Security for a Virtualized World

Chris Smithee (Profile)
Tuesday, September 25th 2012

If it hasn’t happened already, enterprise IT teams across industries will soon be expected to move their infrastructure to the cloud to maximize resources and minimize costs. Gartner has estimated that by 2013, the cloud market will be at $150 billion, and 60 percent of server workloads will be virtualized. Also according to Gartner, by 2016, 60% of new data centers will be 40% smaller while supporting a 300% increased workload.

Virtualization is clearly taking enterprise data centers by storm, but it is unfortunately leading to a decrease in network visibility and the demise of conventional security defenses.

First, the Benefits…

The myriad benefits of virtualization have made it all but irresistible to IT executives. These include:

  • lower hardware maintenance and energy costs
  • recovered data center floor space
  • higher availability
  • better utilization of resources
  • reduced disaster recovery costs
  • faster and more efficient technology deployments
  • increased flexibility for development and testing environments

Virtualization also makes it easy to move applications from one server to another to accommodate increased or decreased load.

Now the Challenges…

Moving technology to the cloud also results in a whole new set of security and network management challenges. First of all, since virtualization is still a fairly new phenomenon, most IT professionals still have a lot to learn about the best practices and pitfalls associated with running a business in a virtual environment. Due to the complexity of the virtualized infrastructure, IT administrators may be happy enough with just getting technologies to work properly, and may opt to leave them alone once deployed instead of introducing security technologies that may interrupt their functionality.

Unfortunately, many traditional security technologies do in fact interrupt the functionality of virtual technologies and do not provide adequate protection for virtual environments. Additionally, many security technologies involve too much overhead and impact to virtual servers to feasibly deploy.

A third and related issue pertaining to virtualization is that it diminishes network visibility, as virtual-machine-to-virtual-machine (VM2VM) communications cannot be monitored by traditional network and security devices. Without visibility into virtual environments, companies open themselves up to a plethora of risks including cyber-attacks, data loss, compliance issues and drops in productivity – especially in today’s environment of ever-increasing and evolving online threats.

Without knowing what is happening on the virtual network, organizations are unable to detect when employees are utilizing applications or visiting Web sites that might lead to a security compromise or a drain on network performance, for example. This lack of insight complicates problem identification and resolution, potentially erasing any cost savings associated with virtual environments in the first place.

So, What Can Be Done?

To maintain a high-performance, secure infrastructure, organizations must manage and protect their virtual environments to the same level as they do their physical networks. IT teams should be able to determine: