Nemertes Issue Paper

Overview:
The data center is undergoing a radical shift, from virtualization towards internal cloud environments where workloads dynamically move, start and stop driven by real-time performance needs. At the same time, IT practitioners are interested in exploring external cloud computing options---but security and compliance concerns are squelching adoption.

A key concern is trust. Moving to a cloud provider shifts the burden of trust onto the provider--something that few providers are able to handle today. To overcome this concern, responsibility for security and compliance needs to stay with the customer. This requires an overhaul of security practices – the same practices we’ve been using for 15 years. We need new security and compliance controls that span the physical, virtual, cloud continuum (not everything will be virtual so security must continue to protect physical assets). We also need security controls that are location-aware and dynamically enforce policy regardless of workload location. This requires an adaptive perimeter defense and restoration of depth for defense in depth.

Author(s): Ted Ritter, Senior Research Analyst

Keywords: Virtualization, Cloud Computing, VirtSec, Security

Vendors mentioned: Cisco, Citrix, Microsoft, VMware

Clients: Read This Issue Paper - Securing the Physical, Virtual, Cloud Continuum

Non-clients: Please contact us for information on obtaining access to Nemertes Issue Papers