White Paper. Architecting the security of the next-generation data center. why security needs to be a key component early in the design phase

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "White Paper. Architecting the security of the next-generation data center. why security needs to be a key component early in the design phase"

Transcription

1 White Paper Architecting the security of the next-generation data center A White Paper by Bloor Research Author : Fran Howarth Publish date : August 2011

2 teams involved in modernization projects need to factor in security into the design phase of data center builds Fran Howarth

3 Executive summary Due to the increase in the adoption of productivity and collaboration tools, and due to pressures to make mobile and other smart computing devices network ready, the workload on IT has increased exponentially. Data centers that house the systems necessary to support the organization have grown in scale and complexity. Much of this growth has occurred in an ad hoc fashion, with new systems added as required, including point security controls to address challenges as they have occurred. This introduces multiple inefficiencies, including low levels of resource utilization, and makes re-envisioning security within the data center infrastructure a challenging, yet necessary, task. Because of these factors and because the majority of organizations face budgetary constraints that force them to try to do more with less, a high proportion of organizations are looking at modernizing their data center infrastructure through consolidation, virtualization and by leveraging the cloud. The resulting architecture is very different to that seen previously, comprising a mix of both physical and virtual systems, and this has far-reaching implications for security. In traditional data centers, security controls can be applied to each physical system and systems with different levels of criticality or those that contain the most sensitive data can be physically separated. This is no longer the case for nextgeneration data centers where virtual resources cannot be compartmentalized in the same way and security controls can no longer be tied to physical resources. Instead of a disjointed, siloed approach, with all its inherent inefficiencies and liabilities, a federated security model is required, with security policies and controls tied to each resource, physical or virtual, and based on context and identity of each resource, not on the physical machine on which it resides. The traditional strategy of bolting on security controls cannot work in a dynamic, highly interconnected data center environment. What is needed is in-depth, integrated security controls that span the entire infrastructure, covering physical, virtual and cloud environments. This can only be achieved if security is built into the very design of the data center, whether ground up, or during a major upgrade or refresh as part of the very fabric of the data center design. Therefore, security must be part of the design considerations from day one. This document is aimed at those looking at data center builds, upgrades or consolidation. It provides an introduction to some of the new security challenges of such environments and provides recommendations for implementing security in next-generation data centers. Fast facts Security needs to be built in at the design stage during key inflection points as data centers are built out, virtualized or upgraded and must be applied consistently across all systems in a hybrid environment that spans physical and virtual systems, as well as cloudbased computing. While the chief goals of data center modernization projects are to enable the business by being able to accommodate rapidly changing business needs, whilst reducing operational complexity and cost, risk and compliance obligations must also be prioritized. Organizations embarking on data center modernization projects should look for an integrated set of security controls that provide common, federated management and reporting across hybrid environments that may include extensions to private and public clouds. The bottom line Many security challenges are new and evolving and those engaged in data center modernization projects need to understand them before such projects are implemented so that security is planned and built in, rather than bolted on as an afterthought. Achieving effective security across next-generation data centers that are a hybrid mix of physical, virtual and cloud environments will enable the business by improving its ability to offer dynamic services that are always available, and that are resilient and secure. This will improve the capability to manage risk, apply and enforce consistent security policies, and to achieve compliance objectives. A Bloor White Paper Bloor Research

4 Data center modernization According to the Uptime Institute, demands on data centers double every five years and demand for storage is growing even more rapidly. Data centers are also increasingly inter-connected and linked to the outside world as organizations embrace new technology delivery models such as software as a service and cloud computing to drive down capital expenditures and must cater to the needs of the always-on mobile generation of workers connecting to resources via smartphones. Because of factors such as these, as well as the ongoing need to streamline new business processes, reduce operational costs and further improve efficiencies through automation, many organizations are looking to consolidate and upgrade their data centers. According to a recent survey by Network World, 62% of respondents are planning or are engaged in data center upgrades. One key area in which organizations are looking to modernize their data centers and reduce expenditures is through virtualization, which means that capital expenditures on physical systems can be reduced. According to consultants McKinsey & Company, most servers in data centers use just 6% of their available capacity. With virtualization, utilization rates can be driven up considerably. The Network World survey shows that more than half of respondents are expecting to virtualize 40% of their servers in 2011, and one-third to virtualize about 60%. Technology vendor CDW LLC recently conducted a survey in which it found that 95% of respondents indicated that server virtualization has brought them considerable cost savings in the form of increased IT productivity, greater business agility, adaptability and flexibility, and reduced energy consumption and costs. Data centers are used to house data, applications and other resources that are critical to the success of the business and therefore must be secure, resilient and fully available to ensure productivity remains high and the organization is protected from harm. Traditionally, organizations have put in place many security controls, including physical controls to prevent unauthorized access. Information security controls are also important for data centers and almost every organization uses technologies such as anti-virus controls, intrusion detection and prevention, and firewalls. However, these are often point solutions that are applied to specific systems and are often bolted on as an afterthought. Organizations do not want to erode the cost and efficiency savings associated with virtualization by implementing cumbersome, siloed security controls, each requiring standalone management and maintenance. A siloed approach is no longer sufficient for the next-generation data centers that are being built today, with their complex array of physical and virtual systems, and with all manner of devices connecting to the applications and resources that they contain. In traditional data center architectures, resources are physically separated and different levels of security can be set for each zone. Prior to virtualization, applications were installed on physical servers, each of which had its own identity for controlling access via policies set for each individual machine, and point security controls could be applied to each system. This classic architecture is depicted in Figure 1. With virtualization, that model changes. It allows for many virtual machines to be housed on one physical server. Not only that, but also those virtual machines can be migrated across data centers or even out to the cloud. This mobility is essential for the smooth and efficient running of next-generation data centers and provides the foundation for cloud computing, where resources are required to move between clouds, or to and from the data center. It allows for new, efficient methods of provisioning resources and for maintaining those resources in an optimal state to ensure robust and continued service delivery. Applications that require maintenance can be migrated to another server without causing downtime or resources can be migrated to another data center to solve space or other constraints as a data center expands. Figure 2 illustrates an example of this new paradigm. Physical servers support multiple virtual machine containers and the virtual machine hosts an application. Instead of traffic flowing hierarchically, as in traditional architectures, a new distributed architecture is required which efficiently supports east-west and north-south traffic with minimum latency whilst fully utilizing the available bandwidth. However, this new architecture brings with it many implications for security. Virtual machines that can be moved around break the model of Bloor Research A Bloor White Paper

