Liviu Arsene is Senior E-threat Analyst at Bitdefender.
Software defined data centers (SDDC) and hybrid infrastructures have created opportunities for digital business, but also created security and control challenges for IT departments, especially when trying to integrate and deploy legacy security solutions. Distributed IT infrastructure spread across physical, virtual, on-premise and in-the-cloud workloads has rendered traditional security ineffective – in terms of performance, scalability, and manageability – when trying to build a comprehensive security posture for a company.
Security and control mechanisms designed for hyperconverged infrastructures (HCIS) need to be agile by design if they’re to offer IT security teams the level of visibility and scalability digital businesses expect. Security should enable, and not inhibit, these digital infrastructures, or it would leave companies exposed to data breaches and security incidents caused by security blind spots.
Data Center Control
Data center control can only be achieved though interoperability and unified management of both on-premise and public infrastructures, something that legacy security solutions cannot provide. Security fragmentation that leads to IT overhead caused by high maintenance costs is usually the main problem of legacy data centers and infrastructures. It’s because of this that hyperconvergence - with its extra abstraction layer on top of existing hardware and systems - enables automated, agile, and programmable software defined data centers.
Traditional endpoint agents that heavily task virtual workloads’ CPUs, memory, and input/output operations drive down virtualization density and infrastructure utilization, while hindering performance. With limited scalability options, legacy security solutions can’t provide hyperconverged infrastructures – and implicitly, businesses – the agility they need to grow.
Data Center Security
Any security solution tasked with protecting endpoints across the infrastructure should not only feature out-of-the-box integration with key HCIS technologies, but also be hypervisor and operating system agnostic. Centralized manageability and visibility should also ensure that IT administrators can deploy and enforce policies across all infrastructures on a timely basis, even when new workloads are created. Cloud agonistic policy enforcement is key for retaining control over compliance, performance, and data location, as it gives businesses the flexibility needed to run workloads where it makes sense from a financial and operational perspective, without sacrificing security.
To ensure operational efficiency for any data center, the security solution needs to be agile, by supporting automatic provisioning and deployment, and deliver a single-pane-of-glass view across the data center. Continuous security coverage ensures that virtual workloads are always protected, regardless of their location and function.
Adaptive Security Layers
Security and control in the data center should be based on adaptive security layers focused on prevention, pre-execution, post-execution, remediation, and visibility. In terms of technologies, the use of machine learning should not be implemented as a security layer in itself, but more as a tool augmenting the current capabilities of security technologies.
The security challenges met by SDDCs and HCISs can only be overcome with solutions engineered to enable data center transformation by offering continuous coverage across the hybrid cloud. Efficient, resilient, and scalable, it should not only give security departments the level of visibility they need, but also allow them to focus on developing new security strategies instead of doing maintenance work.
Opinions expressed in the article above do not necessarily reflect the opinions of Data Center Knowledge and Informa.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.