How Cloud Security Helps Create Cloud Agility
October 25th, 2013 By: Bill Kleyman
It was bound to happen. The increase in cloud computing and cloud utilization has also increased the amount of targets for malicious attacks. As more organizations move towards cloud computing – there will be extra security measures that will have to be taken into consideration. There are more devices, a lot more users, and all of this result in more data being pushed through the data center and the cloud.
As cloud computing continues to gain ground, new models and platforms will require new ways to secure a growing infrastructure. Here’s the good news: New security platforms are being designed to help facilitate cloud growth, not hinder it.
Next-generation security is evolving to directly support cloud computing. To help with this heavy lifting, security organizations need to adapt their technologies to the workloads of the cloud. Whether through secure means of WAN optimization or creating new types of cloud security services, the ultimate idea is always to empower the cloud. With that in mind, new types of security platforms are able to create even greater cloud agility as more data can be delivered via a cloud model.
- Next-Generation Security. We’re no longer talking about standard unified threat management (UTM) appliances. Next-generation security platforms are those that help combine security services around cloud, data and applications. This is advanced filtering and policy control around new types of workloads. As organizations become even more distributed, data traversing a public or private link will need to be secured. Next-generation security creates agility around security platforms and around the data they protect.
- Security Virtualization. We have moved from the physical and have adopted security platforms around the logical. Entire security platforms are now virtualized to provide new levels of protection. For example, Fortinet’s FortiGate Virtual Appliances create a new layer of security for a physical and virtual infrastructure. By placing these virtual appliances inside of a network, you’re able to monitor for intrusion prevention, malware, unauthorized devices, network viruses, and much more. Security virtualization allows organizations to place service-specific virtual appliances throughout a cloud infrastructure to protect key components. Security, especially for cloud, no longer revolves around physical appliances alone. For true cloud agility, next-generation security technologies must be considered.
- Cloud-Ready Policies. With new types of security platforms administrators must utilize new types of policy engines which are cloud-ready. This means having technologies which are ready for an influx of users, data and devices. Integrating mobility controls has become a big concern for many organizations. So, to facilitate the growing BYO phenomena, organizations are looking at technologies like Citrix’s XenMobile to facilitate mobility controls. The great part here is that this cloud-ready technology integrates with your security platform. Devices can be interrogated, authorized and even provisioned all through secure corporate communications. By understanding the devices that are coming in, administrators are able to wrap only those policies that are required around the user and the application. Cloud-ready controls means knowing where the user is coming from and how to optimally deliver their content to them. All of this has to be accomplished over a secure link.
- Agile Security on All Fronts. The transfer of cloud, information, and applications actually requires quite a bit of technology unison. Certificates have to be properly bound, services have to be configured and delivered, and the user experience has to be taken into consideration the whole time. The only way to facilitate a positive cloud computing experience is to deliver the content in a secure and efficient manner. Next-generation firewall and security appliances are built to help the user be more agile. Whether they’re coming in from remote locations or are requesting certain types of services, appliances sitting at the edge have to negotiate quite a few new variables. For example, a WAN appliance may need to look at connection speeds to redirect users’ content to optimize experience. All of this is done through an encrypted channel where data integrity is constantly maintained. By using a combination of secure application delivery controllers and WAN optimization appliances, administrators can deliver powerful cloud-ready content to the user.
- Physical Appliances – Lots of Resources. Virtualization is certainly very cool, but what happens when you need raw throughput? Physical security appliances are now being integrated with 10Gbe cards capable of even greater amounts of expansion. You can have the best core infrastructure out there, but if your edge appliances can’t handle the throughput, you’re going to have a serious bottleneck. Modern security vendors clearly see that more information is being passed through their appliances. To step up the game, they needed to release appliances capable of even more throughput over the WAN and LAN. As cloud computing and big data become larger parts of the organization, throughput and processing power will become even more important for cloud-integrated security platforms.
- Helping Protect the Future. The future of cloud security really revolves around services and plug-in modules. Even now virtual security platforms allow for services to be tied into the main platform to extend security features. To stay ahead of the bad guys, security platforms living in the cloud will need to be very agile – just like the cloud itself. Greater data distribution and new types of applications will call for continuous protection of many different types of data points. New levels of encryption and even the migration to IPv6 must be supported by the next-generation security model.
Administrators will have to continuously find new ways to secure their infrastructures. We know that cloud computing isn’t going anywhere. We also know that threats to the cloud are going to increase as well. All of this results in the need to understand where cloud security is going and how organizations can best secure their environments.
New security measures must empower the cloud and the end-user. The increase in the amount of data being delivered requires that the user experience remain excellent and secure. New cloud security models will continue to evolve to incorporate even more cloud-ready technologies. This includes platforms like big data, IT consumerization, and the further digitization of the modern corporation.
Yes, advanced policy control fueled by a centralized cloud policy engine is exactly what is needed to effectively manage security for the next generation IT operating model. A successful cloud security approach must establish policies that take the full context of the organization’s cloud deployment into consideration. In this way, IT can be confident that they have established governance, compliance and security that is configurable, automated and enforced. In doing so, security will provide the ‘brakes on the race car’ that will indeed create greater cloud agility and drive business innovation. For more: http://www.servicemesh.com/cloud-it-resources/cloud-strategy-transform-it-blog/blog/five-critical-ways-to-improve-security-posture-across-clouds/
- Bankim Tejani, Senior Security Architect, ServiceMesh
Eddie MayanPosted October 30th, 2013
CloudWays is Managed Cloud Security Service provider and they are offer free consultation on this topic.
One of today’s most swiftly evolving and widely deployed technologies is server virtualization. Many organizations are already realizing the cost savings from implementing virtualized servers, and systems administrators love the ease of deployment and management for virtualized systems. There are even security benefits to virtualization – easier business continuity and disaster recovery, single points of control over multiple systems, role-based access, and additional auditing and logging capabilities for large infrastructures.
[…] How Cloud Security Helps Create Cloud Agility Data Center Knowledge Posted: October 25, 2013 Summary: Can cloud security enable agility rather than slowing it. http://www.datacenterknowledge.com/archives/2013/10/25/ how-cloud-security-helps-create-cloud-agilit… […]