- Cloud Infrastructure based on Hyper converged Infrastructure platform
- Supports all the versions of Operating Systems: Windows, Linux, Ubuntu, Red Hat, SUSE etc
- Horizontal and Vertical Auto scaling supported
- On Demand Availability
- Supported Block Storage : Persistent and Non- persistent
- Real time resource monitoring with Dashboard
- Powered by Latest Generation Processors of Min 2.4 GHz and Above
Type of Compute Instances.
- Standard Instances:
It provide a balance of compute, memory and networking resources. These instances are ideal for applications that use these resources in equal proportions such as web servers and code repositories. Suitable for Test Workloads( DevOps, Startups, Desktop Virtualization)
- CPU Optimize:
CPU Optimized instances are ideal for compute bound applications that benefit from high performance processors. Instances belonging to this family are well suited for batch processing workloads, media transcoding, high performance web servers, high performance database servers, scientific modeling and ad server engines, machine learning inference and other compute intensive applications.
- Ultra-Performance Block Storage
- VMX Ultra Performance Block storage service uses NVMe-disk based on Hyperconvereged Infrastructure, designed for consistency, and offers flexible and elastic performance
- HCI based Ultra-Performance Block Storage Volume on NVMe SSD Disk 8 IOPs per GB of Block Storage.
- Recommended for workloads with the highest I/O requirements, requiring the best possible performance.
- Performance Block storage(SSD)
- VMX Performance Block Storage uses enterprise grade SSD’s based Volume on SSD Disk 3 IOPs per GB.
- These volumes are ideal for both IOPS-intensive and throughput-intensive hot data workloads that require extremely low latency.
- Standard Block Storage(Hybrid)
- HCI Standard Block Storage Volume on SSD Disk 1 IOPs per GB. Standard Block Storage volumes are suitable for a broad range of transactional warm data workloads, virtual desktops, medium sized single instance databases, latency sensitive interactive applications, dev/test environments, and boot volumes.
Commodity Block Storage(SATA)
- HCI Commodity Block Storage Volume on Magnetic Disk No IOPs are committed on Commodity block storage. Commodity Block Storage It is ideal for less frequently accessed workloads with large, cold datasets, snapshot backups
- Snapshot is a point-in-time state of entities such as VM and Volume Groups, and used for restoration and replication of data. VMX Cloud solutions create snapshots for virtual machine, containers or for the hypervisor itself. Using the read-on-write (ROW) implementation for its snapshots, VMX reduces any performance impacts associated with other implementations.
- It’s designed with an S3-compatible REST API
interface to handle terabytes
to petabytes of unstructured data, all from a single namespace. VMX
Object storage is designed
for backup, long term retention/archiving, and cross-region DevOps
- Objects is an integral part of the VMX enterprise cloud platform that enables VMs, files, block, and object storage to coexist on the same platform.
- VMX Distributed Storage Fabric, or DSF. DSF provides Objects with a multitude of enterprise grade capabilities such as resiliency, seamless scalability, security, and data reduction properties like erasure-coding, deduplication, compression and high availability
- VMX Files is a file storage solution designed to address a wide range of use cases, including Linux support and Windows home directories, user profiles and department shares. It precludes the need for a separate NAS appliance or file server by providing a consolidated solution with unified management for VM and file services.
- A VMX Files service consists of two parts: File server VMs to handle the client connections, and the highly scalable and available VMX Volumes for storing the data. VMX Volumes ensures that the Files cluster has access to the entire storage pool on the VMX cluster, and can grow on-demand.
- Multiple File clusters can be created on a VMX cloud for those environments that need complete namespace isolation between departments or customers.
- The file server VMs can be scaled out as needed in lock step with the applications, files, and number of users. Files supports both SMB and NFS protocols.
- VMX FILE SERVICE CAPABILITIES:
Software defined compression and ensures highly efficient file shares. VMX Files Capacity based licensing lets organization pay for what they need when they need it. Automated tiering ensures data is placed on the tier of storage that makes the best performance and economic sense.
Integration with VMX cloud self-service portal makes for simple single pane of glass management for all your file services. User facing portals for file share creation and file data protection and recovery empowers users to control file data at their speed. And REST API access for most VMX Files activity result in easy automation and consistency
VMX Files service can support billions of files with on demand scalable storage.
VMX Files goes beyond file services to offer a rich set of file analytics capabilities, which Admins can use to monitor and alert on unusual user behaviour, or review audit trails or track file permissions lineage.
- Files can be deployed easily from VMX cloud Management console, the same management interface used to manage the entire stack of compute, storage,
- Single Namespace A single namespace is exported from the Files cluster, no matter how large the cluster is.