5 Data center modernization Figure 1: Classic hierarchical Ethernet infrastructure Figure 2: Ethernet fabric architecture A Bloor White Paper Bloor Research

6 Data center modernization tying security policies to physical resources. Instead, a federated security model is required, with policies applied to applications and their virtual containers according to context, such as what type of application it is, and tied to the identity of the user accessing it. Virtualized machines also have implications for network security because it is quick and easy to put up a new virtual machine, making it a hard job to keep track of all resources and to ensure that each has security controls that are sufficient to establish and maintain trust boundaries and to enforce compliance objectives. Virtualization erodes the ability to segregate the data center into separate security zones, such as placing corporate finance servers in a physically segregated area, because this prevents the ability to scale across all resources, which is a key design objective of next-generation data centers that aim to boost utilization. This means that security controls must be applied at a much more granular level according to context to avoid applications with different risk sensitivities running side by side, which can cause compliance violations or increase the risk of security attacks between virtual machines, such as privilege escalations or denial of service attacks. To get around the problem of a lack of physical segregation in a virtualized environment, virtual switches are used to provide isolation and security monitoring between virtual machines, providing secure zones. Another security implication of next-generation data centers is that network designs are being flattened owing to the changing topology from server stacks with north-south traffic flows to flattened network designs with east-west traffic, as shown in Figures 1 & 2. One of the drivers for this change is virtualization, which requires a great deal of server-to-server traffic, rather than client-server,as in the old model. Efficient eastwest traffic flow is essential for virtual machine mobility and the use of such Ethernet fabric will increase compute speeds significantly by reducing latency and providing full network bandwidth. A flattened network design is a key enabler for building very large, scalable networks and forms the basis for private cloud deployments. However, there are implications regarding where security controls should be placed and over their effectiveness. For example, enforcing policies with traditional firewalls is fairly straightforward for north-south traffic, but they are not effective for east-west traffic, in which security is applied independent of physical layer enforcement. In a flattened network, firewall, intrusion detection and prevention systems, and anti-malware must be interoperable with flat network standards so that there are no security blind spots. Security and access policies must be tied to virtual machines so that they are consistently applied. This requires that security be integrated so that those policies can be monitored and managed through a central console that spans both physical and virtual systems Bloor Research A Bloor White Paper

7 Recommendations for next-generation data center security To cut costs, increase business agility and support an ever-increasing number of devices connecting to data centers for productivity and efficiency gains, organizations embarking on next-generation data center projects must re-think their security strategies. Perimeter defence mechanisms are no longer sufficient and the objectives of virtualization mean that organizations can no longer rely on physical separation for security. Traditional security controls are also ineffective in the hybrid physical-virtual environment of the next-generation data center as they are unable to monitor virtual machines properly or effectively enforce policies in dynamic environments. Security is also something that must be built in at the design stage to provide in-depth, integrated security to ensure that attacks cannot spread unchecked across all systems on a single infrastructure spanning physical, virtual and cloud environments. The traditional strategy of bolting on security, often to protect a particular host in response to a security incident, cannot work in the highly interconnected environment of the next-generation data center. As organizations rearchitect their data centers, this creates an opportunity for a complete overhaul of the security required for these new data centers. However, the survey from Network World indicates that half of respondents are relying on the same security model for virtualization as for physical servers even though respondents view targeted attacks and security breaches as the biggest threats to their next-generation data center. Selected best practices for next-generation security Include security and compliance objectives as part of the data center design and ensure the security team is involved from day one. Security controls should be developed for each modular component of the data center servers, storage, data and network united by a common policy environment. Ensure that approach taken will not limit availability and scalability of resources, as these are prime reasons for investing in a next-generation data center. Develop and enforce policies that are context, identity and application-aware for least complexity, and the most flexibility and scalability. Ensure that they can be applied consistently across physical, virtual and cloud environments. This, along with replacing physical trust zones with secure trust zones, will provide for seamless, secure user access to applications at all times, from whatever device is used to connect to resources in the data center. Choose security technologies that are virtualization-aware or enabled, with security working at the network level rather than the server. Network security should be integrated at the hypervisor level to discover existing and new virtual machines and to follow those devices as they are moved or scaled up so that policy can be dynamically applied and enforced. Monitor everything continuously at the network level for the ability to look at all assets, physical and virtual, that reside on the LAN, even those that are offline, and all interconnections between them. This monitoring should be done on a continuous basis and should be capable of monitoring dynamic network fabrics. Monitor for missing patches or application or configuration changes that can introduce vulnerabilities that can be exploited. Look for integrated families of products with centralised management that are integrated with or aware of the network infrastructure, or common monitoring capabilities for unified management of risk, policy controls and network security. This will also provide detailed reports across all controls that provide the audit trail necessary for risk management, governance and compliance objectives. A Bloor White Paper Bloor Research

