Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Stonesoft's Guide to Overcoming The Virtual Network Security Challenge

Stonesoft Networks : 15 April, 2010  (Technical Article)
Network security specialist, Stonesoft answers the question of how to improve cloud computing security by providing five tactics for network virtualisation without compromising security in the cloud


Stonesoft, an innovative provider of integrated network security and business continuity solutions, has identified five ways that organisations can improve Cloud Computing security. This announcement comes on the heels of recent research released from Gartner, Inc. citing that 60 percent of virtualised servers will be less secure than the physical servers they replace through 2012 (Source: Addressing the Most Common Security Risks in Data Center Virtualization Projects, January 2010). Today, most organisations deploy Virtualisation.asp">Virtualisation technologies without involving information and network security teams in the initial planning stages. As a result, many organisations are simply retrofitting their virtual networks with existing physical network security strategies and technologies. This lack of foresight and technological preparedness drastically weakens network security, which presents the biggest known challenge to the success of Cloud Computing with large-scale organisations. In response, Stonesoft has identified five ways IT teams can protect themselves against cloud security threats and attacks, while helping ensure the success of their Cloud Computing strategies. They include: 1 Federated ID: Inherent in a Cloud Computing environment is the need for workers to log into multiple applications and services. This presents a formidable security pitfall, as organisations may lose control over their ability to ensure strong authentication at the user level. To mitigate this risk, organisations need “single sign-on" capabilities - such as those provided by the StoneGate SSL VPN - that enable users to access multiple applications and services, including those located outside of the organisation in the public cloud, through a single login. With this ability, organisations can streamline security management and ensure strong authentication within the cloud. 2 Always-on Connectivity: When the majority of an organisation's critical business data is stored in the cloud, network downtime can shut down business operations. Access to cloud services must be always available, even during maintenance, thus requiring high availability technologies and capabilities such as active/active clustering, dynamic server load balancing and ISP load balancing within the network infrastructure. Organisations should seek technologies that are built into their network solutions, rather than purchase them as standalone products to ensure effectiveness, ease of management and reduced network costs. 3 Multi-layer Inspection: The rise of the Cloud Computing environment and increased sophistication of threats has created a need for a proper layered defense comprised of perimeter protection and intrusion detection and prevention capabilities within the network. Rather than implementing first-generation firewalls to protect the cloud at the perimeter, Stonesoft recommends the deployment of virtual next generation firewall appliances - like the StoneGate Virtual NextGen Firewall - that integrate advanced firewall and IPS capabilities for deep traffic inspection. This will allow organisations to inspect all levels of traffic, from basic Web browsing to peer-to-peer applications and encrypted Web traffic in the SSL tunnel. Additional IPS appliances should be implemented to protect networks from internal attacks that threaten access to the cloud. 4 Centralised Management: Human error is still the greatest network security threat facing both physical and virtual computing environments. As companies deploy additional network devices to secure their virtual networks, they exponentially increase this risk as device management, monitoring and configuration become more tedious and less organised. For this reason, Stonesoft recommends companies use a single management console to manage, monitor and configure all devices - physical, virtual and third-party. 5 Virtual Desktop Protection.



More and more organisations are deploying virtual desktops to realise the cost and administration benefits. However, these desktops are just as,  if not more, vulnerable than their physical counterparts. To adequately protect virtual desktops, organisations should isolate them from other network segments and implement deep inspection at the network level to prevent both internal and external threats. Those organisations should deploy a multi-pronged approach to security by implementing IPS technology that prevents illegal internal access, protects the clients from malicious servers, as well as providing secure remote access capabilities through IPsec or SSL VPN that protects against unauthorised external access. Stonesoft currently offers a selection of virtual network security solutions that provide advanced security in the cloud. These include the StoneGate Virtual NextGen Firewall, StoneGate Virtual IPS and StoneGate Virtual SSL VPN.


Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo