Imperva Introduces Cloud Reference Architecture for Protecting Web Applications in Infrastructure-as-a-Service Environments


impervaImperva Inc, pioneering the third pillar of enterprise security with a new layer of protection designed specifically for physical and virtual data centers, has announced the immediate availability of a Cloud Reference Architecture for Infrastructure-as-a-Service (IaaS), focused on Amazon Web Services (AWS).  This new reference architecture kicks off a series of ‘templates’ that Imperva will be releasing for cyber defense and cloud security, and it provides the industry’s first-ever guide for implementing web application security and application management security solutions in a public cloud.

The Imperva Cloud Reference Architecture for AWS provides several blueprints for building an additional security layer for applications running on the AWS Cloud.  These blueprints offer powerful strategies for deploying the Imperva SecureSphere Web Application Firewall (WAF) together with complementary services from the company’s Incapsula and Skyfence acquisitions: specifically, DDoS Protection from Incapsula, and Privileged User Monitoring from Skyfence.

“These blueprints provide the guidance that security teams are looking for when moving web applications to the cloud,” said Mark Kraynak, Chief Product Officer for Imperva.  “Our new Cloud Reference Architecture for AWS gives data center architects, IT and operations architects an actionable plan for securing their web applications on AWS using a proven solution for achieving enterprise-grade security in the cloud.”

In a Gartner report titled “Hype Cycle for Cloud Security, 2014”, Jay Heiser, Research Vice President, wrote, “Current and potential cloud customers must avoid the trap of ‘cloud complacency’: assuming that anything that’s as easy to use as a cloud-based service must automatically be secure and reliable. All IT decision makers need to be aware of the degree to which cloud-using organizations must be responsible for their own security destiny. The increasing availability and maturity of mechanisms that can reduce cloud computing risk is making that task easier.”

Imperva has been offering its SecureSphere WAF for AWS since March of this year. Now, using the company’s Cloud Reference Architecture for AWS, customers can also take advantage of the Incapsula best-of-breed DDoS Protection service in order to protect against disruptions to service, and the Skyfence Cloud Gateway, which provides customers the ability to monitor and protect administrator access to the AWS Management Console.

The new Cloud Reference Architecture for AWS is available on the Imperva web site. The SecureSphere WAF for AWS is available on AWS Marketplace in two licensing options: “Bring Your Own License” (BYOL) and on-demand pricing. Basic services of Incapsula and Skyfence described in the Cloud Reference Architecture are included at no additional cost with the purchase of a BYOL annual subscription of SecureSphere WAF for AWS.