8 Recommendations for next-generation data Integrated families of products need not necessarily be procured from just one vendor. Look for those that leverage the needed capabilities of a strong ecosystem of partnerships to provide a consolidated solution across all data center assets. Consider future as well as current needs and objectives at the design stage, such as whether access is required to public cloud environments. Define policies and profiles that can be segmented and monitored in multi-tenant environments. Consider security technologies that provide secure gateway connections to public cloud resources Bloor Research A Bloor White Paper

9 Summary Data centers protect and make available the business information that is the lifeblood of organizations. Yet, with the onus on increasing efficiency, providing innovative services to enable business differentiation and at the same time reducing costs, many organizations are looking to modernize their data centers. This creates many opportunities, but also throws up new challenges, among which are new security concerns. To deal with this, teams involved in modernization projects need to factor in security into the design phase of data center builds and move from a reactive security stance whereby security controls are bolted on when needed to a proactive one in which security becomes part of the basic fabric. Further Information Further information about this subject is available from A Bloor White Paper Bloor Research

10 Bloor Research overview Bloor Research is one of Europe s leading IT research, analysis and consultancy organizations. We explain how to bring greater Agility to corporate IT systems through the effective governance, management and leverage of Information. We have built a reputation for telling the right story with independent, intelligent, well-articulated communications content and publications on all aspects of the ICT industry. We believe the objective of telling the right story is to: Describe the technology in context to its business value and the other systems and processes it interacts with. Understand how new and innovative technologies fit in with existing ICT investments. Look at the whole market and explain all the solutions available and how they can be more effectively evaluated. About the author Fran Howarth Senior Analyst - Security Fran Howarth specializes in the field of security, primarily information security, but with a keen interest in physical security and how the two are converging. Fran s other main areas of interest are new delivery models, such as cloud computing, information governance, web, network and application security, identity and access management, and encryption. Fran focuses on the business needs for security technologies, looking at the benefits they gain from their use and how organizations can defend themselves against the threats that they face in an ever-changing landscape. For more than 20 years, Fran has worked in an advisory capacity as an analyst, consultant and writer. She writes regularly for a number of publications, including Silicon, Computer Weekly, Computer Reseller News, IT-Analysis and Computing Magazine. Fran is also a regular contributor to Security Management Practices of the Faulkner Information Services division of InfoToday. Filter noise and make it easier to find the additional information or news that supports both investment and implementation. Ensure all our content is available through the most appropriate channel. Founded in 1989, we have spent over two decades distributing research and analysis to IT user and vendor organizations throughout the world via online subscriptions, tailored research services, events and consultancy projects. We are committed to turning our knowledge into business value for you.

11 Copyright & disclaimer This document is copyright 2011 Bloor Research. No part of this publication may be reproduced by any method whatsoever without the prior consent of Bloor Research. Due to the nature of this material, numerous hardware and software products have been mentioned by name. In the majority, if not all, of the cases, these product names are claimed as trademarks by the companies that manufacture the products. It is not Bloor Research s intent to claim these names or trademarks as our own. Likewise, company logos, graphics or screen shots have been reproduced with the consent of the owner and are subject to that owner s copyright. Whilst every care has been taken in the preparation of this document to ensure that the information is correct, the publishers cannot accept responsibility for any errors or omissions.

12 2nd Floor, St John Street LONDON, EC1V 4PY, United Kingdom Tel: +44 (0) Fax: +44 (0) Web:

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for

White Paper. What the ideal cloud-based web security service should provide. the tools and services to look for White Paper What the ideal cloud-based web security service should provide A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 The components required of an effective web

More information

White Paper. The benefits of basing email and web security in the cloud. including cost, speed, agility and better protection

White Paper. The benefits of basing email and web security in the cloud. including cost, speed, agility and better protection White Paper The benefits of basing email and web security in the cloud A White Paper by Bloor Research Author : Fran Howarth Publish date : July 2010 the outsourcing of email and web security defences

More information

White Paper. The benefits of a cloud-based email archiving service. for use by organisations of any size

White Paper. The benefits of a cloud-based email archiving service. for use by organisations of any size White Paper The benefits of a cloud-based email archiving service A White Paper by Bloor Research Author : Fran Howarth Publish date : June 2010 Given the importance placed today on emails as a means of

More information

White Paper. The benefits of a cloud-based service for web security. reducing risk, adding value and cutting costs

White Paper. The benefits of a cloud-based service for web security. reducing risk, adding value and cutting costs White Paper The benefits of a cloud-based service for web security A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2010 By using a service based in the cloud, protection against

More information

White Paper. When email archiving is best done in the cloud. ease of use a prime consideration

White Paper. When email archiving is best done in the cloud. ease of use a prime consideration White Paper When email archiving is best done in the cloud A White Paper by Bloor Research Author : Fran Howarth Publish date : June 2010 An email archiving service provided in the cloud is a viable alternative

More information

White Paper. Next-generation and web security. why the cloud offers better protection

White Paper. Next-generation  and web security. why the cloud offers better protection White Paper Next-generation email and web security A White Paper by Bloor Research Author : Fran Howarth Publish date : July 2010 By combining email and web security, organisations will be better able

More information

White Paper. Getting ahead in the cloud. the need for better identity and access controls

White Paper. Getting ahead in the cloud. the need for better identity and access controls White Paper Getting ahead in the cloud A White Paper by Bloor Research Author : Fran Howarth Publish date : March 2013 Users are demanding access to applications and services from wherever they are, whenever

