Armor's Private Cloud

Armor’s private cloud is a turnkey high-performance hosting infrastructure secured with Armor Anywhere.

Armor's Private Cloud

Armor’s private cloud is a secure and compliant high-performance hosting infrastructure for organizations with mission-critical and sensitive workloads.

ENVIRONMENT(S)

Private Cloud/Public Cloud/Hybrid/On-Premise
Armor's Private Cloud

SECURITY

Server
Hardened Operating System
 
OS Logging (30-day retention)
 
High Availability (Hypervisor)
 
Workload Protection
Intrusion Detection / Intrusion Prevention
File Integrity Monitoring
Malware Protection
Vulnerability Scanning
Log & Data Management
Recommendation Scans
Network Protection
Web Application Firewall
 
IP Reputation Management
 
Access and Admin Controls
MFA Portal Authorization Controls
 
MFA SSL/VPN Access
 
Visibility
Armor Management Portal

INFRASTRUCTURE

Options
Load Balancers
 
High Availability
 
Compute
 
Storage
 
Encryption (Optional)
 
Regions/Availability Zones/Edge Locations
 
Business Continuity/Disaster Recovery (Optional)
 
Advanced Backup (Optional)
 

COMPLIANCE, DATA PROTECTION, & RECOVERY

Advanced Log Management

Extend log retention and access to 13 months, meeting compliance requirements.

Vulnerability Scanning

Vulnerability scanning includes scheduled scans and self-assessment portal.

Backup Service

Flexible backup solution with simple recovery options that are fully supported by our customer care team.

Disaster Recovery

Ensure business continuity by enabling continuous data replication between two physical Armor locations.

SECURITY, NETWORK, SCALABILITY, & PERFORMANCE

Load Balancers

Build and deploy horizontal scalability into your cloud with our flexible virtual load balancer options supporting up to 1 Gbps.

Advanced WAF

Customers who have requirements for WAF rules and performances may deploy a dedicated virtual WAF in their cloud.

MICROSOFT SQL DATABASES

Armor provisions your server with a licensed Microsoft SQL database server, saving you money up-front and providing you with flexibility for future upgrades. We offer the following editions:

MS SQL Web Edition

Offered in 4, 6, 8, 12, and 16 vCPU (processor) configurations

MS SQL Standard Edition

Offered in 4, 6, 8, 12, and 16 vCPU (processor) configurations

MS SQL Enterprise Edition

Offered in 4, 6, 8, 12, and 16 vCPU (processor) configurations

CORE COMPONENTS

Cloud Server Icon

CLOUD SERVERS*

Virtual Processors

1 | 2 | 4 | 6 | 8 | 12 | 16 vCPUs

Virtual Memory

1 | 2 | 4 | 6 | 8 | 12 | 16 | 24 | 36 | 48 | 64 | 72 | 96 GB

STORAGE

Tier 1 - Top Performance

All-SSD 10 GB to 500 GB

Tier 2 - Top Value

Hybrid SSD 50 GB to 2 TB

Tier 3 - High Volume

Fast disk 250 GB to 2 TB
Network Icon

BUILT-IN NETWORKING

  • Native Firewall
  • Private IP addresses
  • VPN Services-SLL and L2L/IPSec
* All Servers include high-performance SSD storage (Windows 60GB | Linux 30 GB)

