- Migration to Trend Micro Deep Security 11.3
- Last month we announced our intention to migrate to the latest version of Trend Micro Deep Security. As this was a major upgrade we had to build a completely new Deep Security Manager to run in parallel with our existing installation. This month we will begin the process of migrating our current Deep Security users to the new installation. We will be reaching out in the coming days to schedule a maintenance window, and to provide any login information you will need to access the new installation.
- GuardDuty
- In October we announced the implementation of GuardDuty in our customer accounts. GuardDuty provides real-time security anomaly detection in your account including events for Route53, VPC Flowlogs, and Cloudtrail. Because GuardDuty provides Flowlog anomaly detection we are deprecating our current Oxygen Flowlog service. This will impact your service in two ways. First, you will see a decrease in your billing, for Kinesis and Lambda. Second, you will no longer have access to the Flowlog view in your Oxygen dashboards. We understand many of our customers use this dashboard to get some insight into geographical originations of their traffic. If you still wish to view this data please contact Cloudticity support and let us know. If we don't hear from you we will remove the Oxygen Flowlog service on January 29th, 2019.
- New Service: Automated AMI updates for AutoScaling
- We have identified a use case that may cause Autoscaling groups to become out of sync with the instances that are running. Once an instance is patched with the latest OS patches and/or security updates, it is no longer in sync with the AMI that is driving the ASG. If a scaling event occurs after the OS patching is complete, the newly launched instance will not have the latest OS patches since it was launched from an AMI that did not have those patches. The same issue may present itself for CodeDeploy deployments. To resolve this issue, we developed a service that subscribes (using CloudWatch Rules) to a successful SSM OS patching event and a successful CodeDeploy deployment. Once any of the CloudWatch Rules fire, the service automatically creates a new AMI from the latest instance and updates the ASG to use the new AMI. If a scaling event occurs after the OS patching is complete (or CodeDeploy deployment is complete), the newly launched instance will have the latest OS patches and/or code since it was launched from an AMI that was built using an instance that had the most recent OS patches or application code. If you are interested in this service please reach out to Cloudticity support for more details, or to schedule installation.
Coming Soon
- Unified Server Access Logging
- A common request we receive from our customers is to provide a logging solution that captures server access and security events and aggregates them in a single storage location for querying and visualization. We are working on this solution now with an official release in Q1 of 2019. We are leveraging native AWS services such as Kinesis, S3, Athena, and QuickSight to provide an end-to-end system for monitoring, alerting, and visualizing server access logs. If you are interested in being a beta tester, or have any question regarding this feature, please reach out to our support desk.