More information

White Paper. What to consider when choosing a SaaS or cloud provider

White Paper. What to consider when choosing a SaaS or cloud provider White Paper What to consider when choosing a SaaS or cloud provider A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2011 When engaging a SaaS provider, organisations must

More information

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre

Unlock the full potential of data centre virtualisation with micro-segmentation. Making software-defined security (SDS) work for your data centre Unlock the full potential of data centre virtualisation with micro-segmentation Making software-defined security (SDS) work for your data centre Contents 1 Making software-defined security (SDS) work for

More information

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business

WHITE PAPER. Data Center Fabrics. Why the Right Choice is so Important to Your Business WHITE PAPER Data Center Fabrics Why the Right Choice is so Important to Your Business Introduction Data center fabrics are emerging as the preferred architecture for next-generation virtualized data centers,

More information

Brocade One Data Center Cloud-Optimized Networks

Brocade One Data Center Cloud-Optimized Networks POSITION PAPER Brocade One Data Center Cloud-Optimized Networks Brocade s vision, captured in the Brocade One strategy, is a smooth transition to a world where information and applications reside anywhere

More information

O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s

O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s EXECUTIVE BRIEF O p t i m i z i n g t h e N e t w o r k t o M e e t T o m o r r o w ' s I C T D e m a n d s Adapted from IDC research by Eric Owen Click here to enter text. September 2014 INTRODUCTION

More information

Data Center Network Evolution: Increase the Value of IT in Your Organization

Data Center Network Evolution: Increase the Value of IT in Your Organization White Paper Data Center Network Evolution: Increase the Value of IT in Your Organization What You Will Learn New operating demands and technology trends are changing the role of IT and introducing new

More information

Virtualized Security: The Next Generation of Consolidation

Virtualized Security: The Next Generation of Consolidation Virtualization. Consolidation. Simplification. Choice. WHITE PAPER Virtualized Security: The Next Generation of Consolidation Virtualized Security: The Next Generation of Consolidation As we approach the

More information

Assessing the Business Value of SDN Datacenter Security Solutions

Assessing the Business Value of SDN Datacenter Security Solutions IDC SOLUTION BRIEF Assessing the Business Value of SDN Datacenter Security Solutions Sponsored by: Cisco Pete Lindstrom Matthew Marden May 2015 Richard L. Villars Overview CTOs, CIOs, and application architects

More information

ALCATEL-LUCENT ENTERPRISE DATA CENTER SWITCHING SOLUTION Automation for the next-generation data center

ALCATEL-LUCENT ENTERPRISE DATA CENTER SWITCHING SOLUTION Automation for the next-generation data center ALCATEL-LUCENT ENTERPRISE DATA CENTER SWITCHING SOLUTION Automation for the next-generation data center A NEW NETWORK PARADIGM What do the following trends have in common? Virtualization Real-time applications

More information

Trend Micro Cloud Protection

Trend Micro Cloud Protection A Trend Micro White Paper August 2015 Trend Micro Cloud Protection Security for Your Unique Cloud Infrastructure Contents Introduction...3 Private Cloud...4 VM-Level Security...4 Agentless Security to

More information

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES

Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Testing Network Virtualization For Data Center and Cloud VERYX TECHNOLOGIES Table of Contents Introduction... 1 Network Virtualization Overview... 1 Network Virtualization Key Requirements to be validated...

More information

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency.

McAfee Next Generation Firewall Optimize your defense, resilience, and efficiency. Optimize your defense, resilience, and efficiency. Table of Contents Need Stronger Network Defense? Network Concerns Security Concerns Cost of Ownership Manageability Application and User Awareness High

More information

VMware vcloud Networking and Security Overview

VMware vcloud Networking and Security Overview VMware vcloud Networking and Security Overview Networks and Security for Virtualized Compute Environments WHITE PAPER Overview Organizations worldwide have gained significant efficiency and flexibility

More information

Redefining Infrastructure Management for Today s Application Economy

Redefining Infrastructure Management for Today s Application Economy WHITE PAPER APRIL 2015 Redefining Infrastructure Management for Today s Application Economy Boost Operational Agility by Gaining a Holistic View of the Data Center, Cloud, Systems, Networks and Capacity

More information

CoIP (Cloud over IP): The Future of Hybrid Networking

CoIP (Cloud over IP): The Future of Hybrid Networking CoIP (Cloud over IP): The Future of Hybrid Networking An overlay virtual network that connects, protects and shields enterprise applications deployed across cloud ecosystems The Cloud is Now a Critical

More information

A Storage Network Architecture for Highly Dynamic Virtualized and Cloud Computing Environments

A Storage Network Architecture for Highly Dynamic Virtualized and Cloud Computing Environments White Paper A Storage Network Architecture for Highly Dynamic Virtualized and Cloud Computing Environments Juniper s QFabric Solution for EMC Storage Environments By Bob Laliberte, Senior Analyst May 2013

More information

Data Centre White Paper Summary. Application Fluency In The Data Centre A strategic choice for the data centre network

Data Centre White Paper Summary. Application Fluency In The Data Centre A strategic choice for the data centre network Data Centre White Paper Summary.. Application Fluency In The Data Centre A strategic choice for the data centre network Modernizing the Network: An Application-Fluent Approach With virtualization it s

More information

Virtualization Essentials

Virtualization Essentials Virtualization Essentials Table of Contents Introduction What is Virtualization?.... 3 How Does Virtualization Work?... 4 Chapter 1 Delivering Real Business Benefits.... 5 Reduced Complexity....5 Dramatically

More information

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical Radware ADC-VX Solution The Agility of Virtual; The Predictability of Physical Table of Contents General... 3 Virtualization and consolidation trends in the data centers... 3 How virtualization and consolidation

More information

Trend Micro Cloud Security for Citrix CloudPlatform

Trend Micro Cloud Security for Citrix CloudPlatform Trend Micro Cloud Security for Citrix CloudPlatform Proven Security Solutions for Public, Private and Hybrid Clouds 2 Trend Micro Provides Security for Citrix CloudPlatform Organizations today are embracing

More information

Why a Server Infrastructure Refresh Now and Why Dell?

