Moving to a virtual environment, or a mix of virtual and physical environments, offers many business benefits including cost reduction, agility, optimisation and automation.
While virtualisation is not a new concept and the benefits have long been recognised and embraced by many, there is a growing trend across the country toward embracing virtual environments.
Security is typically the biggest challenge for organisations moving toward virtualisation. While the cyber threat landscape remains the same as in a physical environment, a new environment brings different security challenges and organisations can often be more vulnerable to falling victim to security attacks.
Security challenges of virtualisation
The dynamic environment of virtualisation further raises the bar for protection.
Each virtual machine (VM) must be secured as they are brought online, with policy consistent with the nature of each individual VM. New environments and applications can be provisioned, moved and changed in a virtualised environment much faster than before, and they must be protected from the moment they go “live.”
Legacy approaches to IT security may not address changing challenges brought by virtualisation. Firewalls alone will not deliver the needed depth within the virtualised environment if they simply provide protection at the physical perimeter.
Security for virtualised environments is integral and must provide a capable defence against intrusions and malware, and provide protection against the exfiltration of sensitive data.
The final challenge is the separation of duties when managing different systems, with companies rarely existing on virtualisation alone. This complexity can lead to some vulnerabilities going unchecked into the organisation.
Steps for virtualisation security
While challenges do arise when looking toward virtualisation, it is still possible to mitigate risks and have virtual and physical environments safely coexist. Embracing effective security methods can help organisations reap the benefits of virtualisation.
Firstly, New Zealand organisations looking toward virtualisation should think about security in a virtual environment. Review the different challenges and don’t rely simply on legacy physical security. Plan for effective security that protects your physical and virtual environments equally.
Secondly, look at a security solution that can protect inter-VM traffic and still be contained in the virtual environment.
Organisations need protection for the hypervisor and inter-VM traffic without the need to change network configuration during policy creation. This will secure the inter-VM traffic while allowing VMs to migrate from one host to another without breaking the connection.
Finally, find a security solution that keeps enterprise security standards consistent for both physical and virtual environments and allows for the management of physical and virtual security from the same system.
As organisations across New Zealand continue to grow, the need to virtualise becomes a necessity.
A common goal and management system for security ensures optimisation, agility and automation across environments, helping organisations reap the benefits of virtualisation.
By Hamish Soper, NZ country manager, Check Point Software Technologies
This article was originally published in the March 2014 issue of IT Brief magazine - click here for more details