Startup Dome9 Security is introducing automated management of firewall settings on servers in physical and virtual environments with the aim of keeping servers locked down with less manual configuration, the company said.
Dome9 said that the problem is that cloud-based servers are so diversely deployed and flexible that managing their security is complex and time consuming. As a result many servers are left with ports open by default when they could actually be closed most of the time.
Dome9’s service seeks to automate some of that security by setting and enforcing policies on firewalls that are native to virtual or physical server operating systems. The service does not manage third-party firewalls, the company said.
The company said the service can lock down firewall ports, allowing access only to specified users during specified time windows but closing them at all other times. “Administrative ports, for example, can be shut down by default and enabled per server on demand for a specific period of time and for a particular administrator or group,” representatives said.
The service also enables creating different privilege sets for different administrators or groups, according to Dome9.
The service could be offered by cloud service providers or businesses could buy the service themselves, the company added.
Cloud provider GoGrid said it will offer a service based on Dome9’s technology.
The company also said that customers who buy the Dome9 service directly from Dome9 can use it to manage firewall settings on servers within multiple cloud provider networks, the company says.
Customers can log in via username and password to Dome9’s service and set access policies and management access to the servers themselves is either through a firewall application programming interface or via a software client running on the server, the company added.
The client supports Windows 2008 R2, 2008, 2003 R2 and 2003 as well as Linux versions CentOS/RHEL 5.x and 6.0 and Debian 6, Dome9 sources said.
The service provides auditing that enables viewing when users have logged in, altered policies and accessed machines, they added.
For service providers, the company offers Dome9 Connect, which is software that integrates via API into management of Amazon Web Services EC2 and VPS security groups.
According to Dome9, the services are available now. Pricing for business customers starts at $20 per server per month and increases with the number of servers and number of administrators. The company offers a free 14-day trial and a free personal plan in which a customer can support one server and one administrator.
Dome 9 is co-founded by former Check Point Software executive Zohar Alon, Dome9 CEO, and Roy Feintuch, the company’s CTO and is funded by Opus Capital.