Industry Innovators 2016: Virtualisation and cloud-based security
These are two sides of the same coin. On one side, we have security for the virtual, or software-defined, data center. On the other, we have security for cloud-based systems. The two are the same but different. They are the same in that they both work in a virtualised environment. They are different in that they have somewhat different challenges to address.
In a local software-defined data center there is complete control and the systems that get spun up are directly under the control of the administrator. Anything that happens in the local environment can be managed and investigated. The organisation owns the data center and, although it might be considered to be a private cloud, it is a closely contained one.
In a public cloud, the administrator does not have complete control. Because it is a shared environment, the cloud operator keeps a level of control that the administrator in a localised data centre would retain. That means that security at the level one would expect in a self-contained environment is not, natively, present in a public cloud. Moreover, the ability to investigate a breach in a public cloud is severely limited by contractual constraints. The solution to this set of challenges is the virtual network equivalent of a software wrapper. You wrap the virtual environment in the public cloud in a layer of protection and administration that, effectively, cuts off the virtual enterprise from those virtual enterprises sharing the same cloud infrastructure.
Our two Innovators in this section address the two sides of the virtual security coin. One focuses on the software-defined data centre while the other concentrates on the enterprise in the cloud. However, one trend that we are seeing more and more – and this certainly applies to our two Innovators – is microsegmentation. This allows highly granular control of security functionality and highly granular management of virtual assets.
This is an interesting and emerging group because the clear future of the data centre is in the virtual – whether private, public or hybrid clouds – and we need a reliable way to protect the data residing in these environments.