Organizations using physical security model for virtualized environment

Respondents view targeted attacks and security breaches as the biggest threats to the virtualized data center, according to the survey of IT professionals and information security decision makers at North American companies with 500 or more employees conducted by Network World on behalf of McAfee and Brocade.

When asked to rate security challenges, 77% rate intrusion prevention as “critical” or “important”; 26% view targeted attacks as their biggest concerns; and 24% think security breaches are their biggest concerns, the survey found.

“Intrusion prevention and thwarting hacking of network assets are extremely important in today’s virtualized landscape”, observed Tyler Carter, senior group manager for product marketing at McAfee. “Every day we see another example of data center environments, web servers, and databases that have been compromised due to insufficient network security. Just because you transition that critical infrastructure from a physical environment to a virtual environment doesn’t mean that you can slacken your threat prevention effort”, he told Infosecurity.

The survey shows that 62% of respondents are planning or engaged in data center upgrades, many due to increased use of virtualization. Additionally, 29% of the respondents report that scaling server virtualization is a concern, and 32% report that bandwidth and traffic engineering are important issues.

The results show that virtualization comes at a cost and that traditional networking architectures are not always best suited to handle the demands of a virtualized environment. Application security can fail when subjected to data center-wide server virtualization and application mobility, the survey noted.

In the survey, 40% of respondents said that moving virtual machines is challenging because it introduces operational complexity and 25% indicated a concern with securing trust boundaries.

“As organizations build out virtual data centers or private clouds, physical aggregation points disappear. So the physical switches and routers are replaced by virtual switches and routers and flatter networks. As that happens, you need to have ways to maintain trust boundaries between what used to have a physical boundary”, observed Carter.

“You need to make sure you are not mixing and matching the wrong virtual assets that previously had physical layers of separation and security between those assets”, he said.

What’s hot on Infosecurity Magazine?