Simplify Adherence to Major Compliance Frameworks

Armor Security Services PCI DSS 3.2 Controls Risk Mitigation
PERIMETER CONTROLS
IP Reputation Filtering Security best practice Activity from known bad sources
DDoS Mitigation Security best practice Loss of availability due to high volume of malicious activity
APPLICATION CONTROLS
Web Application Firewall 6.6 Application layer flaws and exploits
NETWORK LAYER
Intrusion Detection/Prevention 11.4 Malicious allowed traffic
Network Firewall (Hypervisor) 1.1.5, 1.1.6, 1.1.7, 1.2.2, 1.2.3, 1.3.3, 1.3.5 Unwanted network connectivity
Internal Network Vulnerability Scanning 11.2.3 Exploits due to missing patches and updates; improper network firewall configuration
External Network Vulnerability Scanning 11.2.2 Exploits due to missing patches and updates; improper network firewall configuration
Secure Remote Access (Two-factor Authentication) 8.3 Unauthorized remote use of administrative access
Encryption in Transit (Armor SSL Certificates Only 4.1.c, 4.1.d Interception of sensitive data in transit
SERVER CONTROLS
Hardened Operating System (OS) 2.1.a, 2.1.b, 2.1.c, 2.2.a, 2.2.b, 2.2.c, 2.2.d Configuration errors
File Integrity Monitoring 11.5 Monitoring unauthorized changes to critical files
Secure Remote Administrative Access 2.3 Disclosure of administrative credentials
OS Patching 6.1, 6.2 OS weaknesses
Malware Protection 5.1, 5.2, 5.3 Compromise due to virus or malware infection
Log & Data Management 10.1, 10.2.2-10.2.7, 10.3, 10.5, 10.6, 10.7 Detection of malicious activity
Data at Rest Encryption 3.4 Unauthorized disclosure of sensitive information
Time Synchronization 10.4 Facilitates log and forensic analysis
Capacity Management Security best practice Ensures resource availability
END USER CONTROLS
Endpoint Detection & Response 5.1, 5.2, 5.3, 10.6, 10.8 Antivirus protection and detection of malicious activity on user endpoints
PHYSICAL LAYER
Rogue Wireless Scanning 11.1 Unauthorized network access
Physical Security 9.1, 9.2, 9.3, 9.4 Physical theft or compromise of data
Secure Data Deletion 9.8.2 Data recovery from discarded systems
ADMINISTRATIVE CONTROLS
Change Control 6.4.5 Unauthorized network access
Formal Risk Assessment 12.2 Identification of risks and threats
Incident Response 12.10 Response to security incidents
Array Snapshots Security best practice Loss or corruption of data
Business Associate Contract N/A Legal liability for data loss/breach
Maintain Maintenance Records Security best practice System failure
Access Control 7.1.1, 7.1.2 Unauthorized access
Security Audits Security best practice Validation of controls program

Armor Security Services HIPAA/HITECH Controls Risk Mitigation
PERIMETER CONTROLS
IP Reputation Filtering §164.308(a)(1)(ii)(A) Activity from known bad sources
DDoS Mitigation Security best practice - implied control under §164.306(a) Loss of availability due to high volume of malicious activity
APPLICATION CONTROLS
Web Application Firewall Security best practice - implied control under 164.306(a) Application layer flaws and exploits
NETWORK CONTROLS
Intrusion Detection/Prevention Security best practice - implied control under §164.306(a) Malicious allowed traffic
Network Firewall (Hypervisor) Security best practice - implied control under §164.306(a) Unwanted network connectivity
Internal Network Vulnerability Scanning Included in §164.308(a) Exploits due to missing patches and updates; improper network firewall configuration
External Network Vulnerability Scanning Security best practice - implied control under §164.306(a) Exploits due to missing patches and updates; improper network firewall configuration
Secure Remote Access (Two-factor Authentication) §164.312(d), §164.312(a)(2)(iii) Unauthorized remote use of administrative access
Encryption in Transit (Armor SSL Certificates Only §164.312(e)(1) Interception of sensitive data in transit
SERVER CONTROLS
Hardened Operating System (OS) Security best practice - implied control under §164.306(a) Configuration errors
File Integrity Monitoring §164.312(e) Monitoring unauthorized changes to critical files
Secure Remote Administrative Access §164.312(d) Disclosure of administrative credentials
OS Patching Security best practice - implied control under §164.306(a) OS weaknesses
Malware Protection §164.308(a)(5)(ii)(b) Compromise due to virus or malware infection
Log & Data Management §164.308(a)(1)(ii)(d), §164.308(a)(5)(ii)(c), §164.312(b) Detection of malicious activity
Data at Rest Encryption §164.312(d), §164.312(a)(2)(iii) Unauthorized disclosure of sensitive information
Time Synchronization Security best practice - implied control under §164.306(a) Facilitates log and forensic analysis
Capacity Management Security best practice - implied control under §164.306(a) Ensures resource availability
PHYSICAL CONTROLS
Rogue Wireless Scanning Security best practice - implied control under §164.306(a) Unauthorized network access
Physical Security §164.310(a)(2)(i), §164.310(a)(2)(ii), §164.310(a)(2)(iii), §164.310(a)(2)(iv) Physical theft or compromise of data
Secure Data Deletion §164.310(d)(1), §164.310(d)(2)(ii), §164.310(d)(2)(ii) Data recovery from discarded systems
END USER CONTROLS
Endpoint Detection & Response §164.308(a)(1)(ii)(d), §164.308(a)(5)(ii)(b), §164.312(b) Antivirus protection and detection of malicious activity on user endpoints
ADMINISTRATIVE CONTROLS
Change Control Security best practice - implied control under §164.306(a) Unauthorized network access
Formal Risk Assessment §164.308(a)(1) Identification of risks and threats
Incident Response §164.308(a)(6) Response to security incidents
Array Snapshots §164.308(a)(7)(ii)(a), §164.310(d)(1), §164.310(d)(2)(iv) Loss or corruption of data
Business Associate Contract §164.308(b)(1) Legal liability for data loss/breach
Maintain Maintenance Records §164.310(a)(2)(iv) System failure
Access Control §164.312(a)(1)(12) Unauthorized access
Security Audits §164.308(a)(8) Validation of controls program

