Virtualization and the cloud can do good things for a company's bottom line, but they also create additional challenges, especially when it comes to security. The very same flexibility, agility, and on-demand scalability that make virtualization and cloud so attractive to enterprises also complicate security deployments.
Misha Govshteyn, co-founder and chief strategy officer of security-as-a-service vendor Alert Logic, spoke to Enterprise Networking Planet about those complications, what cloud security vendors must provide, and why the security industry remains one of the last parts of the infrastructure stack to move to the cloud.
Flexibility and scalability in cloud security deployments
While the challenges Govshteyn listed happen to coincide nicely with Alert Logic's strengths, they do ring true for today's virtual data centers and enterprise cloud deployments.
Most of the challenges, Govshteyn observed, originate in the ephemeral nature of cloud environments. "Cloud environments change pretty dramatically," he said, citing as an example Amazon Web Services, in which "we frequently see customers increase their footprint two- to threefold during the day and then get much smaller at night."
"It is very difficult for security vendors to address that unless they have the kind of virtualized security infrastructure that can auto-scale with the cloud environment. Virtualized security that moves in lockstep with virtual mobility and autoscaling is a necessity."
Alert Logic addresses this problem through tight integrations with the major providers. The company worked closely with VMware to integrate its NSX network virtualization technology, for example. NSX provides Alert Logic with increased visibility into network traffic for the identification of network threats: Alert Logic can capture traffic at the hypervisor level and also scale monitoring capacity in tune with the growth of the VMware environment.
Big Data, the complex security landscape, and automation's role
Today's increasingly agile and active virtualized and cloud-hosted environments produce a significantly greater amount of network traffic and, therefore, data for security administrators and providers to sift through. Alert Logic, Govshteyn told me, has over two pedabytes of customer log data.
"That's a lot of data that we crunch through to tell clients what is relevant, security-wise, in their logs," he said, naming Big Data as another problem that cloud security vendors must solve. It isn't enough to store the data. Those in charge of security, whether they be managed service providers like Alert Logic or in-house security admins, must be able to "turn that into actionable intelligence, which is an area where we're investing a lot of time and money," Govshteyn explained.
The complexity of the security landscape doesn't make this easier. A quick glance at network security reveals a diverse array of often-siloed solutions, some software, some hardware. These solutions frequently add even more data to the pile of Big Data demanding analysis, and that's just if they integrate well into the cloud security architecture in the first place. In many cases, these solutions are simply confusing and problematic to deploy in cloud environments.
Cloud security providers must work to "simplify security in general," said Govshteyn, making security easier to scale and consume.
Alert Logic aims to do just that by giving customers tools for automated deployment of their services, in the same way that customers might deploy virtualized compute or storage infrastructure. "We've built a large number of APIs to do this. The same tools you see used in DevOps, such as Chef and Puppet, are the same tools you can use" with Alert Logic, he said. Security vendors need to make their cloud offerings "as deployable as compute and storage," Govshteyn added.
Why cloud security lags behind
In Govshteyn's opinion, the security industry has lagged behind other parts of the network stack when it comes to the cloud not because of data privacy concerns, but simply due to the inertness of the industry. "There are still very few major security vendors that have viable and credible cloud offerings," he said, leaving a lot of room for startups to dominate the space. Traditional security vendors "are going to be hampered by a lot of legacy products," Govshteyn said.
He looks forward to more competition. The limited options in the market have been good for Alert Logic's business, he concedes, but "more competition in the space—even though we'll have more to contend with—is better for us, because it will accelerate overall cloud adoption."
"If an enterprise wants to move to the cloud more rapidly, they may not be able to because security isn't there," he said. If Alert Logic and its competitors have anything to say about this, though, that will quickly change.
Jude Chao is executive editor of Enterprise Networking Planet. Follow her on Twitter @judechao.