Security & Mobility Now
Security is top-of-mind everywhere, especially right here where Juniper experts share their thoughts on the latest security breakthroughs and product advancements
Ashwin

Holistic security in a physical, virtual and everything in between world

by Juniper Employee ‎03-02-2012 10:35 AM - edited ‎03-02-2012 10:48 AM

With virtualization being the trend du jour, the prevailing wisdom dictates that transforming everything that is physical into a virtual model is based on sound economic judgment. While the economic benefits of virtualization are virtually (pun intended !) unassailable, there is definitely some thought that needs to be focused on how todays physical world can interplay with a virtual one. Lets take the case of security. For years, the traditional data center firewall vendorsJuniper includedhave been offering faster and faster hardware gear to keep up with the feeds and speeds of the data center. In addition some hardware vendors have proffered up a virtualized instance of their physical firewalls. There is also a new category of hypervisor based security that has emerged over the last couple of years for securing inter-VM traffic. Not to be outdone, the virtualization infrastructure vendors are drawing up boundaries of security zones that encompass compute, storage and web tiers and calling this the new security boundary, within which traditional security paradigms like firewalls, intrusion prevention systems etc. can reside protecting each of these confines. What is sorely missing in these various individualized security offerings is a coordinated way to offer protection that is holistic yet uncomplicated and addresses real world needs. For instance, most data center customers today have physical security hardware investments and a degree of server virtualization. If they now decide to purchase virtual firewall licenses and hypervisor based securityhow then do these three security investmentsphysical, hypervisor and virtual -- play together? For the outside-in threats, does the physical security have the capability to scale? For the inter-VM threats that are detected by the hypervisor firewall, does the physical security device need to be made aware of the same? Does east-west traffic between server boundaries need to be secured by physical, virtual or hypervisor firewalls, or all of the above? Does the new security boundary that is being defined by the virtualization infrastructure vendors cause security sprawl by having security functions instantiated in each virtual boundary rather than consolidated at the edge in a physical instantiation?

In order to win business, vendors must leverage their customersinvestment in physical firewalls by coupling them with newer security solutions that server virtualization demands to provide a total solution that builds on both physical and virtual security.

Post a Comment
Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
About Security & Mobility Now

Discussing a wide range of topics impacting enterprises and
data center security.

Subscribe RSS Icon

Our Bloggers

Kyle Adams
Senior Software Engineer

Profile | Subscribe

Ritesh Agrawal
Director
Software Engineering

Profile | Subscribe

Erin K. Banks
Senior Technical Marketing Manager

Profile | Subscribe

Ajay Bharadwaj
Product Manager

Profile | Subscribe

Michael Callahan
Vice President
Product Marketing

Profile | Subscribe

Scott Emo
Director
Product Marketing

Profile | Subscribe

Mora Gozani
Senior Manager
Product Marketing

Profile | Subscribe

Ashur Kanoon
Sr. Manager
Technical Marketing

Profile | Subscribe

Seema Kathuria
Manager
Product Marketing

Profile | Subscribe

Kevin Kennedy
Senior Director
Product Management

Profile | Subscribe

Dave Killion
Software Engineer

Profile | Subscribe

Rebecca Lawson
Senior Director
Product Marketing

Profile | Subscribe

Rajoo Nagar
Senior Manager
Product Marketing

Profile | Subscribe

Erin O'Malley
Manager
Product Marketing

Profile | Subscribe

Galina Pildush
Strategy & Planning
Architect

Profile | Subscribe

Edward Roberts
Director
Product Marketing

Profile | Subscribe

Bill Shelton
Director Field Sales

Profile | Subscribe

Ashutosh Thakur
Product Line Manager

Profile | Subscribe

Troy Vennon
Software Engineer

Profile | Subscribe

Brad Woodberg
Product Manager

Profile | Subscribe

Labels
Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.