- Scale and Performance Files is built to handle billions of files by design, and tens of thousands of user sessions. As the environment grows, the cluster can be scaled up by adding more vCPU and memory to the file server VMs, or scaled out by adding more file server VMs.
- Enterprise Storage Features Highly available by design, Files inherits enterprise storage features including intelligent tiering, erasure coding, and compression from DSF. It also enables per user quota for finer control of the file server deployment with organization policies.
- VMX Database Service is the only cloud database-as-a-service for Microsoft SQL Server, Oracle Database, PostgreSQL, MongoDB, and MySQL. Efficiently manage hundreds to thousands of databases.
- Powerful Database Management Capabilities
Database Lifecycle Management
Manage the entire database lifecycle, from database provisioning and scaling to version upgrades and patch automation.
Database Management at Scale
Manage hundreds to thousands of Microsoft SQL Server, Oracle, PostgreSQL, MySQL, and MongoDB databases on VMX cloud — all from a single control plane
Self-Service Database Provisioning
Enables self-service database provisioning for both dev/test and production use via API integration with popular infrastructure management and development tool (e.g., Service Now).
quickly roll out patches across some or all of your databases to protect against the latest security threats and restrict access to databases with Role-based access controls to ensure compliance with regulatory requirements and best practices.
- Key Benefits
- Simplified Database Operations Streamline all your Microsoft SQL Server, Oracle database, PostgreSQL, MariaDB MySQL, and MongoDB databases.
- Operational Consistency and Increased Productivity Automate patching, upgrades, cloning, and backups to ensure operational consistency and free-up time for higher Value tasks.
- Retain Control and Maintain Database Standards Choose the right operating systems, database versions, and database extensions to meet application and compliance requirements.
- Accelerate Software Development Integrate with infrastructure management and developer tools for self-service database deployment, shortening Time-to-market
- VMX Flow delivers advanced network security, providing visibility into the virtual network, application-centric protection from network threats, malware, and ransomware and security and compliance monitoring.
- Flow allows organizations to deploy software-defined virtual network security without the complexity of installing and managing additional products that have separate management and independent software maintenance requirements.
- Fully integrated into the VMX cloud solution, VMX Flow differs from traditional perimeter firewalls by allowing network policy to be attached to VMs and applications, rather than specific network segments (e.g., VLANS) or identifiers (IP addresses).
- Application and Network Visualization
- Creating the right network policies requires a complete understanding of workload behavior.
- VMX Flow provides a detailed visualization of communications between VMs along with assistance in categorizing and grouping workloads, making it simple and straight-forward to set the right policies for the environment.
Network Isolation and Micro segmentation
Micro segmentation provides granular control and governance of all traffic into and out of a virtual machine (VM), or groups of VMs. It ensures that only permitted traffic between application tiers or other logical boundaries is allowed and protects against advanced threats propagating within the virtual environment.
Identity-Based Network Policy
Identity Firewall in Flow allows EUC policy to incorporate the additional context of a user's identity. Group and role information pulled from directory services combine to create a more granular yet dynamic policy model.
Service Insertion and Chaining
VMX Flow functionality can be extended to leverage virtualized network functions from third-party security solutions. These services are inserted in-line or in tap-mode with VM traffic, and can be easily enabled for all traffic, or deployed only for specific network traffic. Common network functions include virtual firewalls, load balancers, threat detection, and application performance monitoring.
Monitoring, Compliance Audit, and Reporting
Flow’s Security Central provides a security operations portal for your VMX cloud infrastructure adding visibility and control of network traffic and VMX security configurations along with out of the box audit and reporting for common security and compliance regulations such as HIPAA, PCI, and NIST. You can also create custom audit checks to align with your specific security compliance needs
- KEY BENEFITS
- Application centric network policies for VMs
- Works with any network topology or architecture
- Application and network visibility
- Policy change management tied to VM lifecycle
- Prevent the propagation of network security threats
- Adds Identity based security to EUC/VDI deployments
- Security posture visibility and tracking dashboard
- Compliance audit and reporting regulations like HIPAA, PCI, NIST, and more
- Expand functionality via third- party network inspection and policy tools
MANAGED ENTERPRISE KUBERNETES WITH VMX KARBON
Karbon is VMX’s enterprise Kubernetes management solution that enables turnkey provisioning, operations, and lifecycle management of Kubernetes. Unlike other Kubernetes solutions, Karbon integrates seamlessly with the entire VMX cloud-native stack, and dramatically simplifies Kubernetes without vendor lock-in.
