GREENVILLE, S.C. (July 6, 2021) – Green Cloud Defense (“Green Cloud”), a cloud technology and security solutions provider, today announced it has deepened its relationship with Fortinet, a global leader in broad, integrated and automated cybersecurity solutions, to provide a managed Security Information and Event Management (SIEM) service as well as an Endpoint Detection and Response (EDR) service.

The two new solutions significantly strengthen and expand the security product portfolio of Green Cloud Defense, one of the largest independent channel-only cloud Infrastructure-as-a-Service (IaaS) providers in the country. In addition to SIEM and EDR, the company also offers managed email security and managed firewall solutions, part of the Fortinet Security Fabric, to all their Managed Service Providers (MSPs) across the United States.

“As the cybersecurity landscape continues to evolve and mature, our channel partners are actively searching for solutions to provide data protection and security for their end users,” said Keith Coker, CEO. “Since the acquisition of Cascade Defense earlier this year, we’ve been laser-focused on delivering the latest technology in combatting threats like phishing, ransomware and zero day attacks and improving visibility and response times.”

Green Cloud’s managed SIEM product is powered by Fortinet’s FortiSIEM solution which helps identify insider and incoming threats that would pass traditional defenses. The company’s managed EDR service is powered by Fortinet’s FortiEDR solution which delivers advanced, real-time threat intelligence, visibility, analysis, management, and protection for endpoints both pre- and post-infection.

Today, Green Cloud Defense has 70 employees, serves 700 channel partners, operates six data centers and has a Security Operations Center (SOC) in Spokane, Washington.

DRaaS Powered by VMware

 

We started Green Cloud Defense almost exactly 10 years ago and, from day one, we have been running our shared (public) cloud infrastructure on VMware’s hypervisor.  Our 800 partners across North America utilize VMware’s vCloud Director to deploy, automation and manage virtual infrastructure resources in these multi-tenant cloud environments. A couple of years ago, Green Cloud was designated as a VMware Cloud Verified provider meaning the services we offer are based on the most complete VMware cloud infrastructure technologies available.

Today, 10 years later, with six data centers located across the county and with thousands of virtual machines (VMs) in production, we are launching a fully functional disaster recovery product built within the VMware vCloud Director footprint.

What does this mean for our partner community?  They now have the ability to recover protected workloads – both on-premise and in the cloud – into a second Green Cloud data center through a self service portal within the vCloud Director interface. For those not comfortable managing this on your own, feel free to call us. Our dedication to service and support to our network of partners remains the same.

Like all disaster recovery solutions sold by Green Cloud, we will still assist the partner in setting up the secondary site, pre-building IP schemes and setting up firewalls on the recovery site to ensure there are no “gotchas” when the partner/end user needs to failover in an unpredictable disaster scenario.

Why is this disaster recovery solution different? Disaster Recovery powered by VMware allows you to manage your workloads on per VM basis. You can choose different Service Level Agreement (SLA) profiles on a per VM basis. With Recover Point Objectives (RPOs) as fast as one hour, this solution allows our partners to talk about specific recovery times and retention policies on a per VM basis – all while effectively managing the solution and the budget.

We have priced this solution very, very aggressively.  You pay a small fee on a per VM basis and reserve the necessary compute and storage on the target side. This is lockstep with our goal: to deliver the cloud solutions you want, with the support you deserve and at a price point that you can afford.

While some disaster recovery solutions are unreliable, complex and expensive, and many not scale at the required levels of protection or expectation, Disaster Recovery powered by VMware is reliable and effective while remaining extremely affordable. We truly believe this solution is a win/win for our partners and their end users.

AUTHOR: Charles Houser

Rebranding Positions Green Cloud Defense as a Full-Service Managed Security Provider More Prepared to Manage Cybersecurity Threats for MSPs

GREENVILLE, S.C. (March 4, 2021) – Green Cloud Technologies (“Green Cloud”), a cloud technology solutions provider, has closed on the acquisition of Cascade Defense, a full-service managed security service provider (MSSP) in Spokane, Washington. The acquisition has resulted in the rebranding and the renaming of Green Cloud Technologies as Green Cloud Defense, one of the largest independent channel-only cloud infrastructure-as-a-Service (IaaS) providers in the country.