Armor Security Services HITRUST CSF v9.3 66 Controls Required for Certification Risk Mitigation
PERIMETER CONTROLS
IP Reputation Filtering 09.m Activity from known bad sources
DDoS Mitigation 09.m(HT1), 09.h(HT2) (included in Level 2 implementation) Loss of availability due to high volume of malicious activity
APPLICATION CONTROLS
Web Application Firewall 09.m Application layer flaws and exploits
NETWORK CONTROLS
Intrusion Detection/Prevention 09.m Malicious allowed traffic
Network Firewall (Hypervisor) 01.m, 01.o, 01.w, 09.m Unwanted network connectivity
Internal Network Vulnerability Scanning 10.m Exploits due to missing patches and updates; improper network firewall configuration
External Network Vulnerability Scanning 10.m Exploits due to missing patches and updates; improper network firewall configuration
Secure Remote Access (Two-factor authentication) 01.j, 05.i, 09.s Unauthorized remote use of administrative access
Encryption in Transit (Armor SSL Certificates only 09.m, 09.s Interception of sensitive data in transit
SERVER CONTROLS
Hardened Operating System (OS) 10.m Configuration errors
File Integrity Monitoring 09.ab, 10.h Monitoring unauthorized changes to critical files
Secure Remote Administrative Access 01.j, 05.i, 09.m, 09.s Disclosure of administrative credentials
OS Patching 10.m OS weaknesses
Malware Protection 09.ab, 10.h Compromise due to virus or malware infection
Log & Data Management 09.aa(8), 09.ab, 09.ac Detection of malicious activity
Data At Rest Encryption 06.d, 10.g Unauthorized disclosure of sensitive information
Time Synchronization 09.af Facilitates log and forensic analysis
Capacity Management 09.h Ensures resource availability
PHYSICAL CONTROLS
Rogue Wireless Scanning 01.m, 09.m Unauthorized network access
Physical Security 08.b, 08.d, 08.j, 09.ab, 09.q Physical theft or compromise of data
Secure Data Deletion 07.a, 08.l, 09.p Data recovery from discarded systems
END USER CONTROLS
Endpoint Detection and Response Endpoint Protection, Domain Vulnerability Managment, Domain Audit Logging, Monitoring Domain Antivirus protection and detection of malicious activity on user endpoints
ADMINISTRATIVE CONTROLS
Change Control 09.g(10) Unauthorized network access
Formal Risk Assessment 03.a, 03.b, 03.c Identification of risks and threats
Incident Response 05.b, 11.a, 11.c Response to security incidents
Advanced Snapshots 12.c Loss or corruption of data
Business Associate Contract 05.k, 09.e Legal liability for data loss/breach
Maintain Maintenance Records 08.j System failure
Access Control 01.a Unauthorized access
Security Audits 06.g Validation of controls program

We Deliver Security and Compliance Outcomes

Through our cloud security platform, we deliver security and compliance outcomes that allow our customers and partners to move fast, knowing their environments are secure and confident that security isn’t slowing them down.

Learn what our Platform does

Armor is your one-stop shop for a secure, fully compliant solution no matter your security needs.

LJ Wilson Director of Software Engineering
Lindsey Software

Ready to Get Started?

Get started with our pricing tool or schedule a demo.

Use Pricing Tool Schedule a Demo