Two big questions about IT security from virtualization and cloud computing
Source: Internet
Author: User
KeywordsSecurity Virtualization
The benefits of virtualization and cloud computing will be included in most enterprise IT infrastructure discussions in the 2010. Virtualization has proven that it can save money through server consolidation and better utilization of resources. More virtualization technology is expected to be used throughout the server infrastructure, in other areas of the IT stack, and on desktops. The growth of SaaS (software-as-service) applications such as Salesforce.com and the success of IT services demonstrate how centralized remote computing can also provide more efficient ways to provide users with technical resources to help cloud computing win the acceptance of business decision makers. But how does virtualization affect IT security as the industry begins to apply this new IT infrastructure?
Why worry about security professionals?
According to market research firm Gartner, about 16% of all enterprise servers are currently virtualized, and the ratio is expected to rise to 50% by 2012. VMware, the market leader, has more than 150,000 users. Microsoft's virtualization product Hyper-V is free, and the latest version of Windows Server Software encourages the use of this technology and makes it easier for small businesses to use it.
As with the growing importance of any technology in enterprises of all sizes, malware authors are expected to implement various attacks on virtualized environments or hijack workloads or steal important data. Examples of virtualization that should be considered with security are the payment card industry's data security standards. A special interest group has been set up here to discuss the role of virtualization in the retailer's network and the impact on the protection of credit and debit card payment data.
There are three main attack targets for virtualized environments:
• The virtual machine workload will include operating systems, applications, and data, similar to the traditional server workload.
• The management process itself.
• Management APIs (application programming interfaces) for controlling virtual machines and integrating with other IT management products.
The biggest problem facing the security team is not first included in the virtualization implementation, as it is usually initiated in a test and quality assurance environment. As virtualization spread to more product environments, security is certainly a major concern. This includes assessing business continuity because the percentage of workloads affected by interruptions or virus attacks will be higher than in a consolidated environment.
The first consideration is the application of traditional security skills in a virtualized environment. This is difficult because virtual machines can migrate around in order to prioritize business needs and workloads. This emphasis must be placed on the possibility of planning and familiarity with the changing environment. The first step is to separate virtual and physical network traffic by using a virtual LAN. This is followed by an intrusion defense and firewall system that can monitor and inspect communication between virtual machine host servers. Organizations that are considering applying desktop virtualization must also deploy antivirus software in the client system, although virtualization makes it easier and faster to use patches or remove viruses.
The next consideration is how virtualization can improve security planning and execution. Because virtual machines are isolated environments, it is easy to run a multi-tenant environment that requires isolation, even on the same hardware. This is useful for managed service providers. Virtualization allows them to host more users on the same physical device as the data.
New security methods in virtualized environments
Enhanced virtualization devices (virtual machines for specific tasks) will also be more popular with organizations, as these devices can help security functions to get the same results from virtualization as other businesses. A study published in December 2009 by IDC, a market-research firm, said the budget for virtual security equipment would continue to grow in the next year to 18 months, as it would be better to have total cost results than to use individual point software products or specialized hardware products.
Other aspects of the new security approach being considered are cloud computing. Cloud computing means different things to different people. However, the most common definition is to use the Internet to provide reliable service to users. In cloud computing services, the number of services can be increased or decreased as needed. This flexibility and the "pay-per-use" billing model are attractive to institutions that slash capital spending or have difficulty getting a budget.
The potential of cloud computing is enormous because it delivers more efficiency and cost savings to IT service delivery. However, cloud computing faces some important hurdles, one of which is security. Because the data will get out of the direct control of the enterprise, security and privacy concerns are large, especially in those industries that require data retention and data ownership. Building cloud computing into a trusted platform for businesses will be a constant concern, no matter how tempting the potential savings potential of cloud computing may be.
One of the biggest problems to remember is that all relevant data is yours. Although this data may be located in another company's storage device, it is still the customer's responsibility to keep this data secure. It is important to be cautious about dealing with cloud providers and constantly asking questions about how this provider will ensure network security. Personal access to the data center can help build trust. If all of this is not suitable for the enterprise in the cloud, then a trusted partner who manages the system remotely at your site is an appropriate "intermediary station" that can provide the benefits of the cost of this comprehensive cloud computing while retaining some control.
The SaaS provider has demonstrated how to get data security and reliability. As the process continues to grow, security providers are also considering how cloud computing can make this process more efficient. Examples of the most effective areas of cloud computing services include e-mail archiving and network security, because the value of an organization is to manage the process more effectively than to host the product or service onsite.
As organizations launch further virtualized infrastructure or shift their workloads to proprietary/or public cloud computing, security teams must be involved in building the best practices around these strategic transformations. The combination of virtualization and cloud computing and security can provide more efficient management and automation of unimportant it capabilities. This is an important opportunity for IT organizations to provide the results that businesses need to stay competitive in an era of tight IT resources and budget changes. As these technologies move into production, the right security plan ensures that virtualization or cloud computing delivers the promise of benefits.
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.