Green Cloud Defense has significantly strengthened and expanded its security product portfolio and will now be offering all their Managed Service Providers (MSPs) fully managed Security Information and Event Management (SIEM) software and a Security Operating Center as-a-service (SOCaaS). Green Cloud has also obtained a Fortinet MSSP Expert partner and a full-service Security Operations Center (SOC) with the acquisition.

Green Cloud Defense’s headquarters will remain in Greenville, S.C., where Green Cloud Technologies started in 2011. Cascade Defense founders Eric Foster and Steve Sims will work in the new Green Cloud Defense Spokane office and have assumed new roles. Foster is Green Cloud Defense’s VP of Security Operations, and Sims is Green Cloud Defense’s VP of Security & Chief Information Security Officer (CISO).

“Everything we do at Green Cloud Defense is to better serve our channel partners. Bringing new talent and technology to our current offerings will take our company to the next level and give our security capabilities a significant boost,” said Keith Coker, CEO

and co-founder of Green Cloud Defense. “The rebrand will only strengthen our company and better represent our commitment to innovation and best-in-class technology and resources to better serve our partners’ security needs.”

Today, Green Cloud Defense has 70 employees, serves 700 channel partners, operates six data centers and has a new office in Spokane, Washington.

Acquisition Strengthens Green Cloud’s Cybersecurity Solutions

GREENVILLE, S.C. (February 10, 2021)Green Cloud Technologies (“Green Cloud”), a cloud technology solutions provider, has reached a definitive agreement to purchase Cascade Defense, a full-service managed security service provider (MSSP) in Spokane, Washington. The transaction is expected to close in the first quarter of 2021, subject to customary closing conditions, and it will strengthen and expand Green Cloud’s security product portfolio.

As one of the largest independent channel-only cloud IaaS (Infrastructure-as-a-Service) providers in the country that sells cloud infrastructure to Managed Service Providers (MSPs) and Value-Added Resellers (VARs), Green Cloud is committed to providing over 650 partners with advanced cybersecurity solutions. With Cascade’s technology and expertise, Green Cloud is obtaining a Fortinet MSSP Expert partner and a full-service Security Operations Center (SOC). In conjunction with the acquisition, Green Cloud will be rolling out fully managed Security Information and Event Management (SIEM) software and a SOC as-a-service (SOCaaS) to their MSP partner ecosystem.

“Cascade Defense will accelerate our vision to better detect and respond to cyber threats and significantly strengthen our security capabilities,” said Keith Coker, CEO and cofounder of Green Cloud. “Cascade is the perfect fit for Green Cloud as we both share a passion and commitment to innovation and best-in-class technology and resources to compete in the rapidly growing security space.”

“Green Cloud has committed to expanding our product offering by investing in our people and processes,” added Steve Sims, co-founder of Cascade Defense and newly appointed VP of Security and Chief Information Security Officer (CISO) at Green Cloud. “This is an exciting time for our customers and the Cascade Defense team.”

Q Advisors, a leading Technology, Media, and Telecommunications (TMT) investment banking boutique, acted as financial advisor to Green Cloud for this transaction. Headquartered in Greenville, S.C., Green Cloud was founded in 2011, and today, the company has 70 employees and operates six world-class data centers in Atlanta, GA, Greenville, SC, Houston, TX, Minneapolis, MN, Nashville, TN and Phoenix, AZ. The acquisition of Cascade Defense will give the company an additional office in Spokane, Washington.

In today’s mobile and multi-cloud world, the need to be able to protect any workload running anywhere with a single solution has never been more important. In this post, I’ll cover how you can protect your workloads with Green Cloud’s Secure BaaS service using the Veeam Agent and the Veeam Service Provider Console (VSPC). I’ll focus on protecting workloads running in Green Cloud’s IaaS infrastructure, but the process can apply to any workload running anywhere.

The focus will be on deploying, configuring and managing the Veeam agent using the Veeam Service Provider Console. If you have questions on access to the VSPC console, please reach out to Green Cloud’s support team. If you want to signup for Green Cloud’s Secure BaaS solution, please reach out to our sales team.

Before we get started on protecting workloads, first lets review Green Cloud’s Secure BaaS offering. This solution is powered by Veeam and Cloudian delivering ransomware protection for Veeam backups. Veeam and Cloudian created the industries first solution leveraging the S3 object lock feature to make backups immutable. This makes the backup unchangeable by anything. As a result, they cannot be encrypted by ransomware. With this solution, you can now offer ransomware protection to any workload running anywhere.

