NATIONAL HARBOR, Md. -- The rush toward virtualization of internal enterprise computing resources and cloud computing can have many advantages, such as server consolidation, but it's largely outracing traditional security and identity management practices. That's leaving huge gaps, a sense of chaos and questions about where security products and services should be applied in the world of multi-vendor virtual-machine (VM) hypervisors.
"Virtualization will radically change how you secure and manage your computing environment," Gartner analyst Neil MacDonald said this week at the annual Gartner Security and Risk Management Summit. "Workloads are more mobile, and more difficult to secure. It breaks the security policies tied to physical location. We need security policies independent of network topology."
Gartner estimates almost half of x86-based server workloads are virtualized today, with VMware the clear market leader, but with Microsoft Hyper-V on the rise and Citrix a contender. Gartner advocates that enterprises plan to move to a private-cloud architecture. But at the same time, the consultancy acknowledged management tools and security really haven't risen to meet the occasion.
GARTNER ANALYSIS: IT should be planning, moving to private clouds
"The hypervisor will be less secure than the physical systems they replace," MacDonald said. "The integrity of that bottom layer is paramount. The hypervisor layer you don't want compromised."
Today there's often a "lack of visibility and controls on internal VM-to-VM communications," said MacDonald. "Should VM No. 1 be talking to VM No. 3? How do you know they're not attacking? The traffic never comes out onto our physical network." Some companies are willing to live with this uncertainty, others not, MacDonald said.
But it's questions such as these that demand to be addressed to find out what options exist to tackle virtualization and cloud security. In MacDonald's view, there needs to be a wide range of security controls in the VM, such as virtual firewalls, intrusion-prevention systems and antivirus, in addition to load balancers and traffic shapers.
Increasingly, vendors such as Altor, Cisco, Juniper, IBM, Hytrust, HP, Enterasys, McAfee, Catbird, StillSecure, Sourcefire, Reflex Systems and StoneSoft are offering virtual-appliance options for firewalling, monitoring and intrusion-prevention, for example. For the VMware platform, "Check Point has gotten furthest along," said MacDonald. "After a slow start, finally the big security vendors are making progress on their virtual-security controls."
