Cloud Security Documentation
Nobus Cloud Security Services
Nobus cloud provides comprehensive cloud security services designed to protect your data, applications, and infrastructure from evolving cyber threats. With a focus on protecting sensitive information and ensuring compliance with industry standards, our solutions are tailored to meet the unique needs of your organization. We also leverage state-of-the-art technologies and best practices to ensure a secure environment for your business operations.
Nobus as a cloud provider is responsible for securing the underlying infrastructure and ensuring compliance with regulations, while you as a cloud user is responsible for securing your data, managing access, and configuring environments securely.
Nobus Responsibilities
Our key responsibilities, include ensuring infrastructure security by protecting physical data centers and network systems, implementing data security through encryption for data at rest and in transit, and managing access control using multi-factor authentication (MFA) and role-based access control (RBAC). We focus on network security by deploying firewalls and intrusion detection/prevention systems (IDS/IPS) to defend against attacks, ensure compliance with regulatory requirements, also continuously monitor for threats with our incident response plan, as well as provide clear security measures in our service level agreements (SLAs). In addition, we provide standard security controls such as security groups, and network Firewalls on the cloud user interface. This allows the user to protect their services using standard tools.
Key Features
1. Data Protection
In Transit:
Data transmitted between your systems and our platform is secured with TLS (Transport Layer Security).
2. Access Control
Identity Management:
Robust policies to manage user identities and access.Multi-Factor Authentication (MFA):
Enhance security with two step verification
3. Threat Detection and Response
Intrusion Detection Systems (IDS):
Continuous monitoring of network traffic for threats.Security Information and Event Management (SIEM):
Real-time analysis of security data.
4. Compliance and Governance
Regulatory Compliance:
Adherence to standards like GDPR, PCI-DSS, and ISO 27001Policy Management:
Customizable security policies for cloud resource governance.
5. Network Security
Cloud Firewalls:
Protect against unauthorized access and DDoS attacks.VPN Solutions:
Secure remote access to sensitive data.
6. Incident Response Planning
Incident Response Plans:
Tailored strategies to address security breaches.Backup:
Solutions to ensure business continuity.
5. Regular Security Audits
Periodic security assessments to identify vulnerabilities and ensure compliance with industry standards.
Nobus Cloud User Responsibilities
Nobus cloud users have several important responsibilities, including protecting data by encrypting sensitive information before uploading, managing access through strong password policies and multi-factor authentication (MFA), and securely configuring cloud resources. They must also monitor for suspicious activity, maintain logs, and ensure compliance with relevant regulations. Organizations must also provide security training for their employees on best practices, and establish an incident response plan for addressing security breaches.
Advanced Cyber Security Services
We offer robust cybersecurity solutions to protect your business from a variety of threats. Offerings include FortiGate Firewall, Sophos XG Firewall, and Acronis Cyber Protect. Each solution is designed to enhance your security posture, ensuring your data and applications are safe from cyber threats. We also provide comprehensive support to assist you whenever needed.
Sophos XG Firewall
Sophos XG Firewall brings a fresh new approach to the way you manage your firewall, respond to threats, and monitor what’s happening on your network.
It provides all the latest advanced technology you need to protect your network from ransomware and advanced threats including top- rated IPS, Advanced Threat Protection, Cloud Sandboxing and full AI-powered threat analysis, Dual AV, Web and App Control, Email Protection and a full-featured Web GUI.
Some key features include:
- Synchronized Security: Automatically responds to threats based on real-time data from endpoints.
- Advanced Threat Protection: Detects and mitigates sophisticated threats using machine learning and artificial intelligence.
- Central Management: Unified management console for monitoring and managing network security.
- User Awareness: Provides insights and reports on user activity to enhance security policies.
SET UP
If the following minimum server requirements are not met, XG Firewall will go into failsafe mode:
- Two vCPU
- 4 GB vRAM
- 2 vNIC. ( warning! the Network maximum transmission unit (MTU) for Nobus is
1458) - DiskI with code name Security-Sophos-XG-Firewall-DiskI: Minimum 30 GB
- DiskII with code name Security-Sophos-XG-Firewall-DiskII: Minimum 80 GB
For optimal XG Firewall performance, configure vCPU and vRAM according to the license you have purchased. Do not exceed the maximum number of vCPUs specified in the license.