Why a Server Infrastructure Refresh Now and Why Dell? Why a Server Infrastructure Refresh Now and Why Dell? In This Paper Outdated server infrastructure contributes to operating inefficiencies, lost productivity, and vulnerabilities Worse, existing infrastructure

More information

White Paper. Key considerations for security intelligence in big data. what a CISO needs to know

White Paper. Key considerations for security intelligence in big data. what a CISO needs to know White Paper Key considerations for security intelligence in big data A White Paper by Bloor Research Author : Fran Howarth Publish date : February 2013 The onus is on every CISO to go on the offensive

More information

Brocade and McAfee Change the Secure Networking Landscape with High Performance at Lowest TCO

Brocade and McAfee Change the Secure Networking Landscape with High Performance at Lowest TCO WHITE PAPER www.brocade.com IP NETWORK SECURITY Brocade and McAfee Change the Secure Networking Landscape with High Performance at Lowest TCO The Non-Stop Secure Network, a Brocade and McAfee joint solution,

More information

ALCATEL-LUCENT ENTERPRISE DATA CENTER SWITCHING SOLUTION Automation for the next-generation data center

ALCATEL-LUCENT ENTERPRISE DATA CENTER SWITCHING SOLUTION Automation for the next-generation data center ALCATEL-LUCENT ENTERPRISE DATA CENTER SWITCHING SOLUTION Automation for the next-generation data center A NEW NETWORK PARADIGM What do the following trends have in common? Virtualization Real-time applications

More information

Key Strategies for Long-Term Success

Key Strategies for Long-Term Success WHITE PAPER Security in the Next- Generation Data Center Key Strategies for Long-Term Success Copyright 2011, Juniper Networks, Inc. 1 Table of Contents Executive Summary........................................................................................................

More information

REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION

REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION REMOVING THE BARRIERS FOR DATA CENTRE AUTOMATION The modern data centre has ever-increasing demands for throughput and performance, and the security infrastructure required to protect and segment the network

More information

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical

Radware ADC-VX Solution. The Agility of Virtual; The Predictability of Physical Radware ADC-VX Solution The Agility of Virtual; The Predictability of Physical Table of Contents General... 3 Virtualization and consolidation trends in the data centers... 3 How virtualization and consolidation

More information

Juniper Networks QFabric: Scaling for the Modern Data Center

Juniper Networks QFabric: Scaling for the Modern Data Center Juniper Networks QFabric: Scaling for the Modern Data Center Executive Summary The modern data center has undergone a series of changes that have significantly impacted business operations. Applications

More information

SIMPLIFYING AND AUTOMATING MANAGEMENT ACROSS VIRTUALIZED/CLOUD-BASED INFRASTRUCTURES

SIMPLIFYING AND AUTOMATING MANAGEMENT ACROSS VIRTUALIZED/CLOUD-BASED INFRASTRUCTURES SIMPLIFYING AND AUTOMATING MANAGEMENT ACROSS VIRTUALIZED/CLOUD-BASED INFRASTRUCTURES EMC IT s strategy for leveraging enterprise management, automation, and orchestration technologies to discover and manage

More information

Overcoming Security Challenges to Virtualize Internet-facing Applications

Overcoming Security Challenges to Virtualize Internet-facing Applications Intel IT IT Best Practices Cloud Security and Secure ization November 2011 Overcoming Security Challenges to ize Internet-facing Applications Executive Overview To enable virtualization of Internet-facing

More information

Deploying Firewalls Throughout Your Organization

Deploying Firewalls Throughout Your Organization Deploying Firewalls Throughout Your Organization Avoiding break-ins requires firewall filtering at multiple external and internal network perimeters. Firewalls have long provided the first line of defense

More information

Fluid Data storage: A fully virtualized foundation for the IT stack

Fluid Data storage: A fully virtualized foundation for the IT stack Fluid Data storage: A fully virtualized foundation for the IT stack A Dell Technical White Paper February 2010 A C-level look at the business impact of virtualization Executive overview In today s challenging

More information

Safeguarding the cloud with IBM Dynamic Cloud Security

Safeguarding the cloud with IBM Dynamic Cloud Security Safeguarding the cloud with IBM Dynamic Cloud Security Maintain visibility and control with proven security solutions for public, private and hybrid clouds Highlights Extend enterprise-class security from

More information

Evolution from the Traditional Data Center to Exalogic: An Operational Perspective

Evolution from the Traditional Data Center to Exalogic: An Operational Perspective An Oracle White Paper July, 2012 Evolution from the Traditional Data Center to Exalogic: 1 Disclaimer The following is intended to outline our general product capabilities. It is intended for information

More information

next generation privilege identity management

next generation privilege identity management next generation privilege identity management Nowadays enterprise IT teams are focused on adopting and supporting newer devices, applications and platforms to address business needs and keep up pace with

More information

SDN CENTRALIZED NETWORK COMMAND AND CONTROL

SDN CENTRALIZED NETWORK COMMAND AND CONTROL SDN CENTRALIZED NETWORK COMMAND AND CONTROL Software Defined Networking (SDN) is a hot topic in the data center and cloud community. The geniuses over at IDC predict a $2 billion market by 2016

