Sun Microsystems Advanced Cloud Security Tools

Delivers Open Source Cloud Security Tools for Public,
Private and Hybrid Clouds; Supports Second Version of Cloud Security
Alliance’s Security Guidance

SANTA CLARA, Calif. December 17, 2009 As part of its overall strategy
to help customers and partners build public and private clouds that are
open and interoperable, Sun Microsystems, Inc. today
unveiled innovative open source cloud security capabilities and
announced support for the latest Security Guidance from the Cloud
Security Alliance. 


Sun is steadfast in its commitment to providing best practices and
technologies that help users safeguard their critical data in the
enterprise and in the cloud. The introduction of Sun’s Cloud Security
architectural building blocks will help deliver enterprise-grade cloud
services that are highly secure, available and easily manageable when
used in public, private or hybrid cloud environments. Leveraging the
built-in security capabilities of Sun’s Solaris Operating Systems,
including Solaris ZFS and Solaris Containers, the security tools help
in securing data in transit, data at rest, and data in use in the
cloud, and work with cloud offerings from leading vendors including
Amazon and Eucalyptus.

Along with introducing new security tools today, Sun also announced
support for the Cloud Security Alliance’s "Guidance for Critical Areas
of Focus in Cloud Computing – Version 2.1." Sun privacy and security
experts have been instrumental in the industry-wide effort to develop
the security guidance and have been active participants in the Cloud
Security Alliance since its inception. The new framework provides more
concise and actionable guidance for secure adoption of cloud computing,
and encompasses knowledge gained from real world deployments.

"Sun’s technologies, best practices and work with leading industry
organizations like the Cloud Security Alliance help provide our
customers and partners with a framework for securing data in cloud
environments," said Lew Tucker, CTO, Cloud Computing, Sun Microsystems.

Sun also published a new white paper, "Building Customer Trust in Cloud
Computing with Transparent Security," that provides an overview of
transparent security and the ways in which intelligent disclosure of
security design, practices and procedures can help improve customer
confidence while protecting critical security features and data,
improving overall governance.

"Security remains one of the major concerns for enterprise customers
moving to the cloud," said Glenn Brunette, Distinguished Engineer and
Chief Security Architect, Sun Microsystems. "Sun’s new security tools
will help address several of these fundamental issues and enable
customers to realize the benefits of cloud computing while also
managing risk and safeguarding critical assets."

Sun today announced availability for several open source Cloud Security tools including:

  • OpenSolaris VPC Gateway:
    Provides customers with greater choice and flexibility when connecting
    their systems to the Amazon Virtual Private Cloud. The OpenSolaris VPC
    Gateway software enables customers to quickly and easily create a
    redundant, secure communications channel to a Virtual Private Cloud
    without the need for proprietary networking equipment. To download the
    OpenSolaris VPC Gateway tool, visit
  • Immutable Service Containers (ISC):
    Delivers architectural patterns with associated deployment strategies
    that collectively define a highly secure foundation for service
    delivery. Incorporating many of the security features of the
    OpenSolaris Operating System, including Solaris ZFS, Solaris
    Containers, and Solaris IP Filter and Auditing, the ISC architecture
    leverages service compartmentalization and improved integration
    techniques to create virtual machines with significantly improved
    security protection and monitoring capabilities. To download the ISC
    software or pre-built images, visit
  • Security Enhanced Virtual Machine Images (VMIs):
    Using many of the techniques developed for the Immutable Service
    Container project, Sun created several security-enhanced VMIs for the
    Amazon Elastic Compute Cloud (EC2). These virtual machines leverage
    industry accepted recommended practices including non-executable
    stacks, encrypted swap and auditing enabled by default. Beyond simple
    OpenSolaris images, Sun has also published integrated software stacks
    such as Solaris AMP and Drupal built on these security-enhanced images.
    To download the VMIs, visit
  • Cloud Safety Box:
    Simplifies managing encrypted content in the Cloud. Using a simple
    Amazon S3-like interface, the Cloud Safety Box automates the
    compression, encryption and splitting of content being stored in the
    cloud on any supported operating system including Solaris, OpenSolaris,
    Linux and Mac OS X. To download the Cloud Safety Box, visit

Sun is working with its customers and partners worldwide to build and
deploy public and private clouds that are open and interoperable. The
Sun Open Cloud Platform, powered by Sun’s industry-leading software,
hardware and storage, delivers cost-effective, scalable cloud


Please enter your comment!
Please enter your name here