Virtualize Securely - VM Introspection and Automated Security in Action

Johnnie Konstantas

Subscribe to Johnnie Konstantas: eMailAlertsEmail Alerts
Get Johnnie Konstantas: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Blog Feed Post

Virtualize securely… in the cloud

Make sure you’ve considered your security posture before virtualizing your workloads and jumping into the cloud.

It is not surprising that operational efficiency is a top priority in organizations today. Many teams and budgets have been pared back dramatically, leaving virtualization as one of the few remaining opportunities to get even leaner. Taking servers to a virtual platform not only cuts data center operating expenses, it eases the infrastructure management burden. For example, virtualization allows administrators to provision servers and apps in seconds.

Virtualization also serves as the perfect cornerstone for cloud computing. As Gartner analyst Thomas Bittman wrote in the October 2009 report titled Server Virtualization: One Path That Leads to Cloud Computing (subscription required).

“Strategically, server virtualization is an IT modernization catalyst that will change how IT is acquired, consumed, managed, sourced and paid for. Virtualization will even change how businesses innovate and grow. Done well, server virtualization makes fundamental changes that can lead an organization down the path of private and public cloud computing.“

So, we’ve established that virtualization can certainly play an important role in public or private clouds. What about security for the virtual environments in the cloud? First, it’s important to understand that security for virtual environments is different than security for physical environments as reported by CNET Blogger Dave Rosenberg. And the cloud provides an additional layer of considerations. Here are two reasons to consider security sooner rather than later for your virtualized data center (in the cloud or otherwise):

  1. Visibility & Control – Network security devices will show you the protocols and applications present in your virtual environment. You should be able to use the information to deal with top bandwidth consumers, either giving them the resources they need or if it’s gratuitous traffic, cutting it altogether.
  2. Compliance – Exposure here will vary depending on the industry in which the virtualized environment operates. If you’re subject to compliance mandates with teeth, access control is mandatory. While the benefits of virtualization and the cloud include freeing resources and applications from physical servers and rigid networking, you lose the fine-grained segmentation you once had in a traditional physical infrastructure and network environment. You need to restore some of those controls in order to limit access to the right persons and to control and monitor administrative privileges – a basic requirement of most regulations (i.e. SOX, HIPAA, FISMA, ISO 2700).

Bottom-line – there are great benefits to be had by virtualization and the cloud. Not many can argue against streamlining operations with an architecture of nearly limitless scale and flexibility. But make sure you’ve considered your security posture before virtualizing your workloads and jumping into the cloud. If not, you may end up all wet.

Read the original blog entry...

More Stories By Johnnie Konstantas

Johnnie Konstantas heads Gigamon’s security solutions marketing and business development. With 20+ years in telecommunications, as well as data and cybersecurity, she has done a little bit of everything spanning engineering, product management and marketing for large firms and fledglings.

Most recently, she was the VP of Marketing at Dato, a company pioneering large-scale machine learning. She was also VP Marketing at Altor Networks (acquired by Juniper), an early leader in virtualization security and at Varonis Systems. Past roles have included product management and marketing for Check Point, Neoteris, NetScreen and RedSeal Systems.

Johnnie started her career at Motorola, designing and implementing large-scale cellular infrastructure. She holds a BS in Electrical Engineering from the University of Maryland.