Protecting Your Business

Rackspace works with select partners who are security market leaders and innovators, allowing you to take advantage of security best practices enhanced with the collective expertise of Rackspace and its partners.

  • Employ best practices and advanced solutions: Rackspace targeted security solutions leverage technology from leading security partners. You get the performance of leading solutions along with the collective expertise of Rackspace security professionals.
  • Extend your protection: Rackspace security professionals and partners can be a force multiplier in extending the resources of your internal security team.
  • Meet security goals while lowering TCO: Many organizations find that they can leverage the power of Rackspace and our partners for less than the cost of an in-house solution.
Back to top

Distributed Denial of Service (DDoS) Mitigation

Leverage DDoS Mitigation to stop overwhelming malicious traffic from preventing legitimate use.

Rackspace DDoS Mitigation: Rackspace DDoS Mitigation helps maintain availability for your Managed Hosting services through a unique hardware-based protection system. It combines two powerful alerting technologies to identify an attack (network-level packet scanning and server-level anomaly detection) and then precision elimination of DDoS traffic to mitigate its effects. Learn more about Rackspace DDoS Mitigation.

Incapsula: Incapsula’s cloud-based Web Application Firewall (WAF) provides enterprise-grade protection with custom security rules tailored to your organization’s security policy and use cases.

  • 24/7 premium support and 99.999% uptime SLA.
  • Level 1 PCI-certified Web Application Firewall.
  • Managed and tuned 24/7 by Incapsula’s security experts.
  • Incapsula helps organizations of all sizes stop web attacks, mitigate DDoS attacks, and meet PCI 6.6 compliance.
  • Protection against OWASP (Open Web Application Security Project) Top 10 Threats such as SQL injection, cross-site scripting, illegal resource access, remote file inclusion.
  • Incapsula’s custom security rules allow you to enforce your organization’s security policy in an optimal manner.
  • Incapsula’s Web Application Firewall is certified by the PCI Security Standards Council.
  • Using crowdsourcing techniques, Incapsula's Web Application Firewall protects your websites and applications with collective knowledge about the current threat landscape.
  • Powerful access control capabilities enable you to define exceptions and minimize false-positives.
Back to top

Managed Anti-Virus

Sophos: Sophos Managed Anti-Virus solution prevents, detects and removes malicious computer viruses and malware.

  • Protects your mobile users while on and off the network to ensure devices and data security.
    • Whether corporate mobile devices or BYOD (Bring Your Own Device) personal devices, protecting end-users viruses and malware can be challenging (seemingly limitless threats and wide variety of devices).
    • Protecting end-point devices while off-the-network helps reduce risk of transferring malware and viruses to the network once device reconnects.
  • Blocks threats targeting 90% of known vulnerabilities — reducing your attack surface and protecting your data.
    • Identifies suspicious behavior before and during program execution.
    • Provides unique technology that also identifies components (or DNA) of suspicious behavior that may be indicative of a threat. (Sophos coins this as “Behavioral Genotype Protection”.)
  • Reduces risk of infection with Cloud based protection against fast moving threats (before signatures are delivered to endpoints). Includes Sophos Live Protection — a real-time threat database used to get current information about known threats.
  • Simplified management and fewer point solutions allows you to focus on your business. Solution provides a single console, single installation, single agent and supports Windows, Linux in physical and virtual environments.
Back to top

Intrusion Detection Systems (IDS)

Alert Logic Threat Manager IDS solution monitors network and system activities for malicious activities or policy violations:

  • Key insight to network activity and the real threats to your environment.
  • Identifies suspicious activity in network traffic, quickly identifying threats to your IT assets so that you can respond.
  • Leverages the analysis of billions of events with a patented expert system.
  • Leverage Threat Manager to meet compliance challenges.
  • Provides key elements to address the requirements of PCI DSS, HIPAA/HITECH, GLBA, Sarbanes-Oxley, and other mandates. Alert Logic is a PCI-Approved Scanning Vendor (ASV).
Back to top

Web Application Firewall (WAF)

Intercept Malicious Traffic Aimed at Web Applications

Imperva:

