Security Experts:

The Ripple Effect of Virtual Security

Modern networks have expanded. Their components constantly evolve and spawn new attack vectors including endpoints, mobile devices, web-enabled and mobile applications, virtual infrastructure, data centers, social media, web browsers and home computers. These networks are complex to deploy, manage and secure. Any gap in protection across this extended network can have a ‘ripple effect’ across your entire IT environment, exposing your organization to greater security risk.

With VMWorld in San Francisco fast approaching and attendance projected at over 21,000 – a 13-fold increase since its debut in 2004 – the time is right to take a closer look at securing virtual environments as part of your extended network and overarching security strategy.

Virtualization Datacenter

If you’re like most IT security professionals, you’ve been tasked with doing more with less. Chances are you’ve turned to virtualization to take advantage of the reduced operating costs, energy savings and increased flexibility to help address fiscal pressures while enabling your business. At the same time, according to a December 2012 Ponemon Institute survey, intrusions and data loss within virtual environments remain among the top three IT security concerns for IT practitioners.

So what can you do to quell these concerns and better protect not just your virtual assets but all of the assets on your extended network? Using best practices and technologies to enable visibility and control across the extended network will help you realize the full benefits of virtualization while minimizing security risks. Here are three recommendations to ensure you’re moving in the right direction.

1. Remove organizational silos. A natural separation of duties occurs in the physical world where server operations own the servers; network operations owns the routers, switches and firewalls; and security owns IT security systems, including intrusion detection and prevention systems and advanced malware protection solutions. In the virtual world, however, management of these devices or functions has been consolidated and offered as part of the virtual infrastructure. Faced with tight deadlines, many virtual system administrators don’t have the time or resources to involve the network and security groups in the virtualization process; they simply handle all aspects themselves. But a lack of subject matter expertise can lead to misconfigurations and vulnerabilities. To better secure virtual environments these teams must work together across virtual environments just as they do across physical environments. By creating working groups with all stakeholders involved, IT teams can collectively assess the architecture within the broader context of the extended network to identify potential gaps in security and then create security policies and zones to close these gaps. 

 2. Seek security solutions designed for virtual environments. Many organizations rely on their physical appliances to protect their virtual environments and use techniques like ‘hair pinning’ to route virtual traffic to a physical device for inspection and then back. This creates unnecessary latency and management complexity. Appliances designed to operate specifically in virtual environments are easier to deploy and support virtual workflows. They can also leverage the inherent benefits of virtualization in a way that physical appliances simply can’t, for example offloading redundant activities, like scanning for malware, to the service virtual machine (VM) or the cloud, further enhancing performance and easing administration. However, just because a security solution is designed for use in the virtual world doesn’t mean it can’t integrate with solutions to protect physical assets. In fact, it should.

 3. Target consistent security effectiveness. Securing each component of the modern network with disparate technologies that don’t – and can’t – work together creates gaps in protection. You need a holistic approach that provides consistent security effectiveness across physical and virtual worlds. The ability to monitor, manage and report on security activities across the entire infrastructure from a central console is critical to protecting the extended network. Further, with the proliferation of advanced malware, visibility to specifically track malware trajectory and behavior throughout user environments is essential to understand and stop these invasive threats. And solutions that leverage real-time cloud security intelligence to identify and discover the latest threats and vulnerabilities and then automatically and consistently update protections for all assets eliminate any gaps in defenses.

The role of virtualization in organizations will continue to grow. But attackers are savvy. All it takes is one weakness to penetrate the network and accomplish their mission – be it to gather data or simply to destroy. To truly protect our extended networks and eliminate the ripple effect a gap in virtual security creates, it’s time to better defend our weaknesses to strengthen our overall defenses.

view counter
Marc Solomon is Chief Marketing Officer at ThreatQuotient. He has a strong track record driving growth and building teams for fast growing security companies, resulting in several successful liquidity events. Prior to ThreatQuotient he served as VP of Security Marketing for Cisco following its $2.7 billion acquisition of Sourcefire. While at Sourcefire, Marc served as CMO and SVP of Products. He has also held leadership positions at Fiberlink MaaS360 (acquired by IBM), McAfee (acquired by Intel), Everdream (acquired by Dell), Deloitte Consulting and HP. Marc also serves as an Advisor to a number of technology companies, including Valtix.