Talk to any IT manager virtually anywhere in the world today about where their IT infrastructure plans are headed and they’ll likely come back with the same answer: the hybrid cloud. And the great news is that the industry is responding by offering organizations more choice in this area than ever before. Just last month, VMware and IBM signed a major new partnership which will allow the former’s customers to extend their virtualized workloads into IBM’s public SoftLayer cloud. This follows a similar deal between VMware and Amazon Web Services.
The business and IT benefits of the hybrid cloud, and of the Software-Defined Data Center it enables, are undeniable. But in the rush to get there we must not forget about the new security challenges these next generation computing environments present. That’s why Deep Security has been designed specifically for hybrid cloud – and to work with world’s biggest cloud and virtualization platforms.
Hybrid takes off
The IBM/VMware deal is just one of many recent proof points illustrating how fast hybrid plans are accelerating amongst vendors, in response to customer demand. You’d be hard pressed to find a major cloud vendor today which doesn’t have a hybrid offering – certainly the likes of IBM, Microsoft and AWS do. Why? As far back as 2013 Gartner was predicting that 50% of enterprises would be using hybrid clouds by 2017, and even that might turn out to be an underestimate. It’s a natural choice for organizations which have dipped their toe into cloud computing with private deployments, but are now ready to take full advantage of the additional flexibility, ease-of-use and cost effectiveness of the public cloud for certain workloads.
Yet time and again the number one barrier to adoption of hybrid cloud is security. And it’s a legitimate concern, as public cloud providers will only offer protection up to a certain point. For the customer, there are new complexities to deal with which can create security gaps and system performance challenges if not properly addressed.
Unless your security is hybrid cloud-ready you may find it unable to prevent “instant-on gaps” which occur when VMs are rapidly spun up without adequate protection. You could find it incapable of protecting against major breaking zero day threats such as Heartbleed. And it could cause “security storms” which bring systems to a grinding halt unless security has been architected specifically for the cloud.
The hybrid cloud is a key component of the Software-Defined Data Center, where the entire infrastructure of the data center is managed and controlled through intelligence software systems as opposed to hardware. It means compute, storage and networking capabilities can be provisioned in seconds rather than days or weeks. But it also requires software-defined security to fully leverage these advantages.
A hybrid cloud checklist
Deep Security is software-defined and hybrid-cloud ready. In fact, our latest version has been architected specifically to extend the micro-segmentation benefits in VMware’s NSX network virtualization platform via multiple controls to deliver a new level of software-defined data center security. It’s also the most comprehensive solution for hybrid cloud installations today, featuring IDS/IPS, anti-malware, virtual patching, URL filtering, file integrity monitoring, log inspection and more.
Deep Security is designed to protect against zero day threats via virtual patching capabilities, and provide instant-on protection for each VM no matter where it is – all without any performance hit to key systems. What’s more, Trend Micro’s close integration work with leading cloud vendors such as VMware, Amazon Web Services, Microsoft and IBM means we can support all the security and compliance needs of our customers.
Beyond the security functionality, I want to highlight the following “operational” capabilities that could be a useful checklist for IT managers looking to invest in security for their hybrid cloud deployments: