I think one of the most daunting discussions to have about cloud security is that there is a perception that security folks need to rip everything out and buy all new technologies to secure their virtual environments. The problem with this logic is that there is still a fundamental backbone of traditional security that needs to be in place, cloud security is really a way to augment and extend these capabilities. The easiest way to start the transition is by leveraging hybrid solutions that protect both physical and virtual environments such as next-generation firewalls and IPS. One of the leading next-generation technology vendors leading the charge in this transition is Sourcefire, most well known as the developers of Snort, an open-source intrusion detection engine. Continue reading
When firewalls were first designed, their role was to control traffic between network segments and physical hardware. As we move into greater adoption of cloud and virtualized infrastructure, the physical design of the network becomes less dominant, largely due to the collapsing of physical servers into fewer virtualized servers. This means the main source of security control needs to also be adapted as the threats start to move to the individual VMs residing in servers, especially when multi-tenancy is utilized. This means that the logical barriers segregating virtual machines become the concern for firewalls, not just the network around the physical server. So how do you protect the inter-VM traffic when a traditional firewall cannot see traffic beyond the physical NIC card of the server?