Industry Solutions and Trends
Technology is more than just networking and Juniper experts share their views on all the trends affecting IT
NigelS

Bringing Data Center Security out of the Shadows

by Juniper Employee ‎08-08-2012 03:48 AM - edited ‎08-08-2012 06:03 AM

In my first blog in this series ‘Cloud Security – what’s all the fuss about’ I introduced the concept of clean clouds and the need for a comprehensive end to end security architecture. In this blog I look at the Data Center aspects of secure cloud services.

 

Unlike the continual advances seen in the areas of compute and storage, the data center network has until recently languished in the tree topologies first deployed in campus networks ten or more years ago. Anyone remember ‘collapsed backbone’ architectures? If you do, you’ll get my point!

 

These tree topologies have long been the ‘marketecture of choice’ for switch vendors; ideal for positioning an array of platforms and ultimately more boxes into their solutions. Today however, most of us have realised that although the earth may not be flat, it should be; at least where data center networks are concerned.

 

But flat architectures are not just about performance benefits; any to any single hop and low latency connectivity. What may be less apparent is the impact a flat architecture has on the security services of a modern data center. Cutting down the number of tiers inherent  in tree topologies can have a marked impact on the deployment of security technologies.

 
For physical security devices, a flat architecture has the effect of expanding the footprint of a single appliance. Whereas in previous deployments the security appliance could only enforce and protect within the ‘shadow’ it cast over its particular branch of the network, appliances can now be used to enforce policy across the entire data center.

 

 Picture11.png

 

Fig 1: Removing Service Shadows with a Flat Network Architecture

 

What was once the remit of multiple smaller appliances now becomes the responsibility of fewer, more powerful appliances and is changing the way vendors are building security technology for the data center.

 
In addition to the physical appliance, recent innovations in virtual security appliances operating within the hypervisor means that an integrated security policy can be deployed and managed consistently across the physical and virtual domains, independent of the location of the application within the network architecture.

 

This ability to extend the reach and integrate physical and virtual security enables service providers to fully leverage the agility implicit within a dynamic, virtualised data center and releases the full potential of application services in a multi-tenant, customer facing service environment.

 

In the videos below, Georgina Schaefer of Juniper talks about the security challenges posed by the modern virtualised data center and Andrew Buss of Freeform Dynamics gives his view on the opportunity for service providers.

 

 

              Data Center Security                           Analyst Headlines                                   Behind the Headlines

 

Next month I’ll be looking at the access security trends relating to cloud services.

 

You can find out more at Junipers Cloud Security web site at www.juniper.net/cloudsecurity and on the Juniper YouTube channel http://bit.ly/JuniperCloudSecVids

 

Nigel Stephenson

 

Head of Cloud and Managed Services Marketing, EMEA

 

References:

Juniper End to End Cloud Security Web Site. 2012

Labels
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.