Peter Stephenson, technology editor, SC Media
Peter Stephenson, technology editor, SC Media

This has been a strange and interesting month.  Our regular readers will note that we have the smallest crop of products, probably ever. There is a reason for that.  The field of cloud-based security is small, new – emerging, really – and is trying to define itself. It has been just recently that we have taken it from and Emerging group to our mainstream group reviews. So, watch this space.  Over the next couple of years this will become one of the most important categories at which we look.  There are reasons for that as well.

Recently there have been some predictions by experts who watch this market carefully. Noting the emergence of swarmbots and hivenets plus the growth of hacker research into the malicious use of AI, we have seen opinions ranging from bot swarms that wage cyber warfare on their own to malicious software that hides inside your enterprise and educates itself on how your network, your users and your applications behave. These analysts opine that the only way to win against these technologies turned against us is to counter with the same technologies.

Perhaps, or, perhaps not. Whatever turns out to be our future, it is certain that we already are at a point where humans cannot manage the threat level or the proliferation of malicious software that can hide unnoticed somewhere in a large enterprise. In this case – sort of as a prelude to the more dramatic predictions – it takes a machine to know a machine and since we are moving at breakneck speed to the cloud, cloud-based security is becoming a must.

There are, currently, a couple of approaches to cloud-based security. One is taking the functionality of the physical data center and recraft it for the cloud, virtual systems and hybrid enterprises. By this we do not mean new wine in old bottles. This is a total redesign with the suitable objectives in mind and healthy helpings of AI and advanced algorithms. It just takes into consideration what security paradigms – learned, often painfully, in the physical data center – must shape the objectives of such a security stack. Certainly, compliance is going to be one of the leaders of the pack.

The second approach is, rather than thinking outside the box, removing the box completely from the picture. This means, perhaps, carving out a niche and focusing on it. We have an excellent example of that this month in our First Look. In this case, however, it turns out that the niche is technological.  The outcome is exactly what is needed.  It simply is done differently than any other system does cloud-based security. As a general case we are increasingly seeing the use of microsegmentation. This approach allows better security but, as important, it facilitates far better performance since it segments the cloud based upon some finite piece of the overall deployment – such as an individual workload – rather than by platforms which can proliferate ad infinitum.

There are some important must-haves in cloud-based security.  One is that it is, almost by definition, next generation. That means advanced algorithms, ability to handle big data, rapid – practically real time - response to change and a few other tasks that are emerging as the marketplace matures. Another is the ability to learn the state of the enterprise and sense malicious state changes. Of course, any security system must be policy-based, operationally at least. That means that whatever is going on under the covers the results must be based upon policy drivers. Finally, it cannot be constrained by enterprise architecture. Enterprises today are in the public cloud, private clouds, software-defined data centers, hardware data centers and hybrid architectures.

Evaluating a new generation of tools never is easy.  This is no exception.  If anything, these products are harder to evaluate than products you may be used to. This is because we really don't know all the questions to ask yet. You can't get reliable answers without asking the right questions. Our advice is to start at the end.  What do you need to accomplish, what does your enterprise look like, what do you have in place? The answers to these questions will help define the rest of your approach.

Our products this month, while few in quantity, are big in power. They also are very different so of the three we are showing you we will pick a Best Buy and the other two will be Recommended.