As more and more businesses move towards virtualization, physical data centers are going the way of the Buffalo. Once a data center has been virtualized, an integral part of the network is moved from the physical island of computing resources into the virtualization software. Inspecting traffic is more challenging when it is self contained in a virtual environment, and as a result, security is all too often voted off the island.
As data center virtualization scales, there are 3 critical security roadblocks your organization needs to address:
1. Network policy and service level assurance
Once data has been transferred to a virtualized environment, the previous network policies must be adjusted. Typically, network policy configuration is tied to a physical port, but with virtualization, machines move across physical servers and are no longer bound by static policy configurations. This has the potential to cause serious network and security problems, especially for businesses that fall under strict compliance rules.
To combat this, companies must configure their environment so that when virtualized traffic shows up on a port, its policy can be looked at and adhered to properly.
2. Management blind spots and network outages
The majority of today’s security tools are based on IP addresses instead of identity, which means that application and network activity must be tied back to specific individuals, servers, or devices. In virtualized environments, the physical boundaries once created by the island stacks are no longer there, resulting in management blind spots.
In response, organizations should employ an identity-centric strategy, where IT teams can follow users and applications across data center resources and track back at a granular level if an incident or threat occurs.
3. Security loopholes and unprotected data
Most traditional security tools rely on physical boundaries, and those boundaries are broken once things are moved out of the data center and into a virtualized environment. While many enterprises are still trying to make do with their old security safeguards, physical environment–based security solutions cannot differentiate between physical and virtual resources.
Instead, IT teams must embrace a new security model that replaces physical trust boundaries with virtual ones, in order to provide seamless, secure user access to applications – anywhere at any time.
Ultimately, in order to fully benefit from the agility and cost efficiency that virtualized and cloud environments provide, enterprises must change the way they think about security. Security solutions have to understand the virtual environment, and policies must migrate with VMs as they move from server to server.
McAfee now offers an enhanced Network Security portfolio to help organizations solve some of the critical challenges of virtualization. Through third party integration, businesses can address the complex needs of their virtual data center environments and create a scalable, available, simple and secure virtual data center that is ready for cloud computing.
To learn more about McAfee’s next generation Network Security platform, read our full whitepaper with partner Brocade, Solving Critical Challenges of the Virtualized Data Center, and be sure to follow us on Twitter at @McAfeeBusiness.
By Tyler Carter