More information

IBM Security Intrusion Prevention Solutions

IBM Security Intrusion Prevention Solutions IBM Security Intrusion Prevention Solutions Sarah Cucuz sarah.cucuz@spyders.ca IBM Software Solution Brief IBM Security intrusion prevention solutions In-depth protection for networks, servers, endpoints

More information

Your Location Instant NOC using Kaseya. Administrator at Remote Location Secure access to Management Console from anywhere using only a browser

Your Location Instant NOC using Kaseya. Administrator at Remote Location Secure access to Management Console from anywhere using only a browser Kaseya Product Brief The Kaseya Platform Making your systems more secure, your staff more productive, your services more reliable and your results easier to validate. No matter what part of Kaseya s integrated

More information

Data Center Security That Accelerates Your Business

Data Center Security That Accelerates Your Business Solution Overview Data Center Security That Accelerates Your Business Business today runs at a breakneck pace. Customers want exceptional service, and workers expect instant access to their job tools,

More information

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University.

Cisco Unified Communications and Collaboration technology is changing the way we go about the business of the University. Data Sheet Cisco Optimization s Optimize Your Solution using Cisco Expertise and Leading Practices Optimizing Your Business Architecture Today, enabling business innovation and agility is about being able

More information

Database Security in Virtualization and Cloud Computing Environments

Database Security in Virtualization and Cloud Computing Environments White Paper Database Security in Virtualization and Cloud Computing Environments Three key technology challenges in protecting sensitive data Table of Contents Securing Information in Virtualization and

More information

Cisco Unified Data Center

Cisco Unified Data Center Solution Overview Cisco Unified Data Center Simplified, Efficient, and Agile Infrastructure for the Data Center What You Will Learn The data center is critical to the way that IT generates and delivers

More information

Pervasive Security Enabled by Next Generation Monitoring Fabric

Pervasive Security Enabled by Next Generation Monitoring Fabric Pervasive Security Enabled by Next Generation Monitoring Fabric By: Lee Doyle, Principal Analyst at Doyle Research Sponsored by Big Switch Networks Executive Summary Enterprise networks have become ever

More information

Cloud Security Who do you trust?

Cloud Security Who do you trust? Thought Leadership White Paper Cloud Computing Cloud Security Who do you trust? Nick Coleman, IBM Cloud Security Leader Martin Borrett, IBM Lead Security Architect 2 Cloud Security Who do you trust? Cloud

More information

Accelerate Your Enterprise Private Cloud Initiative

Accelerate Your Enterprise Private Cloud Initiative Cisco Cloud Comprehensive, enterprise cloud enablement services help you realize a secure, agile, and highly automated infrastructure-as-a-service (IaaS) environment for cost-effective, rapid IT service

More information

From Secure Virtualization to Secure Private Clouds

From Secure Virtualization to Secure Private Clouds From Secure Virtualization to Secure Private Clouds Gartner RAS Core Research Note G00208057, Neil MacDonald, Thomas J. Bittman, 13 October 2010, RV2A108222011 As enterprises move beyond virtualizing their

More information

Switching Solution Creating the foundation for the next-generation data center

Switching Solution Creating the foundation for the next-generation data center Alcatel-Lucent Enterprise Data Center Switching Solution Creating the foundation for the next-generation data center a new network paradigm What do the following trends have in common? Virtualization Real-time

More information

Red Hat Cloud, HP Edition:

Red Hat Cloud, HP Edition: Red Hat Cloud, HP Edition: Private IaaS Clouds 2 Red Hat Cloud 2 Red Hat Enterprise Virtualization 3 Red Hat Enterprise Linux 3 Red Hat Network Satellite 3 HP CloudSystem Matrix and HP Converged Infrastructure

More information

Optimizing Data Center Networks for Cloud Computing

Optimizing Data Center Networks for Cloud Computing PRAMAK 1 Optimizing Data Center Networks for Cloud Computing Data Center networks have evolved over time as the nature of computing changed. They evolved to handle the computing models based on main-frames,

More information

Tufin Orchestration Suite

Tufin Orchestration Suite Tufin Orchestration Suite Security Policy Orchestration across Physical Networks & Hybrid Cloud Environments The Network Security Challenge In today s world, enterprises face considerably more network

More information

The Software-Defined Data Center is Key to IT-as-a-Service

The Software-Defined Data Center is Key to IT-as-a-Service The Software-Defined Data Center is Key to IT-as-a-Service August 2013 Prepared by: Zeus Kerravala The Software-Defined Data Center is Key to IT-as-a-Service by Zeus Kerravala August 2013 º º º º º º º

More information

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense A Trend Micro Whitepaper I February 2016 Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense How Trend Micro Deep Security Can Help: A Mapping to the SANS Top 20 Critical

More information

Network Monitoring Fabrics Are Key to Scaling IT

Network Monitoring Fabrics Are Key to Scaling IT Network Monitoring Fabrics Are Key to Scaling IT September 2014 Prepared by: Zeus Kerravala Network Monitoring Fabrics Are Key to Scaling IT by Zeus Kerravala September 2014 º º º º º º º º º º º º º º

More information

Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites

Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites Whitepaper : Cloud Based Backup for Mobile Users and Remote Sites The Organisational Challenges We propose three key organizational principles for assessing backup Security Control Performance Functional

More information

VDI Security for Better Protection and Performance

VDI Security for Better Protection and Performance VDI Security for Better Protection and Performance Addressing security and infrastructure challenges in your VDI deployments Trend Micro, Incorporated» See why you need security designed for VDI environments