Assumptions / Requirements

  • Secure BaaS Service
  • Access to the Green Cloud Veeam Service Provider Console
    • Reseller credentials will be needed
    • Company (end user) credentials will be needed
  • Access to your vCloud Director Organization
  • Sufficient bandwidth on source to transfer backups across the WAN
  • Free space on the local disk for a local cache of backup data.
  • Administrative access to the source workloads

In this demo scenario, all workloads reside in Green Cloud’s IaaS infrastructure powered by VMware Cloud Director. I’m going to follow the Veeam recommended method for agent deployment using discovery rules. This will be done by logging into the VSPC as the partner or ‘Reseller’. For information on managing the Veeam agents as a partner or ‘Reseller’, please refer to the VSPC reseller Veeam documentation.

Source Workload Overview

Before beginning the process of protecting my workloads, I’d like to provide a brief overview of the source environment. I previously built a small Remote Desktop Services environment. There are 5 total servers spread across a LAN and DMZ. The NSX Edge is providing network firewalling while the Windows firewall is also enabled. Below is a screen shot of the virtual machines that will be protected by the end of this post.

Deploy VSPC Management Agent

The first step in the process is to deploy a master management agent. This agent will be used to ‘discover’ other workloads running in your environment.

Requirements:

  • VSPC Reseller account information
  • Secure BaaS gateway URL and port
  • End customer Secure BaaS username and password

Log into VSPC

From the workload designated to be the master, log into the VSPC with your reseller credentials. These credentials can be retrieved / set in the Green Cloud partner portal or by contacting support. The format of the login is <Reseller><Reseller Admin> / <password>.

 

 

 

 

 

Download the Management Agent

Once signed in, navigate to Discovery in the left navigation pane. Then locate Discovered Computers on the tab across the top. Finally, click the Download Agent link. Save the file to the local system.

Install the Management Agent

Once the download completes, run the installer as administrator. Accept the EULA and click Next through the menus to complete the installation.

Configure the Management Agent

With the installation completed, the next step is to configure the management agent to communicate with the VSPC. Locate the management agent icon in the system tray, right-click and click Agent Settings.

 

 

 

This will open a window where you will enter the company (end user) account information. This information was provided during provisioning. Should you need this information please contact support.

 

 

 

 

 

 

 

 

 

  • In the Cloud Gateway field, type FQDN or IP address of a cloud gateway.
  • In the Port field, specify the port on the cloud gateway that is used to transfer data to Veeam Service Provider Console.
    • In the Username and Password fields, type user credentials of a Company Owner.

The user name must be provided in the <Company NameUser> format.

  • Click Apply
  • Should you be presented with any certificate warnings, click Save to save the certificate.
    • Finally, Restart the management agent

 

 

 

 

    • The Agent should now show Connected


 

 

Configure Discovery Rule(s)

With the management agent successfully communicating, we can now shift our focus to discovering the workloads so we can automatically deploy the Veeam Backup Agent. Discovery can be done via one of the following methods: Active Directory or network (IP). Optionally, you can also import a list from a CSV. For the this post, I will focus on Active Directory discovery.

Requirements

  • For AD discovery, the master agent should be installed on a domain joined system.
  • The master agent system must have internet access and network access to the workloads you wish to discover and protect
  • Local admin rights to the workloads you wish to discover and protect.
  • Proper Local firewall configuration to allow discovery and agent installation

Configure (Windows) Firewall

In the demo environment, the Window firewall is enabled. As such, I need configure it to allow the management agent to discover systems and push the Veeam Backup Agent installation. For the sake of this post, I have pre-configured the firewall. Below is a list of the port requirements for successful discovery and Veeam Backup Agent installation.

  • Remote Scheduled Tasks Management (RPC and RPC-EPMAP) (for discovery)
  • Windows Management Instrumentation (WMI-In) (for desktop operating systems)
  • File and Printer Sharing (SMB-In) (for Veeam Backup Agent installation)

Create a Discovery Rule

In the VSPC, navigate to Discovery in the left navigation pane. Locate Rules using the tabs across the top and click New to create a new discovery rule.

