Virtustream Boosts Hybrid Cloud Security - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

02:58 AM
Connect Directly

Virtustream Boosts Hybrid Cloud Security

XStream 2.0's public-private cloud communication encryption meets credit card industry, Department of Defense security standards.

One of the factors stunting the development of hybrid clouds is the degree of exposure that's created when companies move corporate data and legacy applications over the Internet to a public cloud location. A young company, Virtustream, announced at Structure 2012 in San Francisco that its second generation xStream product will coordinate public and private cloud communications behind three layers of encryption.

Virtustream requires all messages to be sent via a VPN or multiprotocol label switching (MPLS) tunnel for encrypted communications. It requires the data to be encrypted before being sent and invokes the Trusted Execution Technology function on Intel chips that verify the integrity of a key used to encrypt the rest of the message.

Virtustream was cited as a factor in helping some large companies adopt hybrid cloud computing in a "Why CIOs Are (Finally) Getting Over Cloud Phobia" session at Structure 2012 in San Francisco Wednesday. The speaker was Joseph Coyle, CTO of systems integrator Capgemini, who termed Virtustream a "pioneer" in cloud software.

Virtustream CTO and co-CEO Kevin Reid said in an interview that adopting xStream 2.0 will allow companies to meet strict security standards, such as the Defense Department's DIACAP and ICD 503 standards as well as the credit card industry's PCI and federal government's FISMA standard, while running their workloads in the public cloud.

"We are a significant step up in security and compliance from a normal public cloud offering," he said.

[ Learn more about using micro-VMs to boost security. See Startup Taps Virtualization To Stop Security Threats. ]

Virtustream created its management software by first offering infrastructure-as-a-service for legacy systems from its own data centers. It then created a software product, xStream, out of its management systems for customers' use in building on-premises clouds in their own data centers, Reid said. With xStream 2.0, it is claiming to offer an advanced degree of secure joint operation of public and private clouds. The public cloud at this time will be Virtustream infrastructure, available through its data centers in North America, Europe, and Asia. Reid said Virtustream will soon offer its management software to other public cloud service providers.

XStream 2.0, still in beta, will become generally available in August. It will be offered as packaged software, a standalone appliance, or a managed service in the cloud.

Virtustream is seeking a patent on a micro hypervisor that it uses to subdivide a cloud workload, running each part in its own micro-VM. By doing so, it can track the use of each particular resource, rather than charging by the hour for a virtual machine that's presumed to use a combination of networking, CPU, memory, and storage. "The bill is calculated on resources used, not hours used," and comes closer to allowing the customer to pay only for what's been used, he said. In some cases, customers will save 25% on what they would pay for the more generalized, per-hour use of a Xen, ESX Server, or Hyper-V virtual machine, he added.

Virtustream's xStream has been on the market for three years. Its 500 customers include Domino Sugar, Allied Irish Bank, Diesel Direct, Marine Resources Group, and Digital Chocolate.

Virtustream recently closed a second round of funding with Columbia Capital, Intel Capital, Noro-Moseley Partners, QuestMark Partners, TDF, and Top Tier Capital Partners, bringing its total venture funding to $75 million.

Geared specifically toward the federal government, its agencies, and third parties, FISMA is a set of requirements aimed at establishing a baseline level of computer and network security. In our FISMA Lifts All Compliance Boats report, we show that when you reach FISMA compliance, you'll likely be compliant with just about every security mandate out there. (Free registration required.)

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
2021 Outlook: Tackling Cloud Transformation Choices
Joao-Pierre S. Ruth, Senior Writer,  1/4/2021
Enterprise IT Leaders Face Two Paths to AI
Jessica Davis, Senior Editor, Enterprise Apps,  12/23/2020
10 IT Trends to Watch for in 2021
Cynthia Harvey, Freelance Journalist, InformationWeek,  12/22/2020
White Papers
Register for InformationWeek Newsletters
The State of Cloud Computing - Fall 2020
The State of Cloud Computing - Fall 2020
Download this report to compare how cloud usage and spending patterns have changed in 2020, and how respondents think they'll evolve over the next two years.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you.
Flash Poll