August 3, 2010

Dynamic Security for the New Network Data Center

Trends ranging from consolidation and virtualization to distributed applications and user mobility are reshaping the data center, bringing enterprises significant benefits, but also creating new security vulnerabilities. Consolidating servers and other resources in data centers helps organizations boost efficiency, maximize resources, and reduce costs. At the same time, technologies such as server virtualization and distributed applications have enabled enterprises to increase business agility while also cutting CapEx and OpEx. Mobile workers extend an enterprise's geographic reach and allow for 24x7 operations.

But these trends create a range of security challenges. Consolidation results in high volumes of traffic to and from the data center, which can strain the security infrastructure so crucial to protecting enterprise assets, operations, and reputation. Virtualization results in a lack of visibility into and control over traffic passing between virtual machines (VMs) on the same server. As a result, malicious traffic can propagate unchecked between VMs and potentially onto the physical data center network. Similarly, by creating highly distributed communication patterns with multiple flows per transaction, distributed applications pose a variety of security risks as well as making it difficult to enforce access entitlements and data privacy.

Mobile workers need anytime, anywhere access to a broad array of applications, further taxing the data center security infrastructure. The ever expanding matrix of users, devices, locations, and applications makes it difficult for IT staff to ensure that access controls and other security mechanisms are applied consistently to the same user at all times. IT is also struggling to combat evolving internal and external threats, make sense of a flood of logged events, and meet compliance mandates.

To date, security in data centers has been applied primarily at the perimeter using firewalls, and at the server level by installing host-based intrusion detection, identity enforcement, antivirus, and other software agents. With virtualization, applications on the same host can communicate without accessing the physical network, thereby circumventing traditional firewalls and breaking zones of trust. Server-based security isn't scalable, doesn't encompass the range of network-attached devices in the data center, and presents major operational challenges. To protect today's data center, enterprises need a unified security layer operating dynamically across the heterogeneous and ever changing data center infrastructure.

The network is ideally suited to provide visibility into the application traffic it carries and to act as an insertion point for policy enforcement devices. As a market leader in network security, Juniper Networks understands what's required to secure the data center environment. Juniper's comprehensive product portfolio combines high capacity and scalable platforms; application fluency; identity-based access enforcement; and centralized, automated management to deliver unified threat control across both physical and virtual systems. With Juniper's dynamic security solutions, enterprises can easily secure their data centers today and well into the future, as they adopt new business models and technologies such as cloud computing to fuel competitive advantage and their future success.

Download Paper or Go To Comments/Discussion
(Webtorials registration required for downloads. Click here if you forgot your username/password.)

1 Comment

Cloud computing and virtualization are rapidly changing the normal mode of operations for most companies. But this move also means that techniques used to secure your corporate information assets must evolve drastically. In particular, there is no longer a physical "perimeter" to guard. Instead, the information is distributed, and the security must be likewise distributed.

This is an excellent paper that examines both the new security challenges for the virtualized data center and the requirements that need to be in place to meet these challenges.

This is great benchmark "must read" information, regardless of your exact choice of provider(s).

Search Webtorials

Get E-News and Notices via Email




I accept Webtorials' Terms and Conditions.

Trending Discussions

See more discussions...

Featured Sponsor Microsites



Please note: By downloading this information, you acknowledge that the sponsor(s) of this information may contact you, providing that they give you the option of opting out of further communications from them concerning this information.  Also, by your downloading this information, you agree that the information is for your personal use only and that this information may not be retransmitted to others or reposted on another web site.  Continuing past this point indicates your acceptance of our terms of use as specified at Terms of Use.

Webtorial® is a registered servicemark of Distributed Networking Associates. The Webtorial logo is a servicemark of Distributed Networking Associates. Copyright 1999-2018, Distributed Networking Associates, Inc.