Aporeto Cloud Identity Framework Seamlessly and Securely Bridges AWS with Private Infrastructures

By: Thelen Blum 06.26.2019
Aporeto Cloud Identity Framework Seamlessly and Securely Bridges AWS with Private Infrastructures

AWS Acknowledges Aporeto as a Key Enabler to Bridge Distributed On-Premises and AWS Workloads for Centralized Visibility, Management, and Simplified Migration

San Jose, California – June 26, 2019 – Aporeto, the leader in Identity-Powered Cloud Security, today announced the Aporeto Cloud Identity Framework, a suite of identity-based security services that enables consistent policy enforcement between homegrown enterprise applications and AWS managed services. This suite continues to expand the Aporeto identity-based security platform, which leverages both user and application identities to manage access to resources and cloud workloads on any infrastructure.

Simplicity for complex identity architectures

The security industry is moving toward using identity to define policies for applications, but there is overwhelming complexity in managing multiple identity sources and identity architectures. Sprawling identity architectures often include Lightweight Directory Access Protocol (LDAP) and Active Directory services, the adoption of OpenID Connect (OIDC) compliance identity providers, and AWS’s native IAM identity web service. Aporeto’s identity-based security solution is independent of the infrastructure, thus reducing the burden of managing identities across private and public cloud environments.  Aporeto’s solution enables customers to move towards homogenous identity for their applications across all infrastructures, making auditing and centralized policy governance more robust with simpler operations.   

The Aporeto Cloud Identity Framework includes Distributed Firewall, Cloud Privileged Access Management (PAM), and Identity-Aware Proxy.  This suite leverages Aporeto’s identity management capabilities to secure workloads at L3-L7 through mutual authentication and authorization, enabling enterprises to radically simplify their network infrastructure. Moreover, this framework offers a full PKI infrastructure that enables the transparent mTLS encryption of in-flight data, obviating the need for VPN tunnels or private links for traffic on any infrastructure and across the internet. Because Aporeto’s identity-based access management security solution is not dependent on network constructs, Aporeto’s security posture follows applications no matter where they reside.

“We have invested many years in developing web applications for internal consumption,” said Lucas Tischhauser, NAIC Security Architect II. “As we migrate our infrastructure into AWS, we want to have a more cloud-native architecture and implement a Zero Trust security posture without having the burden of rewriting our applications or putting efforts into undifferentiated, but required, security tasks. The Aporeto Cloud Identity Framework, and in our case, Identity-Aware Proxy, is empowering us to migrate more rapidly on AWS while having the best-in-class security posture.”

“The desire to accelerate migration to the public cloud is a common goal across our customer base,” said Jason Schmitt, CEO of Aporeto. “But these objectives are hampered by complex network-based security concerns for both users and applications. Our core competency lies in providing identity-based access control for cloud applications. Our Cloud Identity Framework is a powerful identity-powered security bundle that strengthens security, simplifies operations, and accelerates cloud migration.”

The benefits of the Aporeto Cloud Identity Framework are stronger security, simpler IT operations, and flexibility for enterprise customers as they migrate to the cloud. Features include: 

  • Decoupling the identity and authorization system from the infrastructure, making contiguous secure operations across AWS hybrid clouds possible without requiring any application code or architectural changes
  • Easier integration of new or different AWS services with existing enterprise services and assets for seamless operations
  • Improved security posture with a consistent, policy-driven authentication and authorization process for hybrid infrastructure
  • Elimination of secrets management for any application interfacing with Aporeto Cloud Identity Framework
  • Improved adherence to regulatory and internal compliance requirements, making auditing simpler and more bulletproof

“AWS is laser-focused on our customers and their security needs,” said Benjamin Andrew, Global Lead, Security & Networking at AWS. “We know that enterprises have significant investments in their existing applications and services. We are excited that the Aporeto Cloud Identity Framework is now available – and can enable our customers to continue to extract maximum value from their existing IT assets while they build a more agile, secure, and flexible infrastructure on AWS.”

Aporeto Cloud Identity Framework is now available for demo and can be purchased on the AWS Marketplace.  For more information, meet with Aporeto one-on-one at AWS RE:INFORCE in Boston, June 25 – 26, 2019. 

About Aporeto 

Aporeto is the leader in Identity-Powered Cloud Security for hybrid and cloud environments. Rather than relying on IP addresses or simple token identifiers, Aporeto microsegments enterprise infrastructure and applications based on cryptographic workload and user identities for a Zero Trust security posture.  Aporeto protects against attacks and prevents lateral movement with application policies that are portable and persistent for end-to-end visibility and centralized management. The Aporeto platform future proofs your infrastructure and delivers stronger cloud security, simpler operations, and better ROI for any infrastructure at any scale. Learn more at www.aporeto.com

Press inquiries to: 

Thelen Blum
(408) 796-3101
pr@aporeto.com

Recent Posts Secure Your Cloud Credentials with Identity Federation for Airtight Kubernetes Security Aporeto Launches New Identity Federation Capabilities for Kubernetes Pods & Istio Service Mesh, Delivering Security as Code to Accelerate DevSecOps Easy Application Network Encryption and Access Control Without Re-coding Your Application