Over the next 2010 years, the benefits of virtualization and cloud computing will be included in the discussion of the IT infrastructure of most enterprises. Virtualization has proven its value, cost savings, and better utilization of resources through server consolidation. This technology is used more in the infrastructure of the server.
The rise of Software as a service (Software-as-a-service) application, such as Salesforce.com, and the success of IT outsourcing illustrates the remote computing method, which is a more efficient way to give users technical resources to help cloud computing get more business decision makers to buy. But what does IT security imply as a new IT infrastructure industry?
Why should experts pay attention to safety?
According to Gartner, about 16% of servers are now virtualized in the enterprise's IT environment, and the company is expected to increase to about 50% by 2012. The leader in this market space, VMware, now has more than 150,000 customers. Microsoft's virtualization Product Hyper–v is free, it contains the latest version of the Windows Server, and Microsoft encourages the adoption of this technology and makes it easier for smaller companies to access the product.
Any technology that is increasingly important to businesses of all sizes is attacked, and malware writers will attempt to attack the virtual environment, either hijacking workloads or stealing data center-critical data. One example of how virtualization is considered secure is the payment card industry's data Security standard (Paymentcardindustry ' Sdatasecuritystandard), where a special interest group has been set up to discuss the role of virtualization in the retailer's network, And how to protect your credit and debit card payment data.
In a virtual environment, there are 3 main targets for attacks:
--the workload of virtual machines, including operating systems, applications, and data, similar to the workload of traditional servers;
-the management process itself;
--to control the management API for virtual machines and integration with other IT management products.
For security teams, the biggest problem they face is that they are often not included in the work of implementing virtualization. The technology then began testing and entering a quality assurance environment, but did not consider security issues. As virtualization spreads to more productive environments, security has become a central concern. This includes assessing business continuity because the amount of work that is affected by a failure or virus attack will be significantly higher than the consolidated environment.
The first consideration is the application of traditional security technologies to virtualized environments. This can be more difficult because virtual machines can move around the IT room based on business needs and the priority of the workload. The focus is on the planning phase, and virtualization is the conscious aspect of the changing environment. Maintaining virtual and physical network traffic separation by using VLANs is the first step, followed by an intrusion prevention and firewall system that can monitor and inspect the data center Virtual machine Host server traffic. For organizations looking at desktop virtualization, it is still a necessary step to spread antivirus on the client, although virtualization can make any patching or removal of viruses easier and faster.
The next consideration is how to improve the planning and execution of virtualization security. Because the virtual machine is an isolated environment, it makes it easier to run multiple tenants ' separate environment tasks, even on the same hardware. This is particularly useful for managing service providers, and virtualization allows them to take on more customers on the same number of physical tools.
In virtual environments, new security approaches
Hardening virtual devices, which are specialized virtual machines for specific tasks, are also becoming increasingly popular as they can help secure functionality and benefit all businesses. A December 2009 IDC study noted that the budget allocations for virtual security devices will continue to increase during the 18-month period from January 2010 to later, while the total cost of owners (totalcostofownership) is better than using separate point software products or proprietary hardware.
The new approach to security in other areas under consideration is cloud. Cloud computing can mean different things to different people, but the most common definition is to provide a reliable service to the user via the Internet, which can be scaled up or decreased as needed. This flexibility, with the "on-pay" charging model, makes it attractive to many organizations, as capital expenditure in many organizations is reduced to a large extent or the corresponding budget is difficult to obtain.
The potential of cloud computing is enormous because it can make it services more efficient and cost-effective. However, the cloud faces several major obstacles, the biggest of which is the security issue. Because the data will move, leaving the company's direct control, security and privacy issues are very important, especially in these industries, with data retention and ownership provisions. Regardless of how attractive the potential savings may be, building a reliable cloud platform for the enterprise will be a continuing concern.
The biggest problem to remember is that all the data involved is yours. Although it may be in another company's memory, it is the customer's responsibility to ensure that the data remains secure. It is critical to investigate cloud vendors in detail and keep asking your partner or potential suppliers how to keep their network secure. Personal access to the datacenter can also be another confidence-building step. If a complete transfer to the cloud is not appropriate for the enterprise, then, choose a trusted partner that can be located in your building remote management system in a suitable location to build "Halfway house", which can provide full cloud cost-effectiveness while retaining some control.
Software as a service provider (Software-as-a-service) has made some progress by demonstrating how global data center data can be trusted and secure. As the process continues to evolve, security service providers are also studying how to make the cloud process more efficient. Cloud-based services can be effective, including e-mail archiving and network security, because the value of an organization lies in effective management processes, not on-site products or services.
As organizations move further towards virtualized infrastructures or into private or public cloud environments, security teams must be included in the work of best practices as a result of strategic change. Virtualization and cloud with synchronous security provide the ability to manage and automate it mission-critical tasks more effectively. In an era where it resources are more stressful than ever and the budget is stressful, this is an important opportunity for companies to stay competitive. As these technologies are put into production, the right security plan ensures that the use of virtualization or cloud computing actually achieves the promised benefits.
(Author: blog Editor: yuping)