It has been a very productive summer here at Dome9! Our engineers have been heads down working hard to improve the platform and keep the drumbeat of new features going strong. We’re very excited to finally talk about what’s new. The major improvements and upgrades fit under three pillars:
Azure Security Management
Active Management of Azure Security for all Customers: In January this year, Dome9 announced native API-enabled support for Microsoft Azure, becoming the first cloud security automation solution to offer agentless multi-cloud capabilities. Based on the strong customer interest in Azure security and compliance management, we’re continuing to build out our capabilities on the platform.
Dome9 Arc now offers full read/write control over security policies in Azure environments. This allows our customers to not only find security vulnerabilities quickly and easily but also fix misconfigurations in place from within the platform. You no longer have to find the problems in Dome9 and then leave the platform to fix them. This is a big step forward in true multi-cloud security automation. Security and compliance automation for Microsoft Azure remains a priority for Dome9.
IP List support for Azure NSG’s: One of the most widely used capabilities in the Dome9 platform is the ability to create IP lists, named objects that group known IPs and can be used in security policies.
For example, say you have 15 IP addresses representing endpoints within your global offices. You can create a “Company-Global” IP list with these IP addresses and use this IP list in your security policies to allow or deny access to resources in your cloud environment. If you add a new endpoint in an office, you can simply add that IP address to your Company-Global list, and have it automatically propagate to all security policies in your cloud environment.
We are now rolling out the ability to create and use IP lists directly in your Azure Network Security Group (NSG) ruleset. It is now easier than ever to keep this security policies neat, organized and accessible.
Dome9 Clarity is a crown jewel of the Dome9 platform. Clarity offers powerful visibility into cloud assets and security policies in cloud environments, allowing you to find and fix misconfigurations quickly.
Clarity is now getting a major upgrade. The new Clarity NG, now live, brings improved overall performance and an enhanced user interface. New UI features include: filtering capabilities (Filter by tags, Filter by node), the ability to show empty regions or regions which have only security groups and not assets.
Support for ElastiCache: We recently added ElastiCache to the growing list of supported entity types in the Dome9 Compliance Engine. With this release, Dome9 customers can now specify and enforce security policies involving ElastiCache in their cloud environments using the Compliance Engine.
Homepage Improvements – Added Account and Bundles Show/ Hide Filter: A quality-of-life improvement, this update means that you can now keep only the accounts and bundles that you want visually represented on the homepage of the compliance engine. Just one more way we help to ensure that you can get from a moment what would take hours to determine outside of our platform.
Export to CSV Option: Results from a run of the Compliance Engine can now be downloaded in a format that is appropriate for analysis in other tools rather than being available only as a PDF.
Added support for Azure VNet and Subnet: What we enable for Azure management is more than just a generalist approach. We’re allowing you to go deep and visualize your individual Azure Virtual Networks and keep them under control. These complex networks are now understandable at a glance and controllable with a few simple clicks.