STEPS
Create Two Root Volumes (Primary and Auxiliary)
The boot source of the two volumes are; (a) Security-Sophos-XG-Firewall-DiskI: Minimum 30 GB and (b) Security-Sophos-XG-Firewall-DiskII: Minimum 80 GB images respectively.
To create these volumes, log in to the Nobus Management Console.
Goto Project > Volumes > Volumes
Click on the “ + Create Volume” button. On the new Create Volume window, provide the neccessary inputs as specified below.
- Volume Name
- Description (optional): primary volume
- Volume Source: Select Image
- Use image as a source: Choose Security-Sophos-XG-Firewall-DiskI
- Size: minimum 30 GB
- No need to specify other inputs
- Click on the Create Volume button below to create the volume
Repeat the steps above to create the auxiliary volume but this time;
- Use image as a source: Choose Security-Sophos-XG-Firewall-DiskII
- Size: minimum 80 GB
- No need to specify other inputs
- Click on the Create Volume button below to create the volume
After the two root volumes had finished creating, you can then proceed to creating your sophos xg firewall instance with the next step.
Contact cloud support if you need assistance.
Acronis Cyber Protect
Protect your mission critical Systems from Servers to desktops/Laptops with Nobus Cloud Backup (NCB). With NCS, Our cloud customers can now provide an extra layer of backup & Cyber security for their applications at a fractional monthly cost. On-Premise customers, and customers hosting their applications with other 3rd party cloud providers such as AWS, Azure, GCP or VMWare-Based hypervisors can now backup and protect their applications and critical user data on Nobus platform
Some key features include:
1.Advanced Backup & Recovery for various workloads (Cloud & On-premise, Nobus cloud or 3rd party cloud)
2. Ransomeware Protection for all systems
3. Forensic Backup
4. Vulnerability scan across your system
5. Antivirus Protection
6. Single view for management of all Protected workloads
7. NDPS cuts your Cyber protection costs by up to 50%, boosts your monthly recurring revenue, while delivering best in className Cyber protection for your applications and data.
To protect business-critical data, backup is not enough – customers need the integrated approach of cyber protection. Paired with Nobus Cloud Backup, the Advanced Backup pack enables our customers to extend the cloud backup capabilities required to proactively protect their data. Available in consumption-based or per-workload licensing models, you can easily minimize data loss across your infrastructure and workloads with the best-in-breed backup and recovery technology that is enhanced with cyber protection. See the Customer support documentation or download the User guide and Admin guide.
To get started with creating your Acronis Cyber Protect Instance, Select acronis-cyberprotect from image list during instance creation
Min Disk(GB) is 100 and Min RAM(MB) is 8192
Contact cloud support if you need assistance.
FortiGate Next-Generation Firewalls (NGFWs)
FortiGate Firewall network security solution provides comprehensive security features designed to protect networks from various threats.
Some key features
Next-Generation Firewall (NGFW):
Combines traditional firewall capabilities with advanced features like intrusion prevention, application control, and deep packet inspection.Unified Threat Management (UTM):
Integrates multiple security functions into a single device, including antivirus, web filtering, and VPN support.High Performance:
Designed to handle high volumes of traffic with low latency.Secure SD-WAN:
Provides secure software-defined wide area network capabilities.Centralized Management:
Enables centralized control of multiple FortiGate devices.Cloud Integration:
Secures cloud environments and integrates with cloud services.Threat Intelligence:
Utilizes FortiGuard Labs for real-time threat intelligence.
Use Cases
Enterprise Security:
Protecting corporate networks from cyber threats.Remote Access:
Providing secure VPN connections for remote workers.Compliance:
Helping organizations meet regulatory requirements.Branch Office Security:
Extending security to remote offices.
FortiGate Firewalls are versatile, high-performance security appliances used by organizations of all sizes to safeguard their networks against a wide range of threats while simplifying management and improving operational efficiency.
To get started with creating your FortiGate Firewall Instance, Select Security-Fortigate-FortiOS from image list during instance creation
Contact our cloud support team to get started with setting up your database cluster.