Understanding the Key Challenges of Securing Virtualized Environments
Considering moving to a virtualized environment? Here’s what you need to take into account when protecting your new cloud-based systems.
While you may be looking at moving to the Cloud as a way to provide your business with cost-effective computing power, and to allow access to systems and software that would previously have been out of your reach, are you aware of the potential challenges around security?
Let’s be clear here, we’re definitely not saying the cloud is less secure than physical networks. However, what we are saying is that you need to change your mindset when it comes to protecting your data.
Managing security on physical servers and workstations connected via physical networks is very different to managing security on a network of virtual machines (VMs) running across a number of different servers. With this type of architecture, the traditional approach of protecting the endpoint by installing antivirus (AV), firewalls and intrusion detection software becomes completely ineffective.
For example, if you were to install AV on each VM and run scans simultaneously you would produce a huge CPU load on the host servers, creating what is known as a scanning storm. Even if you were to give those host servers more capacity this is still going to cause big problems when it comes to network and server performance.
To combat this, security providers have tried a number of different approaches, including the use of scheduling tools to enable network managers to more intelligently allocate and control resources. However, these still produce significant loads on the hosting servers, which leads to performance being degraded to unacceptable levels.
Firewalls also present their own specific challenge. Whereas protecting physical systems and networks relies on perimeter firewalls around a server or group of servers, in the cloud this approach isn’t effective as VMs can communicate across physical servers without ever accessing an external network system. This means that network attacks and malware can spread quickly bypassing any perimeter server firewall.
These issues present network managers with a challenge, but not one that is insurmountable. It just requires the use of different technologies and a change in attitude and understanding on the part of those managing the networks. For example, with firewalls, the most important requirement is to be able to isolate the VMs and place them into different security groups.
To solve this problem, 5nine Cloud Security utilizes an agentless solution that sits inside the Virtual Switch – a network filtering software that controls traffic between VMs and between VMs and the outside network. Similarly for AV, it uses a host-based solution that enables admins to maximize performance. With the addition of other functionality such as change block tracking it is able to increase the speed of scans, which increases the frequency that they can be done – ultimately making your cloud-based systems more secure.
The added benefit here is that with nothing actually inside the VM, hackers can’t disable the protection or hardware from the inside; giving you another line of defense.
The message here for network managers is simple: the cloud is different from standard physical data centers. Because of the architecture – less hardware but more VMs on that hardware – you can’t just install software onto each VM and run it.
If you are thinking of moving to a public Cloud the situation is further complicated by the fact you don’t have full access to your VMs. You also don’t have super admin rights to those VMs. This means that you need to ensure that you at least have the ability to control network traffic for those VMs and have access to logs in order to analyze them and look for potentially suspicious activities, and archive those for compliance audit purposes.
With the expanding landscape of cyber-attacks, using 5nine Cloud Security helps you to address the new challenges of effectively managing and securing Cloud environments.