Transparent and user-friendly end-to-end security - from the terminal to the data center
The FUJITSU Security Solution SURIENT is a new tape of end-to-end IT security system. It provides secure application environments based on existing infrastructures and enables a very high degree of security, especially for sensitive data and processes. The user-friendliness and performance levels remain high.
The security concept based on FUJITSU SURIENT covers data centers, data transfer and terminals as well as the sensors which play a central role in the "Internet of Things". The concept is based on results from the research and development project "Digital sovereignty“ and comprises various modules. It is this possible to adjust the protection levels to the various requirements. The modules can be used individually or in combination.
The following components were presented at Fujitsu Forum 2015 and will be available between March and December 2016:
SURIENT MRS (Managed Rack Solution)
The Managed Rack Solution module protects data center infrastructures from non-authorized access. The Managed Rack Solution is designed for average security and will be available as of Spring 2016. Authentication can be via infra-red palm vein scan using PalmSecure but other biometric authentication systems can be used. The rack can thus only be accessed by authorized administrators. Depending on the protection requirements access can also be combined with a "double-check" (4 or more eyes). The door of a security rack can thus only be opened jointly via a defined group of persons.
SURIENT SRS (Sealed Rack Solution)
The Sealed Rack Solution module protects data center infrastructures from non-authorized access. The Sealed Rack Solution offers even greater protection levels as well as monitoring and audit features according to ISO 27000. It will be available at the end of 2016. Authentication can be via infra-red palm vein scan using PalmSecure but other biometric authentication systems can be used. The rack can thus only be accessed by authorized administrators. Depending on the protection requirements access can also be combined with a "double-check" (4 or more eyes). The door of a security rack can thus only be opened jointly via a defined group of persons.
SURIENT EBS (Encrypted Boot Solution)
The new Encrypted Boot Solution (EBS) is based on technology patented by Fujitsu. The module is used to start IT systems in the data center with encrypted system partitions and without having to enter a password manually. The passwords are created and transferred by the system decentrally and are not even known to the administrators. This provides effective protection against non-authorized access by employees. The Encrypted Boot Solution will be launched in Spring 2016.
SURIENT SCS (Stealth Connect Solution)
The Stealth Connect Solution (SCS) ensures that today's external attack methods against servers and services will be unsuccessful. Authorized users can log in via a secure Virtual Private Network (VPN) in the data center. The solution disables the server process VPN port and an attacker does not receive any response to his port scans and is thus not provided with any information about the location of possible attack points. A Zero Day Exploit and Man-in-the-Middle attacks are made extremely difficult as a result of this "digital stealth" function. The module will be available as of Spring 2016.
SURIENT SAS (Sealed Application Solution)
The Sealed Application Solution (SAS) module ensures effective protection for applications on terminals, such as PCs, tablets, workstations and notebooks. It is a highly-secure runtime environment which is started parallel to the operating system. The applications and data processing run completely separated from the hardware and operating system in this encapsulated environment . Applications and data can thus be protected against attacks in a very effective manner. The solution is not dependent on any manufacturer and can be used on all standard-based terminal systems; it is suitable for processing sensitive company data and for applications, such as online banking. The solution will be on offer at the end of 2016