There is a common misconception that in order to move to virtual security solutions, companies can, or should, replace physical security technologies they rely on to keep their networks safe today.
Think about it: Would a museum of fine arts fire its security guards and replace them just with video cameras? Probably not. Ideally, the security guards would use the cameras to more efficiently patrol the facilities and more quickly catch a would-be thief. The same concept applies to protecting the digital world. Adding virtualized versions of key security or virtual specific technologies can be used to add more depth in defenses and complement existing physical models.
As more companies move their infrastructure to the cloud and provide their products with an “as a service” model, layering on virtualized security solutions can help companies more efficiently manage this new, more complex environment. Like other parts of the virtual data center, these types of security capabilities and controls provide many of the same benefits of being able to quickly turn solutions on and off in near real-time. In an on-demand world, organizations pay for the virtual instances that they consume, so they can better balance their financial outlay with the actual need at any one time.
According to Gartner, by 2015 over 20 percent of the VPN/firewall market will be deployed in a virtual format.
The Many Benefits
Yet many enterprises are still contemplating why, when and how to deploy virtual services like firewalls, often due to not knowing when to keep physical systems and where virtual versions are more appropriate. When discussing security needs with companies and the topic of if they should “go virtual” comes up, I always tell them to think of virtual services not as a replacement for physical appliances, rather as an essential additional support to increase protection for their evolving networks.
There are certainly several benefits to taking the dive into the virtual world when it comes to security and firewalls in particular.
Virtualized security brings a simple, on-demand deployment model to the network, which can often significantly reduce ongoing operational expenses. There is no box to unpack, no machine to configure and no chassis to install, making deployment much easier and cost effective.
Virtual firewalls are also much simpler to manage and update from a centralized management system, making it easier to ensure security policies remain consistent across a distributed environment. Further, the ability to create customized security controls for different virtual machines based on the needs of customers or the sensitivity of information ensures that proper protections are in place.
How to Choose?
When considering virtual firewall choices, companies should keep in mind that it is necessary to ensure the management system can support consistent policies across both physical and virtual systems. Every business has its own solidified policies established for the network, describing which groups or employees have access to specific apps, vLans or files. It’s important to make sure the virtual security services being considered can support consistent policies and are easy to manage.
Virtualization is clearly upon us and it is in the best interest of companies to make an effort to educate themselves on how virtualized security services can play into the mix and secure networks. More often than not, businesses will learn that the easier, faster and more nimble security features that are provided with a virtual environment are worth the investment, and that greater risk might be lurking without adoption as attackers become more intelligent.