Rackspace Introduces Managed Security, Compliance Services

Responding to demand from customers and channel partners increasingly nervous about sophisticated cyberattacks, Rackspace Tuesday introduced managed security and compliance services built through new partnerships with a variety of security vendors.

The San Antonio-based cloud provider has also launched two new practice groups -- one around security and the other around compliance assistance -- intent on continuing to develop and bring to market those holistic best-of-breed solutions.

The managed packages represent a departure for Rackspace, which in the past has only offered its customers single-point solutions to choose from: firewall, threat management, intrusion alerting, encryption and antivirus. Customers were responsible for assembling the parts to protect their operational environments.

[Related: Rackspace Fills Vacant Chief Security Officer Slot]

"We've all seen the increase in cyberattacks," said Perry Robinson, vice president of managed security at Rackspace. "It's starting to hit close to home for a whole lot of people."

Those attacks are becoming more frequent and more sophisticated, he said. "We figured we better do something about it."

The project got off the ground more than a year ago, when Jarret Raim, senior manager of the managed security practice, was charged with evaluating the evolving threat landscape and soliciting feedback from partners and customers.

Raim recognized the security package had to thwart two types of attacks, he said.

The first was just the everyday "background radiation of the Internet," he said, pointing to the unfocused work of "bad people doing bad things" such as sending spam.

But over the past year there's been a significant rise in advanced persistent threats -- targeted attacks against specific organizations like Target, Home Depot and Sony. More sophisticated technologies would have to be deployed to address those threats.

Raim oversaw an exhaustive process of researching potential solutions -- basically products offered from the 300 or so vendors likely to attend an RSA Conference. Rackspace then leveraged existing relationships and its internal expertise to choose vendors and forge partnerships, he said.

Raim's team selected technologies to mount a triple-pronged defense: host-based protection, network security and an analytics platform.

Rackspace turned to CrowdStrike to guard host servers against zero-day, non-malware attacks by analyzing behavior to detect suspicious operations. Alert Logic supplied a log management component at that layer, Raim said.

Network protection posed a greater challenge because Rackspace supports a number of platforms, Raim said, from dedicated bare-metal servers to public, private and hybrid clouds. Visibility varies across those platforms.

Alert Logic and LogRhythm were selected to monitor threats at the network layer. Rackspace is currently considering adding vArmour and Catbird products to that part of the stack, Raim said.

LogRhythm's technology was also put to work conducting analytic assessments and traditional security information and event management (SIEM) processes, with AlienVault and Splunk products being integrated into the analytics platform mix.

The final piece of the puzzle was a security operations center manned round-the-cloud by threat analysts.

"You can't keep people from your environment," Raim told CRN. "So what we're really focused on is making it more difficult for them to get into and operate inside a customer environment. Then detecting that intrusion and getting rid of them as fast as possible."

The managed security solution fits customers large and small, Raim said.

"The solution we designed can be accessed by SMBs but still provides value all the way through the enterprise layer," he told CRN.

The compliance group followed a similar process.

"Compliance standards are effectively as important to a lot of businesses as a law might be," Robinson told CRN. "What we were hearing is it's very hard to go out and meet these standards."

Businesses are struggling to find and retain workers who know how to meet complex compliance requirements, Robinson said.

Rackspace partnered with CloudPassage for real-time monitoring of compliance across user environments. Rackspace specialists have also earned PCI certifications to help customers process credit card transactions. HIPAA, the health-care standard, will be next, Raim said.

Rackspace is currently working directly with select customers using the new services. They'll be generally available in December, Robinson said.

While partners aren't yet involved in bringing the holistic security and compliance packages to market, the channel will ultimately benefit from the strong selling point those solutions offer, Robinson told CRN.

Rackspace is talking with some partners who specialize in security to figure out ways to leverage the offerings to tap new customers.

"For those who aren't in the security space, this creates a stronger basis with which they can go out and resell Rackspace services to people they have relationships with," Robinson said.

There's still a lot of work to do with some of the cloud provider's new technology partners as well, Raim said.

Many of those elite security vendors didn't engineer their products to work at the scale of a provider like Rackspace, to function in a multitenancy environment, or even to support an OEM billing model.

Rackspace in some cases had to build out the third-party solutions; and in others simply encouraged the vendors to develop capabilities faster.

"Sometimes Rackspace adds multitenancy, and then over time the supplier will build out that capability," Robinson told CRN.

It's worth that investment in those partnerships, Robinson said, because they will last many years.

PUBLISHED SEPT. 29, 2015