Deploy production-ready, multi-master Kubernetes clusters in only a few
Automatically configure and deploy your Kubernetes clusters for high availability (with or without an external load balancer) through a simple, streamlined workflow.
Easily configure persistent storage
Every Karbon Kubernetes cluster is deployed with VMX’s full-featured CSI driver, which natively integrates with VMX Volumes and VMX Files to easily provide persistent storage for containerized applications. VMX Supports persistent volume Read-Write-Once (VMX Volumes & VMX Files) and Read-Write-Many (VMX Files only) access modes. S3-compatible storage is also easy to set up with VMX Objects
Scale seamlessly, without limit
Add Kubernetes worker nodes with a single click. When additional physical resources are needed, expanding the cluster is just as simple.
Upgrade nodes and Kubernetes versions without downtime
Streamline node operating system patching and upgrade Kubernetes to the latest version with no disruption to production applictions
Monitor, log, and get alerts
Karbon integrates best-in-class open-source tools for cluster monitoring, logging, and alerting. Prometheus, ElasticSearch, Fluent Bit, and Kibana (EFK stack) are deployed on every cluster
Get expert full-stack support from a proven vendor
Easily get to the bottom of any technical issue. VMX is your single source of technical support for the entire Cloud Native Platform.
- 20 minutes to deploy production- ready Kubernetes clusters
- Automated scaling and upgrades
- Expert technical support covers the entire stack
- Complete Solution
- Seamlessly integrates Kubernetes monitoring, logging, and alerting
- Integrated CSI delivers persistent block and file storage
- No lock-in
- Native Kubernetes user experience with open APIs
- The VMX Cloud Platform is the turnkey foundation of the ideal infrastructure for software development that delivers storage, compute, virtualization, and container services in a single fabric for all workloads.
- VMX solutions enable software businesses to quickly solve their infrastructure challenges and accelerate code releases to gain a competitive advantage.
- Agility and elasticity are the primary benefits, and businesses can reduce costs by paying for additional capacity only when needed. A VMX hybrid multicloud provides these benefits together with the control and security not available from public cloud alone.
- The VMX Cloud Platform is designed to offer a consistent experience between on-premises and VMX cloud infrastructure.
- You can move workloads and data across these environments without the risk, cost, or time needed to refactor applications and truly achieve freedom from any lock-in to the underlying cloud.
- PERFORMANCE & RESILIENCE
- Our innovative hyperconverged infrastructure software keeps data local to the application to ensure the fastest possible performance, while also decreasing network traffic.
- Advanced machine learning technology balances resource consumption across the full HCI environment for maximum optimization of development processes
- AUTOMATION & SELF-SERVICE
- The VMX Cloud Platform links intelligent signals with automated actions, allowing IT and developer teams to automate day-to-day operational tasks with zero coding.
- Productivity is instantly improved as the VMX management solution automatically analyzes consumption across all VMs, detects inefficiencies, and corrects provisioning issues with no administrative intervention
- Empower developers and others in the organization to provision and manage their own applications
- The VMX Cloud Platform can provide powerful, application-centric self-service capabilities with role-based access control. All activities and changes are logged for end-to-end traceability, aiding security teams with key compliance initiatives.
- VIRTUAL DESKTOP FOR REMOTE WORKERS
Developers need 24x7 access to systems, and supporting a remote (and sometimes global) workforce can be a challenge. Traditional end-user computing (EUC) solutions are overly complex and can pose performance, security, and business continuity risks. Projects can take months to implement and are often CapEx intensive.
- ADVANCED DATABASE DEPLOYMENTS
- Whether running your business or powering your software applications, databases are mission-critical. VMX database solutions combine exceptional performance, security, availability, and efficiency with management simplicity and automation
- By enabling one-click provisioning, patching, and clones/snapshots across multiple database engines, developers can accelerate time-to-market for new applications while preventing costly data sprawl and ensuring security with standardization.
- Automate Operations and Accelerate Service Delivery
Accelerate application delivery across clouds with automation and DevOps best practices.
- Increase Productivity
Give developers the flexibility and performance to iterate faster.
- Speed Time to Market
Leverage VMX agility in moving code from dev to production.
- Lower Costs
Securely run Dev/Test alongside your other workloads on the same infrastructure
VMX Cloud Governance is one of the key pillars of the VMX solution that helps establish our customers’ true hybrid cloud operating model by delivering the following critical capabilities:
- Enables IT organizations to track Cloud consumption with a single pane of glass
- Provides IT admins with cost savings insights and remediation through resource rightsizing, purchasing recommendations, and schedule based automated actions
- Allows IT admins to set business policies to govern cloud spend
Provide One-Click Visibility to cloud Cost Consumption
Pre-built dashboard and reports:
Schedule out-of-box reports or build your own to ensure stakeholders always have visibility into cloud spend
Unique out-of-box TCO model that delivers cloud cost metering:
Pre-configured cloud TCO models make capacity based cost allocation for your cloud resources.
