update firewall rules in order to maintain secure, cross-regional communication between nodes.

Dome9 has recently introduced the Dome9 Compliance Engine as a part of the integrated, end-to-end Dome9 Arc platform. The new capabilities of the Compliance Engine will simplify how enterprises aggregate, assess, remediate and enforce their compliance posture across Infrastructure as a Service (IaaS) public cloud environments and speed up the compliance lifecycle of the cloud infrastructure. “Security and compliance professionals can deploy Dome9 and immediately have at their fingertips the necessary information and control to simplify and streamline compliance across their cloud environments,” concludes Alon.