Virtual reality

As regional enterprises take to virtualisation across server and storage platforms, it becomes imperative that they re-examine their security investments and modify the organisational mindset to protect their information systems and data better. Sathya Mithra Ashok explores the subject.

Tags: EMC CorporationExtreme Networks IncorporationInfrastructureSymantec CorporationUnited Arab Emirates
  • E-Mail
Virtual reality “The greater challenge today is to maximise the benefits of virtualisation without compromising security and compliance.” Rubén Espinosa Gil, regional marketing manager EMEA South of RSA, the security division of EMC
More pics ›
By  Sathya Mithra Ashok Published  November 16, 2009 Network Middle East Logo

Simply implementing the right security in organisations is not entirely sufficient. According to vendors, this has to be managed efficiently to gain required performance levels.

"It's important to manage security proactively, which can be achieved most effectively when the virtual and physical environments are managed together.  Security is a complex operation and customers have some options available to them. One is to simplify their virtualisation management through a management console; another would be to outsource security management to a company," said Karam.

Facing challenges

Team involvement, protection of the access layer and efficient management are just broad guidance parameters for achieving effective security with virtualisation technologies. As with any IT implementation, security in virtualisation involves a lot of details that vary from enterprise to enterprise, and necessitates the presence of trained personnel.

Since the region lacks in skilled IT people with adequate experience, this often means that organisations investing in virtualisation and necessary security elements will need to send their existing IT staff for training as well.

"Advanced training on the setup of VMs and the environment would be very necessary to augment the standards based security training already provided. While the basic tenets of networking security prevail, there are added layers to virtualised security that need to be understood and implemented. Like any new technology training enhances these skills," said Prasad.

Even when adequate training is provided, organisations are faced with other challenges when they take the step to securing their virtualisation investments.

"The most challenging obstacles to enabling and securing virtualisation lie within the organisation itself. While specific knowledge and skills in systems, storage and networks will remain critical, the challenge then becomes making the sum of the parts greater than the whole. No longer can data centre teams work in silos. VM intelligence is moving out to the network as network intelligence is moving into the server. The traditional network access layer is collapsing into the server architecture. Servers now host more network intelligence in the form of a virtual machine-aware software driver or a software switch. The demarcation thus becomes not one between server and network, but one similar to server and application. Network access now begins in the server - not at the end of a copper cable - yet it will continue to be managed within the network by a network specialist. This new paradigm demands cooperation among data centre teams and mutual understanding of the services that these teams collectively provide," said Ayoubi at Cisco.

RSA's Gil states: "The greater challenge today is to maximise virtualisation benefits without compromising security and compliance. A well executed plan also helps you obtain buy-in from key stakeholders throughout your organisation, avoiding pitfalls that could otherwise jeopardise success."

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code