This article originally appeared in the April 2011 issue of Unified Communications
The rise of cloud-based services and of virtualization is creating new security challenges for businesses.
Traditional security solutions, like packet sniffers and intrusion detection tools, are organized around physical network assets, says Adam Powers, CTO of Lancope, which sells a security monitoring appliance to large enterprises. However, he adds, the virtual assets that are now in place are much more difficult to monitor.
To address that, businesses can invest in products like the Cisco (News - Alert) Systems Nexus 1000V Series switches, which enable what is known as NetFlow. However, Powers says many businesses don’t have a Nexus 1000V, so those organizations might want to consider using a product like Lancope’s FlowSenser, a thin, lightweight virtual host that network operators can put in the virtual machine server to monitor all communications occurring between different virtual machines in the enterprise cloud. FlowSenser connects to the VMware hypervisor, so it captures all traffic between different VMs, it builds NetFlow data packets, and sends those to the Lancope StealthWatch system, which can analyze up to 1.5 million flows per second.
“NetFlow is an extremely useful and underused tool for maintaining and troubleshooting enterprise networks,” says Steve McOwen, director of information security at Cisco System, which is a Lancope customer. “Lancope captures the full power of NetFlow without requiring extensive time or resources from IT teams. In-depth flow data, application analysis and an easy-to-understand, graphical user interface make StealthWatch 6.0 a versatile tool for monitoring and responding to a wide variety of incidents.”
Mark Starry, director of enterprise architecture and security at Concord Hospital, says that StealthWatch 6.0 enables the hospital’s IT staff to determine whether issues are caused by the network or by a specific application. It also helps to pinpoint exactly which application and users are responsible.
“This type of insight is extremely valuable as more and more applications find their way onto corporate networks,” Starry says.
Other outfits are addressing the security requirements of businesses via their own cloud-based solutions.
For example, StillSecure (News - Alert), a managed network security solutions and certified compliance company, and XO Communications have joined forces to provide a suite of managed security services to business customers.
“Customers continue to struggle with securing their Internet infrastructure. XO Communications (News - Alert) is smart to leverage their deep, trusted relationship with customers to help solve these issues with a suite of managed security services,” says David Mandell, chief marketing officer at StillSecure. “Solving security problems in the cloud – prior to them hitting a customer’s premises – is the next level for forward-thinking telcos.”
Dr. Ulrich Hammerschmidt, vice president of innovation projects for Deutsche Telekom (News - Alert) – ICSS, the international wholesale arm of Deutsche Telekom Group, adds that te more users get comfortable with cloud services like Hotmail or Facebook (News - Alert), the less reluctant they are to also use cloud services for professional purposes,.
“And a professional cloud service provider like Deutsche Telekom is trusted to deliver security at a higher level than most enterprises can do on their own,” he says. “Add to this the problems resulting from earthquakes, floods, etc., where enterprise IT infrastructure gets suddenly wiped out, and the acceptance of cloud services will become stronger and stronger.”
Lancope’s Powers adds that in the long run, NetFlow may also begin running in the public cloud.
“We are talking about it,” says Powers, adding that it needs to happen because the problem a lot of people are having with the cloud is lack of visibility. “So these flows restore that confidence in what is happening” within applications.
Edited by Stefania Viscusi