  • Imperva SecureSphere Web Application Firewall analyzes all user access to your business-critical web applications and protects your applications and their data from attacks.
    • Dynamically learns your applications’ “normal” behavior and correlates this with the industry’s leading threat intelligence for web applications to deliver superior protection.
    • Identifies and acts upon dangers maliciously woven into innocent-looking website traffic; traffic that slips right through traditional defenses. This includes application vulnerability attacks such as SQL injection, cross-site scripting and remote file inclusion; business logic attacks such as site scraping and comment spam; and fraudulent activity like account takeover attacks.
  • Imperva SecureSphere Web Application Firewall industry leading technology provides:
  • Correlated Attack Validation — To provide exceptional accuracy to block only bad parties, while eliminating impact to legitimate customers.
  • Flexible deployment options — Physical or virtual appliance.
  • Deep Threat Intelligence — SecureSphere defenses are built using ongoing threat analysis from the renowned dedicated Imperva Application Defense Center (ADC) research department.
  • Extensive Reporting — To facilitate compliance and forensics, and ongoing monitoring for in-depth analysis of attacks during and after the fact.

Incapsula: Incapsula’s cloud-based Web Application Firewall (WAF) provides enterprise-grade protection with custom security rules tailored to your organization’s security policy and use cases.

  • 24/7 premium support and 99.999% uptime SLA.
  • Level 1 PCI-certified Web Application Firewall.
  • Managed and tuned 24/7 by Incapsula’s security experts.
  • Incapsula helps organizations of all sizes stop web attacks, mitigate DDoS attacks, and meet PCI 6.6 compliance.
  • Protection against OWASP (Open Web Application Security Project) Top 10 Threats such as SQL injection, cross-site scripting, illegal resource access and remote file inclusion.
  • Incapsula’s custom security rules allow you to enforce your organization’s security policy in an optimal manner.
  • Incapsula’s Web Application Firewall is certified by the PCI Security Standards Council.
  • Using crowdsourcing techniques, Incapsula's Web Application Firewall protects your websites and applications with collective knowledge about the current threat landscape.
  • Powerful access control capabilities enable you to define exceptions and minimize false-positives.
Back to top

Encryption and Key Management

Vormetric: Leverage Vormetric solutions to secure data and manage encryption controls.

  • Take control of data security.
    • Data encryption renders data useless without the matching encryption keys. This alleviates many of the concerns about data in the Cloud.
    • Customer retains full control over keys and encryption mechanisms.
  • Address sensitive data and compliance mandates.
    • Tailor the controls, visibility, and auditability needed to comply with internal policies and regulatory mandates.
    • Legal subpoena exposure is limited. If a subpoena is issued to Rackspace to surrender digital assets, you still retain control of the encryption process.
  • Simplify the encryption process with Vormetric.
    • Encrypts all forms of data consistently (Structured, Unstructured, and Big Data) across multiple platforms.
    • Provides centralized, highly efficient policy and key administration.
    • Can be Implemented without having to make changes to an organization’s applications, infrastructure, or business practices.
Back to top

SSL/TLS Certificates

Leverage SSL/TLS Certificates from Symantec and Thawte to secure web traffic.

  • Rely on proven SSL/TLS Certificate solutions to install trust and enhance web sales.
    • Symantec and Thawte (a division of Symantec) provide trust solutions to match the specific needs (see charts below).
    • Rackspace is a one-stop shop for all six industry leading SSL solutions; we order, install and renew them for you.
  • Match the right certificate choice for your specific needs (see charts below for side-by-side comparisons).
    • Extended Validation (EV) SSL Certifications is the latest SSL protocol and provide the highest level of authentication.
    • Organizationally Validated (OV) SSL Certificates guarantee that the owner of the domain is a legally accountable person or business.
    • Domain Validated (DV) SSL Certificates validate the domain only.

At Rackspace, we work with Approved Scanning Vendors (ASV) and together, we can assess your environments at Rackspace and assist you in implementing controls.


Back to top

Log Management

Use AlertLogic’s Log Manager to track and respond to attacks against resources and react to changes in the security landscape.

