Can the old method secure the next generation of data centers?

A new survey was recently conducted by the Gabriel Consulting Group, and McAfee released its findings. The results show that we are using the same tools to secure both physical and virtual servers!

During the third quarter of 2010, more than 140 data center practitioners from SMEs to mega-http://www.aliyun.com/zixun/aggregation/12039.html "> Multinationals surveyed; From the effects of existing security measures-whether their data center security measures keep up with the increasing number and complexity of attacks-the view is whether security concerns are hindering the adoption of a private cloud or a public cloud.

Or go back to the research on the types of tools that protect the virtual environment and the physical environment. About 70% per cent of respondents said they used the same security mechanism to protect physical systems and virtualization systems. Only a little over 20% disagree with this view (a handful of people remain unaware that security tools are also divided into virtual security tools and physical security tools).

More than a year ago, Gartner published its findings, estimating that 60% of virtual servers were less secure than their replacement physical servers. Gartner also predicted that the current insecurity would continue into 2012 years.

The reason is obvious: security issues related to virtualization technology and virtualized workloads are not the same as those in the physical environment.

As Gartner said at the time, although IT staff may think that they already have the skills to ensure workloads, operating systems, and underlying hardware security (as you know, there is no change in the underlying hardware), there is now a new layer of software: virtual machine hypervisor and Virtual Machine monitor program, They must be taken into account. Gartner explains that the new software layer brings new security vulnerabilities. And if the virtualization layer is at risk, all of the workloads running above can be compromised.

The research firm also says corporate institutions should not rely on host-based security controls to detect security threats or protect anything that runs under the host. Gartner also mentions the additional risks associated with virtualized environments: A network-based security device does not see the communication between multiple virtual machines within a single host; workloads at different trust levels are merged into a single host, but not sufficiently isolated; Virtualization technology does not provide sufficient mechanisms to Control administrator access to the hypervisor and the virtual machine layer, and when the physical server is merged into a single machine, the risk is that system administrators and users may access data that they do not have permission to access.

McAfee and Gabriel Consulting groups believe that few security suites are optimized for virtualized systems, and that most of the security software in the data center has been changed to apply to virtualized systems rather than virtualization technology, completely from scratch (or redesigned). ”

The people who drafted the survey said that the virtualization features such as zoning migrations (partition Adroit) needed special treatment. Although our respondents did not mention this issue, we believe that there are certain virtualization features (such as zoning migrations) that require special processing from a security perspective.

In a press release announcing the results of the survey, Greg Brown, vice president of network security at McAfee, said: "Migrating to virtualized data centers requires enterprise organizations to consider security methods early in the design phase." If you use a network and system security solution optimized for virtualized environments, you can ensure that your data center runs continuously and that performance is not compromised. McAfee's solutions provide seamless security management capabilities to unify the protection of traditional datacenter resources and virtualized datacenter resources. ”

The study by McAfee and Gabriel Consulting Group has other concerns. That is, nearly half of the respondents said they were constantly discovering new security vulnerabilities; more than 40% per cent of respondents felt that the company's security pace was not up to the security threat and that about 70% of respondents questioned the safety of the public cloud; 40% of respondents said Daily safety does not conform to the standards required by the company's official policy.

Original link: http://www.itworld.com/data-centerservers/209867/old-school-security-next-gen-data-centers