Q: What types of input data streams does Cloudamize support?
A: Cloudamize supports VMware ESX/ESXi environments, Microsoft Hyper-V, and physical servers (Windows and Linux).
Q: Which IaaS providers does Cloudamize support?
A: Cloudamize supports Amazon Web Services, Google Cloud Platform, and Microsoft Azure.
Q: Does Cloudamize support standalone ESXi?
A: No, Cloudamize only supports ESXi through vCenter. To download a free 60 day trial of VMWare for the Cloudamize Assessment, please go to https://my.vmware.com/web/vmware/evalcenter?p=vsphere-55.
Q: What is the assessment life
...
cycle?
A: See the following:
Event | Result |
Account creation | Access key generates |
Agent installation | Assessment |
can be started |
Assessment |
is started | Data collection begins |
Data collection completes | Results |
processing begins | |
Results processing completes | Results are delivered |
Subscription period ends | Portal access terminates |
Q: Do we have any visibility via Cloudamize on what traffic goes via the Netscaler?
A: Network application inter-connectivity is based on the connections (local IP and foreign IP) observed in each machine. If we see a foreign IP for Netscalers, we will detect that connection. Usually, firewall/security appliances (e.g., Netscalers) are invisible because they implicitly monitor traffic in the intermediate path. They are not the local IP or foreign IP.
Q: Could you please explain how cache memory is measured and processed in the reports at the end of the measurements?
A. Cloudamize queries the OS directly on cached memory, but does not display this info directly in the results. The Sizing results consider cache memory usage when determining memory usage. Memory usage = Total memory - free Memory - cached. The only related metric we expose is the peak used memory in the infrastructure details. Currently Available (GB): Available memory on the customer’s machine. Peak Used (GB): 95th percentile of all observed/adjusted daily peak memory usage on the customer machine.
Q: Are network-layer vulnerability scans completed regularly as prescribed by industry best practices Please describe scope/coverage scan areas?
A. Yes, all assets on weekly basis
Q: Do Cloudamize regularly undertake a patching regime on their server estate?
A. Every 4 weeks or earlier if required
Q: What monitoring tools are in place in terms of DLP (Data Loss Prevention) and intrusion detection?
A. Alert Logic. IDS/Log management
Q: Does Cloudamize capture the PAAS services details and how will it capture?
A. Cloudamize do not collect any PAAS service details in general. Only Infrastructure details to provide respective recommendations on the desired cloud.
Q: Will CloudAmize gather the SSIS packages installation details on the server?
A. Unfortunately, Cloudamize does not gather the SSIS packages installation details on the server
Q: Does cloudamize supports SAML authentication?
A. The Cloudamize is not designed to use SAML authentication, and only supports the username/password method for now.
Q: The user doesn't want to send their data to Cloudamize SaaS server, is there a way to store the data locally in their premises and do assessment on top of it?
A. This is not possible, as the data needs to exist in our collection databases for us to perform processing tasks, and to make it available to view on the portal.
Q: Will SSE server credentials be required to complete the machines discovery?
A. No, SSE( (Secure Socket Extension) credentials are not required for machine discovery process and communication to the Cloudamize end point servers.
Q: Regarding UDP Firewall rules which delivered in the Cloudamize results, are they captured for Inbound or Outbound traffic, can you please confirm?
A. As the UDP is connectionless, we don't track inbound/outbound for these ports, instead, we are getting the data from a table that includes local IP and port information. These are the ports that the server is listening for UDP transmissions on, and from where.
Q: Does Cloudamize include the license costs for Oracle Linux and RHEL instances?
A. The BYOL doesn’t include Oracle Linux and RHEL. The License cost is about SQL.
Q: Can we look or access the NAS storage through Cloudamize? Can we collect data from NAS device ?
A. We can collect this data but we don't collect it directly from the NAS device (since they normally don't have a full OS, we can't install an agent on them directly). We do collect data from all of the logical disks on a server so if a server has a NAS mounted as a logical drive, we will collect the the data when we run data collection on the server.
Q: Does Cloudamize support AIX OS?
A. No, Cloudamize doesn't support AIX. The agent can't be installed on them.
Q: Does the Cloudamize capture certificate information from the nodes?
A. No, Cloudamize doesn’t capture certificate-related information from the nodes.
Q: Why does Cloudamize require Admin permission for installation?
A. Cloudamize Windows Agent (CWA) process will run as SYSTEM account. That is why Admin permission is required to install it.
Q: Does “supported versions of OpenSSL” mean supported by the agents or by the OpenSSL Software Foundation?
A. Supported means officially supported by OpenSSL. To simplify the minimum supported version is v3.0.0. Version 1.1.1 was previously supported and may still work, but we cannot guarantee this and would advise 3.0.0 for security purposes.
Q: What is the Cloudamize data destruction policy once the data analysis is complete?
A. We delete user’s data from Database after 76 days from the expiration. For the next 14 days, data will be available in backups. After 90 days, data will not be available in backups. All(raw and cooked) collected data will be deleted from the system.
Q: Does Cloudamize capture the licensing information of Red Hat shop?
A. No, Cloudamize currently does not capture the Red Hat shop licensing information
Q: How will the communication of applications between servers be captured?
A. Application communication data is captured from the OS directly. No packet interception takes place, we’re only looking at ports, source and destination IPs where available to the OS, times and durations of communications, and sizes of communications. The communications content is not captured.
Q: What is the data retention policy? and When is data effectively deleted?
A. We delete user’s data from Database after 76 days from the expiration. For the next 14 days, data will be available in backups. After 90 days, data will not be available in backups. All(raw and cooked) collected data will be deleted from the system.
Q: Are the Inbound/Outbonds Firewall rules collected, if they are really from firewall rules configured on the machines (for eg:, if the list is got from Firewall rules list of Windows) or if those records are collected checking if the ports were open during the collection time?
A. The Firewall Rules report is built using port data from application connections detected during the data collection phase. The agent does not query firewalls directly, rather it uses the ports identified from process data to build an image of required firewall ports.
Q: Will Cloudamize gather the auditing details on the database?
A. Cloudamize can provide Limited auditing details around performance and peak utilization for rightsizing of machines and licenses, nothing further than that.
Q: Does Cloudamize support data collection from Citrix enviornment?
A. Certain types of Citirix environment are not supported for data collection; if the environment uses dynamic server creation then it is not compatible with Cloudamize, as servers that are spun up and down are created with different UUIDs each time, and would register as a new server on the Cloudamize portal each time.
If the entire environment uses static servers then data collection will function; the customer would need to use Agents or Agentless Data Collectors in this case.
Q: Does Cloudamize support the use of SSH keys for authentication on Linux servers, instead of entering a username and password?
A. The Cloudamize Agentless Data Collector or Agent is not designed to use public keys, and only supports username/password method for now.
Q: Are the environment and the command line transmitted to the cloud service when processes are scanned? Secrets could in principle become visible here?
A. No. Only data used for processing results is sent to the Cloudamize servers after being gathered and formatted locally. Transmitted data is encrypted prior to transmission.