More information

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com

Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com Global Headquarters: 5 Speen Street Framingham, MA 01701 USA P.508.872.8200 F.508.935.4015 www.idc.com W H I T E P A P E R O r a c l e V i r t u a l N e t w o r k i n g D e l i v e r i n g F a b r i c

More information

Product Overview. UNIFIED COMPUTING Managed Hosting Compute

Product Overview. UNIFIED COMPUTING Managed Hosting Compute Product Overview Interoute provide our clients with a diverse range of compute options delivered from our 10 carrier-class data centre facilities. Leveraging our extensive and diverse next generation IP

More information

OVERVIEW. Enterprise Security Solutions

OVERVIEW. Enterprise Security Solutions Enterprise Security Solutions OVERVIEW For more than 25 years, Trend Micro has innovated constantly to keep our customers ahead of an everevolving IT threat landscape. It s how we got to be the world s

More information

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE

FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE FROM A RIGID ECOSYSTEM TO A LOGICAL AND FLEXIBLE ENTITY: THE SOFTWARE- DEFINED DATA CENTRE The demand for cloud infrastructure is rapidly increasing, the world of information is becoming application and

More information

Software-Defined Networks Powered by VellOS

Software-Defined Networks Powered by VellOS WHITE PAPER Software-Defined Networks Powered by VellOS Agile, Flexible Networking for Distributed Applications Vello s SDN enables a low-latency, programmable solution resulting in a faster and more flexible

More information

Virtualizing the SAN with Software Defined Storage Networks

Virtualizing the SAN with Software Defined Storage Networks Software Defined Storage Networks Virtualizing the SAN with Software Defined Storage Networks Introduction Data Center architects continue to face many challenges as they respond to increasing demands

More information

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data

Sourcefire Solutions Overview Security for the Real World. SEE everything in your environment. LEARN by applying security intelligence to data SEE everything in your environment LEARN by applying security intelligence to data ADAPT defenses automatically ACT in real-time Sourcefire Solutions Overview Security for the Real World Change is constant.

More information

The Benefits of an Integrated Approach to Security in the Cloud

The Benefits of an Integrated Approach to Security in the Cloud The Benefits of an Integrated Approach to Security in the Cloud Judith Hurwitz President and CEO Marcia Kaufman COO and Principal Analyst Daniel Kirsch Senior Analyst Sponsored by IBM Introduction The

More information

Five Reasons to Take Your Virtualization Environment to a New Level

Five Reasons to Take Your Virtualization Environment to a New Level Five Reasons to Take Your Virtualization Environment to a New Level Study finds the addition of robust management capabilities drives 20 to 40 percent increases in key performance metrics WHITE PAPER Table

More information

HP Private Cloud Solutions

HP Private Cloud Solutions HP Private Cloud Solutions Get on the fast track to on-demand shared services delivery Solution brief Quickly moving toward the cloud More and more organizations are realizing the benefits of a dramatically

More information

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1

How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 How does IBM deliver cloud security? An IBM paper covering SmartCloud Services 1 2 How does IBM deliver cloud security? Contents 2 Introduction 3 Cloud governance 3 Security governance, risk management

More information

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy.

Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. Securing the Internet of Things OEM capabilities assure trust, integrity, accountability, and privacy. The number of Internet-connected smart devices is growing at a rapid pace. According to Gartner, the

More information

SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER

SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER SECURITY POLICY MANAGEMENT ACROSS THE NEXT GENERATION DATA CENTER An AlgoSec Whitepaper MANAGE SECURITY AT THE SPEED OF BUSINESS AlgoSec Whitepaper Introduction Corporate networks today must deliver hundreds

More information

Intelligent Data Center Solutions

Intelligent Data Center Solutions Intelligent Data Center Solutions Panduit s Unified Physical Infrastructure (UPI): a Guiding Vision A unified approach to physical and logical systems architecture is imperative for solutions to fully

More information

Deploying Advanced Firewalls in Dynamic Virtual Networks

Deploying Advanced Firewalls in Dynamic Virtual Networks SOLUTION GUIDE Deploying Advanced Firewalls in Dynamic Virtual Networks Enterprise-Ready Security for Network Virtualization 1 This solution guide describes how to simplify deploying virtualization security

More information

Secure Your Next-Generation Data Center

Secure Your Next-Generation Data Center Business Brief Secure Your Next-Generation Data Center Build security into the design phase for maximum flexibility and advanced threat reduction Key Takeaways Data center upgrades are pervasive, driven

More information

Networks that know data center virtualization

Networks that know data center virtualization Networks that know data center virtualization EBOOK VITRUALIZATION Your ideas. Connected. Copyright August 2014, Juniper Networks, Inc. Preface In both legacy IT data centers and emerging private and public

More information

FIVE PRACTICAL STEPS

FIVE PRACTICAL STEPS WHITEPAPER FIVE PRACTICAL STEPS To Protecting Your Organization Against Breach How Security Intelligence & Reducing Information Risk Play Strategic Roles in Driving Your Business CEOs, CIOs, CTOs, AND

More information

CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS

CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS CPNI VIEWPOINT CONFIGURING AND MANAGING REMOTE ACCESS FOR INDUSTRIAL CONTROL SYSTEMS MARCH 2011 Acknowledgements This Viewpoint is based upon the Recommended Practice: Configuring and Managing Remote Access

More information

Injazat s Managed Services Portfolio

Injazat s Managed Services Portfolio Injazat s Managed Services Portfolio Overview Premium Managed Services to Transform Your IT Environment Injazat s Premier Tier IV Data Center is built to offer the highest level of security and reliability.

