Threats
facing today IT security administrators have grown from the relatively trivial
attempts to wreak havoc on networks into sophisticated attacks aimed at profit
and the theft of sensitive corporate data. Implementation of robust data center
security capabilities to safeguard sensitive mission-critical applications and
data is a cornerstone in the effort to secure enterprise networks.
The data
center security challenges does not stop there. New application rollouts,
virtualization, and an increasingly transparent perimeter are converging to
drive an evolution in the requirements for data center security architectures.
Application
rollouts bring there own set of challenges for securing communications and
applying security policy—couple this with a virtualized environment and the
challenge of policy enforcement and visibility increases many times over.
Traditionally,
the perimeter has been the proverbial shield to stop malicious and unwanted
outside traffic from leaking into the Enteprise network. Creating a secure
perimeter is still valid and essential in defending against attacks and
providing traffic filtering. But the amount and type of traffic entering the
enterprise network has increased and continues to do so. Extranet connections
for business partners, vendor connections, supply chain transactions, and
digital communications all required more openings to be created at the
perimeter to allow communication. Permitting these business-driven openings
creates greater opportunities for attack and elevates the risk to a network.
In
addition, attack vectors have moved higher in the stack to subvert network
protection and aim directly at applications. HTTP-, XML-, and SQL-based attacks
are useful efforts for most attackers because these protocols are usually allowed
to flow through the enterprise network and enter the intranet data center.
Virtualization
is driving change in the way data centers are being architected. Server
virtualization is becoming a prevalent tool for consolidation, power savings,
and cost reduction. It is also creating new challenges for infrastructure and
security teams to be able to provide consistent levels of isolation,
monitoring, and policy enforcement-similar to what is available for physical
servers and systems today.
Device
virtualization is providing new design opportunities and options for creating
flexible data center architectures. Features that provide control plane and
data plane isolation are offering a multitude of design options for device
placement, Layer-2 and Layer-3 designs, and service integration.
The data
center provides the critical application services for business operations. New
architectures that leverage device and server virtualization are enhancing the
data center capabilities while increasing the availability of these services.
Using careful planning and best practice techniques, integrating security with
these next-generation architectures can support this effort—without creating a
hindrance. By properly planning and leveraging these new capabilities, scalable
security solutions can be leveraged to increase service availability and create
a more secure environment for the critical information residing in the data
center.
Contact us at: info@liteglobal.com
No comments:
Post a Comment