 

 

 

 

 

 

 

 

 

In the pop-up, go through the items. In this example, I will be going through Active Directory based discovery since the demo environment is an Active Directory domain. For the sake of time, I have pre-configured an Active Directory account that has been applied as a local administrator to each workload via Group Policy.

  • Enter a rule name
  • Select a company to apply the discovery rule
    • NOTE: As a Reseller, it’s likely you will have multiple companies from which to chose. A discovery can apply to one or more companies.
  • Select a Discovery method (this post is Active Directory)
  • Select the Active Discovery Method
    • In this post, I will target specific OUs

 

 

 

 

 

 

 

 

 

 

 

  • Enter the account to be used for discovery and Veeam Backup Agent installation
    • This can be a pre-defined local account or a domain account.
    • In this post, I am using a domain account. I have added this domain account as a local admin to each workload using group policy.

Be sure to clear the check box for using the account defined in the master agent. This is because we did not specify an account in the master agent setup.

  • Organizational Unit selection
    • click Select Location…
      • NOTE: Locations can be leveraged when you have a client with multiple locations. In this post, I will be using the default location.
    • In the next window, click on Select Unit…

 

 

 

 

      • Pick the OUs where the protected workload Active Directory computer accounts are located

 

 

 

 

 

 

 

      • Click OK twice to return to the configuration menu and click Next
  • Optionally, set any discovery filters
    • Discovery filters can be set by OS, Application or platform. These can be used individually or combined for greater granularity.
  • Optionally, enable email notification.
    • This requires that you have configured your VSPC SMTP settings.
    • The email notification will send you notifications of discovery rule results.
  • Veeam Backup Agent deployment
    • Select the option to discovery the system and install the Veeam Backup Agent.
    • For the sake of this post, I will use the default Servers policy. For more information on backup policies see the Veeam documentation. If you want to see the settings for the default servers policy click Show
    • Enable Read-only mode
      • This will restrict local users from changing backup job settings while still allowing them to perform tasks such as restoring individual files. For more on read-only mode see the Veeam documentation.
    • Click Configure to adjust the default settings for the Veeam Backup Agent
      • Select the setting shown in the screen shot below. For more on these settings please refer to the Veeam documentation.

 

 

 

 

 

 

 

 

 

 

      • Be sure to set the appropriate bandwidth based on the source. In the demo environment, there is 50Mbps available. To backup as fast as possible yet still leave room for other communication, I set the limit to 40Mbps.
      • Click Apply then Next
    • Summary
      • Review the summary of the settings
      • Check the box to Launch the discovery rule when I click finish.
      • Click Finish

In the VSPC, navigate to Discovery in the left navigation pane. Locate Rules using the tabs across the top and verify your rule is running.

 

 

 

 

 

 

 

 

 

The deployment process will take a few minutes or more depending on the size and scope of the discovery rule. You can check the status by navigating to Discovery in the left navigation pane and locate Discovered Computers across the top. Here you will see the discovered computes and the status of the Veeam Backup Agent installation.

 

The two most common reasons for failed agent installations are:

  1.  A firewall is preventing the installation. Confirm you have all the necessary ports open on your firewall.
  2.  The account specified in the discovery rule does not have local administrative rights to the discovered system.

To check the status of the Veeam Backup Agent and view what policy is applied, navigating to Discovery in the left navigation pane and locate Discovered Backup Agents across the top.

 

Alternatively you can log into the protected workload and launch the Veeam Backup Agent. Using the Start Menu, locate the Veeam folder and the Veeam Agent for Microsoft Windows. At the top of the Agent application, you will see the VSPC reseller name and the backup policy applied.

 

 

 

 

 

 

 

 

 

 

At this point you have successfully setup the Veeam Backup Agent to protect your workloads by backing up to a Green Cloud Secure BaaS repository. This was done using the Veeam Service Provider Console. Through this console you can centrally manage and monitor the backups of your workloads. If you are an existing partner interested in protecting your customers workloads with Green Cloud’s Secure BaaS service please reach out to your channel manager. If you are interested in becoming a Green Cloud partner, please complete the form on our contact us webpage.

Final Thoughts

Today’s biggest challenge is data security. Ransomware (as well as other security threats) is on the rise as the workforce has been dispersed due to the global pandemic. Empowering IT with the a solution protect data on any workload running anywhere is priceless. And it can all be managed through the Veeam Service Provider console.