Content

Cloud-based security management

The growth of the software-defined data center demands a software-defined solution for the problem of managing the security of cloud environments that are unique to the organization. While the generalized architecture of a cloud-based enterprise may be fairly well understood, in fact each enterprise is different. This is no real change from the traditional hardware data center. One size never has and, likely, never will fit all. That demands a level of flexibility in management - and, especially, security management - schemes. That's the bad news.

The good news is that the software-defined data center offers a lot of flexibility and a good cloud-based security management system can have equal flexibility. That is what this month's products are all about. Their job is to manage the security of a cloud-based enterprise, no matter how complicated, geographically disbursed or diverse in its privacy and security requirements.

It used to be that we thought of clouds as public, private and hybrid. While that still is true, it's a bit more involved for today's enterprises. For example, part of the enterprise might be in one public cloud, one in another, and there might be a virtual environment in the organization's data center. All of these environments must work together, efficiently and securely.

Carrying the use case a bit further, consider that the part of the software-defined data center that is in the virtual environment on premises contains sensitive data, while the other two - the ones in the public clouds - contain applications and data that is not as sensitive. But - and here's where one of the common challenges appears - the cloud applications must access the sensitive data for some people from partiicular locations due to international privacy laws. How do you manage all of that? Again, that's where this month's tools come into play.

To be effective, the tools must, themselves, be in the cloud. However, there are some combinations of "in the cloud" and on premises that work well, too. Another consideration is where - if at all - you place either sensors or agents. That, of course, depends on what you are trying to control. If you are largely interested in network device configuration, then you might want sensors. If you are more concerned with servers, you'll need agents on the servers.

The next consideration is what you want to manage. Think of what you would want to manage in a hardware data center. Some things that you might like to manage in a hardware environment are a bit awkward, but in the cloud, it can be a lot easier. Before you start thinking about which tool set you want, figure out what you need to have it do. Don't forget that, at the rate things are maturing today, change is inevitable, so you want to be sure that you can grow as your software-defined/cloud-based enterprise matures and grows.

Laws are changing rapidly as well. If you are an international or multinational organization, you may need to address privacy laws in the EU. As the EU, by some accounts, begins to unravel, laws that affect how you secure PII will certainly become more complicated. So be sure that you can accommodate changes that are very difficult to anticipate.

Finally, we are seeing a trend toward supporting fewer and fewer legacy applications, including operating environments. Be sure that you can move forward in that environment without having to rip and replace your management system. Along with that comes the proliferation of operating systems. Today's data environments are likely to be a mix of MS Windows and Linux. Will your security management system accommodate both? You may not have Linux today but you may add a server or two if it becomes necessary to support applications that run in Linux only. The natural extension of this is the cloud/virtual environment itself. In the case of the virtual environment, what is your hypervisor and will your choice of a management system accommodate it (does it need to, and if so, how?) as well as a potential switch in the future? Equally, what is your choice of cloud and will your management system keep up with your choice(s)?

All of these are important questions to ask as you select a security management system for your cloud/virtual space. The answers are not always straightforward. We noted that some of the tools we looked at were pretty close to being point solutions. So you may need to consider more than one tool set to get your particular job. That is not always optimal since you will have multiple panes of glass, something that most SOC/NOC teams are trying to avoid.

Specifications for cloud-based security management tools   =yes   =no

Product

FireMon

GuardiCore

CloudPassage 

Catbird

Scalable secured connectivity 

to the cloud

Microsegmentation

Adaptive automation

Dynamic analytics across entire 

cloud footprint 

Deception network

Honeypot


Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.