The Changing Face of Data Center Security
Today, Cisco released Part 3, the final results from its Connected World Report, an international study on the expectations of workers in accessing social media and corporate information, and on the views of IT professionals about these trends. Part 3 is focused on data center, cloud computing, and virtualization trends. To view all results from the study, visit the Cisco Connected World Report.
Commissioned by Cisco and conducted by the market research firm InsightExpress, the study involved 2,600 workers and IT professionals across a variety of industries in 13 countries, and revealed many interesting trends.
In Part 3, IT respondents named security the number one concern for incorporating greater virtualization within their data center. Also more than half (52%) of IT respondents worldwide said they have already incorporated cloud computing in their IT plans.
We’re witness to several parallel (r)evolutionary shifts in Enterprise computing today, ranging from the virtualization of hosts and services in our Data Centers, to the roller coaster adoption of cloud in its many forms and configurations, to the rise of an increasingly mobile, connected workforce… all of which is changing the way our users, customers and partners interact with information through new and interesting exchange models. All of this is being done through an ever-increasing number of IP-enabled devices — ranging from smart phones to tablets to laptops — which are increasingly not owned or maintained by the enterprise.
While these changes are both dramatic in some instances and daunting in others, they also illustrate the need to revisit how we think about our Data Centers, from the way we define them to how we protect them.
- New capabilities — Virtualization brings with it more dynamic capabilities (such as dynamic instantiation, vmotion, load-balancing, etc.) that need to be accounted for in how we think about secure configurations, routing policies and regulatory compliance assurance.
- Data Center Re-Perimeterization — Operating in a borderless world, the logical Data Center perimeter needs to be rethought as its role expands to absorb certain functions the network perimeter used to perform, as well as assume a new role of border guard to manage a higher number of transactions at all layers of the OSI model. Our Data Centers both expand and shrink to become an increasing microcosm of the organization, where virtual desktops reside beside virtual services and applications, and interact and move more actively between boundaries, both logical and physical.
- Data Centricity is Key — This also requires increased segmentation and knowledge of the systems and data that inhabit the Data Center itself (through better classification models, crown jewel sub-netting and high-fidelity administrative access control), as well as a need to better understand behaviors and dependencies that exist between services and systems in this new transactional resource/consumer economy.
Through it all, security systems and services – from IPS to DLP to NetFlow monitoring – will have to be more attuned to dynamic behavioral change in the “living” Data Center, and in turn know the right rules, policies and events to alert and alarm against.
So, welcome to the New World…
To see the latest findings from the Cisco Connected World Report, please visit: http://newsroom.cisco.com/dlls/2010/ts_101910.htmlTags: