Security in the data centre

Data centres are evolving to support changing business models and competitive environments.

Tags: Sourcefire (www.sourcefire.com)
  • E-Mail
Security in the data centre Anthony Perridge, EMEA Channel Director at Sourcefire, now a part of Cisco.
By  Anthony Perridge Published  July 23, 2014

The end goal of many cyber-crime campaigns is to reach the data centre and exfiltrate valuable data or cause disruption. In fact, a recent Ponemon report shows that cyber-attacks caused 34% of downtime in 2013, compared to 15% in 2010. And the 2014 Verizon Data Breach Investigations Report reveals that data centres with their high bandwidth pipes are also becoming the vehicle of choice for launching some of the largest denial-of-service attacks we’ve ever seen.

With attackers increasingly ‘centred’ on the data centre, administrators need security solutions that allow them to be increasingly ‘centred’ on effective protection. Data centres are evolving and becoming more intelligent to support changing business models and new competitive environments. Applications can be provisioned dynamically. Resources automatically shift as demands change. Virtual devices and services can be deployed and retired on demand. And visibility and control are now expanding across the data centre.

However, many of today’s security solutions, designed for the Internet edge and not the data centre, simply do not support these advances in the data centre or the new, targeted threats aimed at these highly prized targets. Traditional data centre security and bolt-on solutions fall short in a number of ways — taking days or weeks to provision; lacking performance and scalability to handle dynamic environments and high-volume bursts of traffic; involving fragmented solutions that aren’t integrated across the data path, creating management overhead and policy handoff errors; and focusing only on preventing attacks before they happen with no ability to see and proactively respond to threats that inevitably get through.

Because the wrong security solution can actually impede business goals, many organisations increasingly choose to scale back on security in order to maximise the flexible and dynamic services built into their data centres. In fact, Gartner finds that 95% of data centre breaches occur due to a misconfigured firewall, largely a result of administrators faced with the untenable choice of compromising security for the sake of data centre functionality. The problem is likely to get worse before it gets better.Complexity and challenges mount as data centres are migrated from physical to virtual to next-generation environments like software-defined networks (SDNs) and application-centric infrastructures (ACIs). Data centre administrators find themselves spending more time managing topology and less time managing the applications and services that can provide the additional productivity and performance gains necessary to support the goals of the business.

With data centres becoming increasingly critical to business strategy execution, data centre security must be considered within the context of the broader security strategy for the overall organisation. Security for the data centre must evolve in three important aspects to deliver the control administrators need, without compromising protection and functionality.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code