Skip to main content

Cloud Connector Overview

⚠️ WARNING: THIS FEATURE WILL BE AVAILABLE FROM 25.3.2 RELEASE

The Xshield Cloud Connector is a cloud-native micro-segmentation service that provides comprehensive visibility and security for your cloud environment without requiring the deployment of any agents. This agentless approach enables organizations to implement security policies and gain insights into their cloud infrastructure seamlessly.

The Cloud Connector software runs within ColorTokens cloud accounts and securely accesses resources from your cloud accounts using read-only APIs provided by your cloud provider. This architecture ensures that your sensitive data never leaves your cloud environment while enabling comprehensive security monitoring and policy enforcement.

What is Cloud Connector?

Cloud Connector is an innovative security solution that bridges the gap between traditional network security and modern cloud environments. It operates entirely within the cloud infrastructure, leveraging native cloud constructs to deliver security capabilities that were traditionally dependent on physical or virtual appliances.

Position in the Xshield Ecosystem

Cloud Connector is one of four sensor types in the Xshield platform:

  • Agents: Software installed directly on servers and endpoints for host-based protection
  • Gatekeepers: Network appliances for securing OT/IoT devices and legacy systems where agents can't be deployed
  • Containers: Protection for containerized workloads and microservices
  • Cloud Connectors: Agentless cloud-native service for securing cloud resources through API integration

This multi-sensor approach allows organizations to implement comprehensive Zero Trust micro-segmentation across hybrid IT/OT environments.

How It Works

The Cloud Connector integrates directly with your cloud provider's native services and APIs to:

  • Monitor Resources: Continuously discovers and monitors cloud resources including virtual machines, databases, storage accounts, and other cloud services through secure API integration
  • Analyze Traffic: Performs near-real-time network traffic flow analysis using cloud-native flow logs to understand communication patterns and identify potential security risks
  • Enforce Policies: Implements micro-segmentation policies at the cloud resource level using cloud-native security constructs and network controls

Key Features

Agentless Architecture

  • No software installation required on target systems
  • Reduces operational overhead and maintenance complexity
  • Eliminates potential performance impact on protected resources
  • Ideal for cloud resources where agent deployment is impractical or restricted

Near-Real-Time Visibility

  • Near-real-time discovery and monitoring of cloud resources
  • Comprehensive inventory of virtual machines, databases, storage accounts, and more
  • Dynamic tracking of resource changes and configurations

Network Traffic Analysis

  • Deep visibility into network communications between cloud resources using flow logs
  • Traffic flow analysis for security and compliance monitoring
  • Identification of anomalous communication patterns

Cloud-Native Policy Enforcement

  • Implementation of micro-segmentation policies using native cloud security controls (e.g., Azure NSGs)
  • Non-destructive policy application that preserves original configurations
  • Template-based approach that converts existing security groups into manageable policies

When to Use Cloud Connector

Cloud Connector is ideal for scenarios where:

  • Cloud-native environments require security without agent overhead
  • Compliance requirements mandate minimal software installation
  • Ephemeral workloads make agent management challenging
  • Managed cloud services (databases) need protection
  • Organizational policies restrict agent deployment on certain resources
  • Mixed environments where you have both cloud resources and on-premises systems with agents

Benefits

  • Simplified Deployment: No agent installation, configuration, or maintenance required on your cloud resources
  • Cloud-Native Integration: Leverages existing cloud security constructs, APIs, and services for seamless operation
  • Automatic Scalability: Dynamically scales with your cloud environment growth without manual intervention
  • Enhanced Security: Operates with read-only access to your cloud APIs, ensuring minimal security footprint
  • Cost-Effective: Reduces the need for additional security infrastructure, tooling, and operational overhead
  • Non-Disruptive: Preserves existing cloud configurations while adding security capabilities

Security Model

Cloud Connector implements a secure, least-privilege architecture:

  • Read-Only API Access: Uses minimal permissions for resource discovery and monitoring
  • Data Residency: Your cloud data never leaves your cloud environment
  • Native Security Controls: Enforces policies through cloud provider security constructs
  • Template-Based Management: Preserves original configurations while enabling policy-driven security
  • Audit Transparency: All security changes are visible through standard cloud management interfaces