We in the security industry have gotten into a bad habit of focusing the majority of our attention and marketing dollars on raising awareness of the latest emerging threats and new technologies being developed to detect them. One just has to look at the headlines or spend fifteen minutes walking the show floor at a major security conference to see this trend. However, while we are focusing on what all the bad guys are doing, we’ve taken the eye off the ball of where our infrastructure business is going.
Don’t get me wrong, detecting new targeted attacks is an important priority for security pros, but it’s equally vital to look for technology advancements in the way we do business and what our counterparts are doing in infrastructure, data centers and/or clouds.
For example, when security became virtualized, it brought with it the promise of several benefits, including increased speed and scalability with decreased overhead and costs of security infrastructure in virtualized data centers and cloud environments. There’s little doubt that this transition to virtualized security has been a positive one for many organizations who are now able to more effectively scale and customize security policies faster than ever before.
But what can we do next to make sure we’re continuing to innovate and keep our security functions ahead of the curve?
One of the most promising new approaches is putting security functions into containers. Just as containers provide a wide range of benefits for applications that need to migrate between computing environments, there are also benefits to using them to secure networks. The decrease in size and power needed to run security operations through a container using one operating system, as opposed to operations through several operating systems, can have a massive effect on cost and scalability, while providing an efficient way to secure your network.
There are several benefits to containerizing your security functions. The most obvious of these is cost savings – with all of your operations able to run through only one container, you can decrease the amount you need to spend on multiple operating systems. From a performance standpoint, you will be able to achieve massive scalability and a significant increase in speed of services. Containers can be booted up almost immediately, while your average virtual machine (VM) may take several minutes to start.
Just as we started with VMs on servers, there was a general perception that there was no need for security. But as adoption of containers progresses in data centers and clouds, many organizations have quickly realized the need to add security in the overall mindset of building virtualized environments.
However, just as with all new forms of security, there can be limitations. For instance, unlike traditional firewalls, you don’t need routing and switching capabilities, especially as environments migrate to more micro service creation and usage. For that reason, you should evaluate the decision to use containers carefully and do it with security at the upstart. If you’re considering this approach, here are a few questions you should be asking yourself to decide what’s right for you:
1) Are you already using Dockers? If your organization is using containers for any other part of their infrastructure, it’s highly logical to extend this practice to security. Once containers are in place, their scalability makes it easy to add other features to their existing functions with minimal additional cost or impact on performance.
2) What kind of environment are you looking to support? If you’re in need of a dense, secure environment, containers could be the best solution for you. If you have already built and prioritized a virtualized environment with virtual machines, a virtual firewall could be a better solution.
3) What is your long term strategic business direction? Is your business investing in more DevOps type resources? Is your business leveraging off the shelf technology, or is the strategic direction to build competitive differentiated technology in house? If your business believes technology is a strategic differentiator and is investing in more DevOps resources and building technology in-house, then containers should naturally be the next step in your data center investments. Start with a full container firewall that has the ability in the future to decompose into micro security services to be able to support your current applications and future micro services.
While using containers to secure your organization is a relatively novel approach, it can lead to cost savings and massive scalability. By considering containers for security, you could be an early adopter to an innovative new approach that will allow you to stay ahead of both the competition and the cybercriminals.