The rush to implement virtualization of technology resources within an enterprise and cloud computing can have many advantages, such as server consolidation, but this goes beyond the speed with which traditional security and identity management practices evolve. This creates huge vulnerabilities, confusing feelings, and questions about where security products and services should be used in the Multi-vendor hypervisor environment.
' Virtualization will dramatically change the way you protect and manage your computing environment, ' said Gartner analyst Neil MacDonald at the annual Gartner Security and Risk Management Summit last week. The workload is more mobile and harder to protect. It broke the security policy bundled with the physical location. We need security policies that do not depend on the structure of the network.
Gartner predicts that nearly half of the current x86 server workloads are virtualized. VMware is the obvious market leader. However, Microsoft's Hyper-V is growing. Jie is also a competitor. Gartner argues that companies should plan to migrate to private cloud architectures. At the same time, however, Gartner acknowledges that management tools and security have not grown to a program that can meet this situation.
MacDonald says management programs are not as secure as the physical systems they are replacing. The integrity of that underlying layer is extremely important. You don't want this management program layer to be compromised.
MacDonald says there is a constant lack of control and visibility of communication between internal virtual machines and virtual machines. Should the 1th virtual machine talk to the 3rd virtual machine? How do you know they're being attacked? These communications will never appear in our physical network. Some companies are willing to accept this uncertainty. Some companies do not want to.
However, this is a question of meeting some of the needs. These requirements are to identify existing options to address virtualization and cloud security issues. According to the MacDonald view, in addition to load balancer and flow shaper, there should be a wide range of security controls in virtual machines, such as virtual firewalls, intrusion prevention systems and anti-virus software.
For example, Altor, Cisco, Juniper Networks, IBM, HyTrust, HP, Enterasys, McAfee, Catbird, Stillsecure, Sourcefire, Reflex Companies such as BAE and Stonesoft increasingly offer virtual device choices for firewalls, surveillance, and intrusion prevention. For VMware platforms, Check Point is a step further, MacDonald said. After a slow start, large security vendors have finally made progress in virtual security control.
VMware has provided the Vmsafe API (Application programming Interface) in order to streamline the "internal checks" based on the management program. This does not require multiple software agents. MacDonald acknowledges that the need to deploy and run software agents has been the bane of our existence. However, there are still many questions about how it works.
Next to Symantec and McAfee's third-largest antivirus manufacturer trend technology is the idea of taking VMware as quickly as possible, including support for VMware's latest security APIs and support for "Deep security" for vsphere antivirus scans (deep safety) VShield in the product. Trend technology has been charging less for the antivirus software based on virtual machines, perhaps thinking it has lost something.
However, MacDonald says the downside of trend technology to the deep security approach to VShield is that VMware's "fake code" is still needed to run it and requires a management program extension. In addition, it is used only for Windows and can only isolate and not remove malware infections; VShield has the software to assume the task of the firewall. The VShield possible disadvantage is that it is too specific for VMware vsphere and users will get "another silo."
The transition to more virtualization-focused software-based security controls is expected to occur, although it is now fraught with uncertainty. Gartner predicts that, although this application is only a few, but by 2015, antivirus and other security control measures will be 40% virtualization. MacDonald added that this would happen, even though companies such as Cisco and Juniper Networks have been dragging their tails because they like to sell expensive physical hardware.
From a security and management perspective, the main idea now is to take the virtualization platform as the most important it platform for your data center, MacDonald said.
However, this seems particularly challenging for vendors responsible for cloud-related identification management.
Gregg Kreizman, a Gartner analyst, said that about two years ago we were still talking about how to do the internal identity management thing. Now talk about getting our weapons around SaaS (software as a service)? Or, we are accustomed to managing applications. But now that these apps are in the cloud ..., this creates a question that has never been asked before: What happens if we have identification there?
Kreizman says this is the cloud that corresponds to a system that was deployed inside your previous company. As SaaS providers use different interfaces, there is now an "interface risk" of an increasing number of broader attack interfaces. In addition, more people may be exposed to data. Google is not ahead of security practices. Salesforce a little better.
Unfortunately, the default way to get identity information into SaaS is to go directly to the administrator, Kreizman said. May include FTP or Dropbox. Dropbox is a service that has encountered multiple security failures, including a password management issue this week that has caused many user information to be exposed.
Companies that extend their corporate identity management systems to the cloud can now seek to extend corporate identity management systems (such as CA company systems or IBM systems) to specific cloud providers if they can be supported in a mixed environment. In addition, Exostar and Covisint into a new area called "Community Union centres" to serve specific types of organizations. In this case, mainly aerospace, defense, automobile manufacturing and health care industries such as the organization. Kreizman says these users are willing to pay for the identification services of successful alliance and SaaS providers.
Kreizman says there are many new options to enter the identity management market linked to the cloud, creating a "turbulent market", even a bit like the Wild West.
Vendors in this area are Okta, Clavid, symplified, OneLogin, Ping Identity (offering separate joint software) and Nordic Edge (acquired by Intel). Some traditional identification and access management vendors, including Fisher Analysys, Identropy, Novell and lighthouse, are selling products and services that benefit cloud providers and customers.
VMware acquired Tricipher last August and hopes to provide users with more convenient SaaS service control in the future. RSA technology companies want to take advantage of cloud-trusted identity systems. The system will soon launch a beta version.
While the identity and access Management Service is still new, Gartner predicts that the market will grow significantly in a few years. By the end of 2012, cloud-based identification and access management services will increase the share of total identity and access management revenue from around 5% to 20%.
(Responsible editor: admin)