  • Alert Logic Log Management Solutions unlock relevant, timely insight from log data.
    • Alert Logic Log Manager takes charge of log management activities.
    • Alert Logic LogReview provides keen insight into log data.
  • Alert Logic Log Manager provides:
    • Secure collection and storage of log data.
    • Centralized view for management, customized reporting, and alerting on log data.
    • Daily review of collected logs for Network Security, PCI, HIPAA.
  • Alert Logic LogReview provides:
    • Daily reports and analyses of log activity are available on demand.
    • Seasoned Alert Logic security analysts are available at all times to help resolve security threats and incidents.
    • Daily analyst review of your logs provides security intelligence and meets daily log review requirement for PCI compliance.
Back to top

Multi-Factor Authentication

RSA Security: RSA SecurID is designed to mitigate the risks associated with sharing sensitive information across the network with a diverse group of users. By securely enabling users with authentication methods, RSA helps positively identify users before they interact with mission-critical data and applications through: VPNs & WLANs, E-mail, Intranets & extranets, Microsoft® Windows® desktops, web servers, other network resources

  • Strength of Security: Time-synch solution is more secure than event-based or grid card solutions; built on the AES algorithm (not OATH H-OTP algorithm); RSA’s nearly 30 year experience and world class service.
  • Application Support: Out-of-the-box integration with over 400 applications at no additional cost, reduces customization needs and preserves IT agility.
  • Breadth of Offerings: Wide range of authenticators meet current and future needs, support wide range of users (employees, partners, customers, suppliers) with hardware token, software token, Risk-Based Authentication and SMS options
  • Quality and Dependability: RSA Authentication Manager includes redundancy, failover and other mission critical features; tokens are run through a battery of tests to ensure highest token quality; token quality ensures lower TCO (i.e. fewer help desk calls, replacement tokens) and maximizes productivity; all tokens have lifetime warranties (5 year hardware token has 5 year warranty).

DUO: The next generation of two-factor authentication. Smarter security starts with a robust platform capable of providing secure access to any user, to any application, on any device over any network.

  • Solution protects any user accessing any application from any device
    • 100% Cloud-based two-factor authentication eliminates platform support concerns.
    • Provides the opportunity to consolidate Cloud, web, and on-premise two-factor authentication with one solution.
  • Easy to deploy, use, and manage
    • Faster deployment (think hours, not days or weeks).
    • Consistent, easy-to-use across all platforms.
    • Simplifies management with increased, consistent visibility and standard reports across your entire environment
  • Proven Technology
    • Duo two-factor authentication is used by an impressive mix of companies cross-industry to include Facebook, NASA, and Duke University.
    • See more customer success stories at DUO Security Success Stories.
Back to top

Cloud Security Solutions

As the global leader in Content Delivery Network (CDN) services, Akamai makes the Internet fast, reliable and secure for its customers. The company’s advanced web performance, mobile performance, cloud security and media delivery solutions are revolutionizing how businesses optimize consumer, enterprise and entertainment experiences for any device, anywhere. To learn how Akamai solutions and its team of Internet experts are helping businesses move faster forward, please visit www.akamai.com or blogs.akamai.com, and follow @Akamai on Twitter.

  • Data Centre Protection – Prolexic protects customers in multiple verticals and of all sizes, from large, volumetric DDoS attacks, that target the Web, mobile or IP application, infrastructure and /or DNS layers.
  • Application Protection – Kona Web Application Firewall provides always-on and highly scalable protection against web application attacks including SQL injections, cross-site scripting and remote file inclusion – while keeping application performance high.
  • Domain Name Service Protection – Akamai’s Fast DNS is a cloud-based DNS solution that provides 24/7 DNS availability, improves DNS responsiveness and has the resilience to defend against the largest DDoS attacks.
  • Secure Content Delivery - Akamai Secure Content Delivery Network (SCDN) is a highly secure, outsourced solution that addresses the performance and security needs of your SSL (Secure Socket Layer) content while reducing costs and complexity.
  • Website Protection – The Kona Site Defender suite of products utilizes Akamai’s Intelligent Platform™ to ensure your customers are always receiving the best possible online experience, even when under attack.
  • Security Intelligence – through two Akamai solutions:
    • Client Intelligence assigns risk scores that predict the probability of web attacks, Denial-of Service attacks, scanning and web scraping. We rate the billions of unique IPs seen on our network every month, giving you the availability to customize your mitigation response for each attack category.
  • Bot Manager relies on the simple premise that not all bots are created equal. Some are good while some are bad. Bot Manager provides organizations with a flexible framework to identify, categorize, manage and report bot traffic in the cloud with the globally distributed Akamai Intelligent Platform. The result: greater control over how your website interacts with different types of bots, maximizing business benefit while minimizing negative business or IT impact.

Visit With a Security Specialist

Not Sure Where to Start?

Choose your preferred contact method

Existing Customers

Login to your account for more support

Change your region: