The way we consume data has changed, and consequently data centre environments have had to undergo a transformation. Management of the infrastructure has become far more complex thanks to the need for higher speeds; increased virtualisation of servers, the network, as well as network functions; and ever-increasing volumes of data. While this presents a number of challenges, one of the biggest arising is: how to secure such dynamic environments?
The legacy approach of connecting security appliances directly to the network at various points will no longer offer the required protection. Instead, data centre managers urgently need to find a new approach towards securing their networks.
Security challenge
The scale and magnitude of breaches in the Middle East is forcing the entire industry to rethink how security is deployed and managed. Traditional approaches have been based on the idea that threats originate from outside the network and perimeter defences are sufficient to keep them out.
This is no longer the case, and it now has to be assumed that threats have already breached the perimeter.
Traditionally, security architectures have revolved largely around terrestrial networks with fixed and predictable traffic patterns. As such, most firewalls, IPS, DDoS prevention systems are placed at data centre ingress points where traffic flows from the north (internet) to the intended destinations in the south (server farms). This being the case, access to the traffic and the means to control it is relatively easy to achieve — but that isn’t how it works anymore.
In the Middle East, as cloud infrastructures and virtual machines have invaded the data centre, they’ve dramatically changed both the traffic flows and the ability to secure it thanks to resulting blind spots and unpredictable points of connectivity. Traffic patterns have moved from north-south to east-west as servers and virtual machines talk to each other and to database systems, storage systems, and other applications within the data centre.
Take a visible stance against threats
While most are now aware that legacy, perimeter solutions are no longer up to the job, and the industry begins to shift towards looking within the network for malware, the focus has been on increasing the sophistication of security solutions without much thought given to deployment architecture. However, fundamental to tackling data centre security today is a structured architectural approach that delivers traffic visibility for a multitude of security appliances in a scalable, pervasive and cost-effective manner.
A visibility fabric provides an effective architectural approach. With this in place, security appliances no longer have to reach into the network at specific locations, nor contend for access to network traffic. They don’t have to deal with multiple network interfaces or the uncertainty associated with changeable environments. The fabric connects into the network, across physical and virtual infrastructures and delivers traffic from across the network infrastructure to the security solutions. Security appliances simply connect to the visibility fabric, at whatever interface speeds they are capable of, and are delivered a high fidelity and relevant traffic stream from across the network infrastructure.
By taking an active approach to visibility, data centre managers in the region can remove the guesswork of where to place security appliances, eliminate blind spots, and ensure a consistent source of packet and flow data to maximise security and fend off today’s advanced threats.
— The writer is the director of security solutions at Gigamon