More information

A Look at the New Converged Data Center

A Look at the New Converged Data Center Organizations around the world are choosing to move from traditional physical data centers to virtual infrastructure, affecting every layer in the data center stack. This change will not only yield a scalable

More information

Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack

Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack Cisco and Red Hat: Application Centric Infrastructure Integration with OpenStack Cisco and Red Hat Extend the Cisco ACI Policy Framework to Red Hat Enterprise Linux OpenStack Platform Enabled Environments

More information

Securing the Next-Generation Data Center

Securing the Next-Generation Data Center Business Brief Securing the Next-Generation Data Center Build security into the design phase for maximum flexibility and advanced threat reduction Key Points Data center upgrades are pervasive, driven

More information

SOFTWARE DEFINED NETWORKING

SOFTWARE DEFINED NETWORKING SOFTWARE DEFINED NETWORKING Bringing Networks to the Cloud Brendan Hayes DIRECTOR, SDN MARKETING AGENDA Market trends and Juniper s SDN strategy Network virtualization evolution Juniper s SDN technology

More information

Protecting the Extended Enterprise Network Security Strategies and Solutions from ProCurve Networking

Protecting the Extended Enterprise Network Security Strategies and Solutions from ProCurve Networking ProCurve Networking by HP Protecting the Extended Enterprise Network Security Strategies and Solutions from ProCurve Networking Introduction... 2 Today s Network Security Landscape... 2 Accessibility...

More information

Hybrid Cloud Places New Demands On The Network

Hybrid Cloud Places New Demands On The Network A Custom Technology Adoption Profile Commissioned By Juniper Networks April 2014 Hybrid Cloud Places New Demands On The Network Introduction Today s business pressures require IT resources to be a cost-effective

More information

Demystifying Virtualization for Small Businesses Executive Brief

Demystifying Virtualization for Small Businesses Executive Brief Demystifying Virtualization for Small Businesses White Paper: Demystifying Virtualization for Small Businesses Demystifying Virtualization for Small Businesses Contents Introduction............................................................................................

More information

Networks that virtualization

Networks that virtualization Networks that know virtualization EBOOK VITRUALIZATION Your ideas. Connected. Copyright August 2014, Juniper Networks, Inc. Preface In both legacy IT data centers and emerging private and public clouds,

More information

Cloud computing: Innovative solutions for test environments

Cloud computing: Innovative solutions for test environments IBM Global Services April 2009 Cloud computing: Innovative solutions for test environments Speed test cycles and reduce cost to gain a competitive edge Page No.2 Contents 2 Executive summary 3 Leading

More information

vsrx Services Gateway: Protecting the Hybrid Data Center

vsrx Services Gateway: Protecting the Hybrid Data Center Services Gateway: Protecting the Hybrid Data Center Extending Juniper Networks award-winning security products to virtualized, cloud-based, and hybrid IT environments Challenge Virtualization and cloud

More information

InDetail. SolarWinds Log & Event Manager. a full-functioned, yet affordable, SIEM

InDetail. SolarWinds Log & Event Manager. a full-functioned, yet affordable, SIEM InDetail SolarWinds Log & Event Manager An InDetail Paper by Bloor Research Author : Fran Howarth Publish date : January 2014 SolarWinds LEM provides all of the essential features required of a SIEM, but

More information

Taking the Open Path to Hybrid Cloud with Dell Networking and Private Cloud Solutions

Taking the Open Path to Hybrid Cloud with Dell Networking and Private Cloud Solutions Taking the Open Path to Hybrid Cloud with Dell Networking and Private Cloud Solutions In This Paper Frequently, the network is the stumbling point to cloud adoption SDN offers a more dynamic, virtualized

More information

Data Center Networking Designing Today s Data Center

Data Center Networking Designing Today s Data Center Data Center Networking Designing Today s Data Center There is nothing more important than our customers. Data Center Networking Designing Today s Data Center Executive Summary Demand for application availability

More information

Cisco Advanced Services for Network Security

Cisco Advanced Services for Network Security Data Sheet Cisco Advanced Services for Network Security IP Communications networking the convergence of data, voice, and video onto a single network offers opportunities for reducing communication costs

More information

THE VX 9000: THE WORLD S FIRST SCALABLE, VIRTUALIZED WLAN CONTROLLER BRINGS A NEW LEVEL OF SCALABILITY, COST-EFFICIENCY AND RELIABILITY TO THE WLAN

THE VX 9000: THE WORLD S FIRST SCALABLE, VIRTUALIZED WLAN CONTROLLER BRINGS A NEW LEVEL OF SCALABILITY, COST-EFFICIENCY AND RELIABILITY TO THE WLAN The next logical evolution in WLAN architecture THE VX 9000: THE WORLD S FIRST SCALABLE, VIRTUALIZED WLAN CONTROLLER BRINGS A NEW LEVEL OF SCALABILITY, COST-EFFICIENCY AND RELIABILITY TO THE WLAN ZEBRA

More information

VMware vcloud Powered Services

VMware vcloud Powered Services SOLUTION OVERVIEW VMware vcloud Powered Services VMware-Compatible Clouds for a Broad Array of Business Needs Caught between shrinking resources and growing business needs, organizations are looking to

More information

Cisco Virtualized Multiservice Data Center Reference Architecture: Building the Unified Data Center

Cisco Virtualized Multiservice Data Center Reference Architecture: Building the Unified Data Center Solution Overview Cisco Virtualized Multiservice Data Center Reference Architecture: Building the Unified Data Center What You Will Learn The data center infrastructure is critical to the evolution of

More information