- Pre-built dashboard and reports:
Reduce Cloud Spend by Offering Insights for Mutlicloud Tools
Easily delete resources that are identified as under-utilized right from your cloud account.
Automatic Cost Savings Actions:
Eliminate manual tasks by enabling Playbooks that are triggered based on predefined schedules.
Predictive monitoring-based machine learning to report cost spikes for action.
- Saving Recommendations:
Control Cloud Cost Sprawl by Tracking Resource Spend to Customers
Tag based mapping of spending to a cost center and automatically chargeback unassigned spending to your business units
Ensure that you are aware of overspending by creating budget alerts and tracking against plan.
Map cloud resources to teams for greater visibility and control
- Enable Chargeback:
- Provide One-Click Visibility to cloud Cost Consumption
Multi Cloud Multi Service Coverage
- Cost Governance provides coverage for VMX Cloud as well as AWS, Azure, and GCP environments.
- It also includes the REST and script actions that can connect to other tools and system.
Broad Coverage and with Deep Integrations
- Cost Governance has out-of-box integration with Service Now and Slack
Total Cost of Ownership Savings
- Save 35% with Reserved Instance Purchase Recommendations
- Take the guesswork out of managing multicloud costs by automating cloud ops through Playbooks
- Multi Cloud Multi Service Coverage
- Security is a core part of the VMX CLOUD platform and was kept in mind from day one since designing the solution. The VMX CLOUD platform incorporates security into each and every component. The VMX CLOUD controlled parts of the platform is secure out of the box, rather than being an afterthought requiring end-users to "harden" the platform.
VMX CLOUD is designed on the basis of 3 core components of security architecture
Protect and secure data by preventing unauthorized access
Ensure the consistency and accuracy of data by preventing unauthorized alteration
Ensure authorized users get access to data through resiliency and redundancy
VMX Security Certifications & Accreditations
Security Technical Implementation Guides (STIGs)
- Configuration standards for DOD IA and IA-enabled devices/systems. Since 1998, DISA Field Security Operations (FSO) has played a critical role enhancing the security posture of DoD's (Dept of Defense) security systems by providing the Security Technical Implementation Guides.
- FIPS 140-2 standard is an information technology security accreditation program for cryptographic modules produced by private sector vendors who seek to have their products certified for use in government departments and regulated industries (such as financial and health-care institutions) that collect, store, transfer, share and disseminate sensitive but unclassified (SBU) information.
SIP application protection
- Defense against SIP flood and SIP Methods flood attacks, including Register flood, De-registration flood, Authentication flood, and Call flood attacks; support for source rate limiting
Defense against UDP reflection and amplification attacks
- Defense against NTP, DNS, SSDP, Chargen, TFTP, SNMP, NetBIOS, QOTD, Quake Network Protocol, PortMapper, Microsoft SQL Resolution Service, RIPv1, and Steam Protocol reflection and amplification attacks
- IP, TCP, UDP, ICMP, DNS, SIP, and HTTP packet filters
Attack signature databases
- RUDY, SlowHTTPTest, SlowLoris, LOIC, AnonCannon, RefRef, ApacheKill, ApacheBench; automatic upd
- Security Technical Implementation Guides (STIGs)
- All incoming data traffic from the Internet will be filtered through the WEB WERKS scrubbing facilities. Based on a per IP configuration, the dirty traffic will be blocked, and all normal traffic will be forwarded back to the user
Customers with own ASN can use the DDoS IP protection service as one of their normal IP transit carriers. Just by announcing a /24 or larger, no data traffic is filtered by default. In case of having a DDoS attack on one of its IP subnets, the user can enable the attack IP subnet(s) for protection
Centrally managed platform
To be prepared for future attacks, users can configure their defenses upfront. One simple configuration for only a single /32 subnet, or an advance configuration for multiple /24 subnets, it all can be configured by the WMX Cloud client panel.
Default DDoS attack tools defense
Known DDoS attack tooling will be blocked by default signatures (like some examples in the list below). The WEB WERKS Cloud NOC is adding frequently new signatures and users can create their own combinations of settings to protect any kind of future DDoS attack on their custom-made applications.
