The CloudKnox Cloud Security Platform is comprised of two components: Sentry & FortSentry

Sentry is a Linux virtual machine that is installed in the customer environment. Our solution requires one Sentry appliance per cloud platform. Sentry collects the privileges and activity data of all unique identities that can touch the infrastructure from each cloud platform and uploads the data to the SaaS portal – FortSentry. If there is an external directory configured, the identity data will be pulled directly from the directory.

Implementation

The CloudKnox time-to-value is immediate. Once CloudKnox has been installed, which usually takes less then 30 minutes, we immediately begin pulling data from your cloud platform(s) using our Sentry appliance.

It typically takes 3 to 4 hours for us to pull an entire 90-day data set from one cloud platform such as AWS, but once the data has been exported, you immediately gain a three dimensional view of all your machine and human identities, their actions (privileges) and the resources they have accessed at which point you can begin to protect your infrastructure from insider threats.