The following are the main features of SecureCloud and their benefits.
Uses industry-standard AES encryption (128, 192 or 256)
Encrypts and decrypts data in real time, so data at rest and data traversing the cloud infrastructure is always protected
Applies whole-volume encryption to secure all data, metadata and associated structures without impacting application functionality
Employs role-based management to help ensure proper separation of duties
Performs audit logging for all agent, key, policy and user events
Provides detailed reporting and alerting features for logged events
SecureCloud can issue several types of notifications in response to cloud security events. Administrator notifications are sent via email to the designated administrator contacts. User notifications are presented in the requesting client’s browser. Both administrator and user notifications can be customized.
Utilizes identity- and integrity-based policy enforcement to ensure that only authorized virtual machines receive keys or access secure volumes
Automates key release and virtual machine authorization for rapid operations or requires manual approval for increased security
Delivers keys using SSL encrypted internet channels with additional layers of encrypted communication
Offers central key management as a hosted service within Trend Micro’s secure data centers
SecureCloud enables you to generate reports reoccurring for a specified span of time. Reports are saved to the Management Server so you can download a previously generated report (either one-time or reoccurring) from the Management Server Console.
SecureCloud enables you to write an plug-in for a Cloud Service Provider (CSP) that is not supported "out of the box." The plug-in is a thin, translation layer which communicates with the API of the CSP and presents a uniform interface between CSPs. The CSP-specific implementation will handle all logic specific to the CSP such that the rest of the Runtime Agent is CSP agnostic.
SecureCloud supports the use of a VMware vSphere API, so vSphere users can provision data storage devices and manage the encryption keys with SecureCloud. SecureCloud also supports device mounting for IDE, NFS, SCSI, and iSCSI, which enables SecureCloud to operate in a physical environment.
The SecureCloud Runtime Agent provides the Configuration Tool that enables you to specify your cloud service provider or load a new cloud service provider plugin that you have created, and save the configuration file for later use. From the SecureCloud Web Console you can easily provision devices for encryption.