Cloud-based applications have continued to grow exponentially. The majority of people are now interacting with cloud-based data and applications in one way or another, likely through social media such as Facebook, LinkedIn, etc. This comfort level is extending to business applications as well. IT and security professionals are faced with a growing push from their business users to provide access to a range of cloud applications. This growing wave of interest in the cloud has led to the continual evolution of the data center where the cloud is now a key environment. The most effective data centers today are built on a secure foundation that is able to protect physical, virtualized and cloud environments.
It has been estimated that 90% of organizations will have some sort of cloud deployment by 2015. Organizations are initiating projects to establish an Infrastructure as a Service (IaaS) deployment. These projects can be done as an extension to the current data center or as stand-alone projects for specific business units or applications. Security requirements are most often derived from the shared responsibility modelof the cloud service provider (CSP) (i.e., VMware vCloud Hybrid Service, AWS, Microsoft Azure, VMware vCloud Hybrid Service) plus any application-specific compliance or security requirement.
Shared Security Responsibility Model
Cloud service provider is responsible for the security of the following areas:
- Physical infrastructure
- Network infrastructure
- Virtualization layer
Organization is responsible for the security of:
- The operating system
- Any applications
- Your data
As organizations plan and evolve their modern data centers, they are looking to take advantage of platforms they trust and to work with partners with whom they have established strong relationships. VMware’s leadership in the virtualization space is a great example because they are now able to help their customers move to the cloud. The natural next step for VMware customers who have virtualized environments is to incorporate the cloud by leveraging VMware vCloud Hybrid Service or other IaaS leaders such as AWS and Microsoft Azure.
A key requirement for a successful modern data center is the ability to ensure it is secure across all environments, including cloud deployments. The modern data center today is complex and requires advanced security capabilities such as intrusion detection and prevention, anti-malware, integrity monitoring, vulnerability scanning and firewall to simplify security operations while enabling regulatory compliance and accelerating the ROI of virtualization and cloud initiatives.
Trend Micro continues to build on the investments we have made in platforms such as AWS and Microsoft Azure by extending our support to VMware vCloud Hybrid Service. Trend Micro™ Deep Security features a comprehensive platform for security controls and policies managed across physical, virtual and cloud environments. Deep Security for vCloud Hybrid Service allows customers to fulfill their security responsibilities by easily extending on-premise security to their cloud workloads. By leveraging Deep Security’s interoperability with VMware vCloud Director and other VMware technologies such as NSX, administrators can automatically detect virtual machines (VMs) and can apply context-based policies to them for consistent security across the data center and into the public cloud. Organizations will benefit from features such as virtual patching, which shield the VMs from vulnerabilities, decreasing risk and reducing patch management overhead.
The key thing to remember as you transition some of your critical data and applications to the cloud from physical and virtual environments is that your security strategy must evolve, too. These are a few key features to look for as you make the transition:
- Comprehensive set of security capabilities for both servers and applications in physical, virtual and cloud environments.
- Single, modular security platform with automatic policy and lifecycle management to reduce cost and complexity.
- Availability as software or as a service, integrated with leading virtualization and cloud providers, and certified for leading infrastructure providers.
The modern data center includes cloud as a key supported environment, and it should be a natural, secure extension from your existing virtualized environment.
In my next post, I’ll share some insights to help you automate your data center for operational efficiency. In the meantime, to learn more about how to optimize your data center with new technologies, check out my last post.