Defense against protocol abuse attacks
Defense against LAND, Fraggle, Smurf, Winnuke, Ping of Death, Teardrop, and TCP Error Flag attacks
Web application protection
Defense against HTTP GET flood, HTTP POST flood, HTTP slow header, HTTP slow POST, HTTPS flood, WordPress reflection and amplification, RUDY, and LOIC attacks; packet validity check
Defense against scanning and sniffing attacks
Defense against address sweep and port scan attacks, and attacks using Tracert packets and IP options, such as IP source routing, timestamp, and route record options
DNS application protection
Defense against DNS Query flood, DNS Reply flood, and DNS cache poisoning attacks; source-based rate limiting
Defense against network-type attacks
Defense against SYN flood, SYN-ACK flood, ACK flood, FIN flood, RST flood, TCP Fragment flood, UDP flood, UDP Fragment flood, IP flood, ICMP flood, TCP connection flood, SockStress, TCP retransmission, and TCP null connection attacks
Data Encryption and Key Management
Data encryption is a method that allows parties to encode data in a manner that only those who are authorized can make sense of the data, making it unintelligible for anyone who is unauthorized Supported Methods of Key Managment
Symmetric Encryption (private key encryption):
The same key is used to both encrypt and decrypt data
Asymmetric Encryption (public key encryption):
One key is used for encryption (public key), another is used for decryption (private key)
- Symmetric Encryption (private key encryption):
VMX CLOUD provides data encryption via three main options:
- Native software-based encryption (FIPS-140-2 Level-1)
- Using self-encrypting drives (SED) (FIPS-140-2 Level-2)
- Software + hardware encryption
- VMX CLOUD provides data encryption via three main options:
WAF & Firewall
Easy to Deploy and Manage Full-Featured WAF
FortiWeb Cloud WAF-as-a-Service delivers the protection of a full-featured WAF as you rapidly roll out applications in public cloud environments. There’s no need to manage and maintain your own infrastructure. Your attack surface changes every time you deploy a new internet-facing application, and with public clouds, you can deploy those internet-facing applications more rapidly than ever
Web Application Security Protect against the OWASP Top 10 and other known and unknown threats using FortiWeb Cloud’s comprehensive web application security, including IP reputation, DDoS protection, protocol validation, and application attack signatures.
AI-based Bot Defense
Block the full range of malicious bot activity (content scraping, denial of service, data harvesting, transaction fraud) quickly and easily. This feature protects websites, mobile applications, and APls from automated threats. FortiWeb Cloud bot mitigation features include thresholds, biometric bot detection, bot deception, and machine learning-based bot mitigation.
Once activated via your favorite cloud marketplace or via an annual contract purchase, follow the built-in setup wizard to deploy in minutes. With predefined policies and machine learning to automatically keep up with your changing application, FortiWeb Cloud delivers the security you need within minutes without the complexity required when setting up other WAF solutions. More advanced users can easily enable additional security modules if needed, free of charge. Deploy in minutes and you’re protected from threats such as cross-site scripting, cross-site request forgery, denial-ofservice, brute-force attacks, and SQL injection.
Address regulatory compliance requirements for public-facing applications, including the PCI DSS 6.6. WAF requirement.
- Easy to Deploy and Manage Full-Featured WAF
TECHNICAL FEATURES AND CAPABILITIES
- Optional CDN
- URL rewriting
- Content routing
- HTTPS/SSL offloading
- HTTP compression
- Active and passive authentication
- Site publishing and SSO
- LDAP, RADIUS, and SAML support
- SSL client certificate support
- CAPTCHA and Real Browser Enforcement (RBE)
Management and Reporting
- Web user interface
- FortiView graphical analysis and reporting tools
- REST API
- Centralized logging and reporting
- User/device tracking
- Real-time dashboards
- Bot dashboard
- OWASP Top 10 attack categorization
- Geo IP analytics
- Web services signatures
- XML and JSON protocol conformance
- Malware detection
- Protocol validation
- Brute-force protection
- Cookie signing and encryption
- Threat scoring and weighting
- Syntax-based SQLi detection
- HTTP header security
- Custom error message and error code handling
- Application Delivery
VMX Analytics Service empowers business users, data engineers, and data scientists to access and process data, evaluate predictions, and make quick and accurate decisions.
VMX Managed and Native service platform services includes
- Interactive Analytics
- Big Data Processing
- Real time analytics
- Operational Analytics
- Data Visualization & Visual Data Preparation
- Real Time Data Movement
- Predictive analytics and Machine Learning
Benefits of VMX Data analytics service
Fast Time to Value:
Get Big Data applications up and running on VMX Cloud in just a few hours.
Easily Adapt to Change:
Bring cloud flexibility to your infrastructure—pilot projects, expand when ready, and redeploy assets when requirements change.
- Fast Time to Value: