Dan Raywood talks to CloudShare’s VP R&D, Muly Gottlieb, about the battle between cloud and security
The eternal battle between cloud and security, and the determination of whether cloud is actually secure, has been going on for many years now. Are cloud and security companies still enemies in 2017, in a world where cloud storage, hosted applications and SaaS options are increasingly popular?
According to research by Gemalto and the Ponemon Institute, 60% say it is more difficult to protect confidential or sensitive information in the cloud, while security and privacy of data and systems in the cloud remains a top worry for 70% of IT professionals, found Netwrix.
Speaking to Infosecurity, Muly Gottlieb, vice-president of R&D at CloudShare, said that, “Cloud and security are no longer enemies as security companies also want to embrace the benefits of cloud: infinite scale, pay per use, and the ease of making their applications or products available. They realize it is now a ‘must have’ and not an extra”, he said.
“Cloud and security are no longer enemies as security companies also want to embrace the benefits of cloud"Muly Gottlieb, vice-president of R&D, CloudShare
Gottlieb added that on-premise software providers find it hard to jump on the wagon of cloud, but see the value of efficiency and the ability to scale cost-effective. “The way technology companies sell and give demos on the one hand, and training on the other, has meant that a shift to the cloud is needed and ultimately is more efficient as you don’t need more head count to build and power them, so this has been a general trend for many years now. Companies know it’s more efficient if every sales engineer can sit in their office behind a desk and show demos across the globe all in the cloud”, he summarized.
Gottlieb admitted that security companies have been less concerned about the data theft aspect of security since most network security products are eventually aimed to be installed on-premise at customer sites. However, the main barrier that has kept security companies from using the cloud has been the complexity involved in replicating and demonstrating a fully blown product. He explained that if a company has a complex system, it is not always possible to use the commodity cloud providers to deliver anything but a scaled down version of their product. Cloud benefits have existed for a long time, but security has been last to join because of their complexities”, concluded Gottlieb.
That’s where vendors like CloudShare come in, serving this need by offering specialized cloud solutions to allow security companies and others with complex environments to use the cloud. CloudShare provide premium IT labs in the cloud to enable training, demos and PoCs, as well as development and testing for complex software products.
Is the problem of delivering scaled down demos a common problem? Gottlieb said it is and explained that to give a good demo, security companies need to simulate real-life environments with multiple network subnets, usually involving modeling safe networks, the internet and the DMZ. As commodity cloud providers focused their attention on services for cloud-native applications, support for such complex environments isn’t available. Therefore security vendors often use in-house solutions with their own on-premise data centers, leading them to demonstrate dumbed-down versions of their product, fly people or hardware, or both– all of which are costly, inefficient or don’t show all features.
He went on to explain that another barrier that has kept security companies from leveraging the cloud was the need to support ‘promiscuous mode’ in networking, where all messages need to pass to the application layer, regardless of their specific destination. This is because many security applications need to examine all messages going over the wire. As they were built for cloud-native applications, the commodity cloud providers don’t support this need. Without this, security companies are unable to demonstrate their full capabilities and are forced to show scaled down versions of their products.
A further requirement many security companies have is nested virtualization. According to Webopedia, nested virtualization refers to virtualization that runs inside an already virtualized environment. In other words, it's the ability to run a hypervisor inside of a virtual machine (VM), which itself runs on a hypervisor. With nested virtualization, you're effectively nesting a hypervisor within a hypervisor. Gottlieb stated, “If a security vendor’s system contains virtualized machines, they need this capability to bring their product to the cloud, and this is another important feature which the commodity cloud providers don’t support.”
“If a security vendor’s system contains virtualized machines, they need this capability to bring their product to the cloud"Muly Gottlieb, vice-president of R&D, CloudShare
Asked if cost saving was a driver in choosing a specialized cloud provider, Gottlieb said that cost savings are a reason, but that companies must calculate total cost of ownership, which is not straightforward. In many cases, costs need to be compared against in-house systems that need to be refreshed and require engineers to build and maintain them. The cost for a large-scale system could run six or seven figures every three years, plus the employee headcount needed to build and maintain it.
“Costs of time lags should also be taken into account. For example, it is common for an organization’s training director to have a new version of a software product but when using an in-house solution they are unable to start training their customers on it because their request gets stuck in the IT line as IT has other priorities. In addition to the costs of the delays in training, the sales director is held back by not being able to do demos and PoCs of the new version quickly enough because it is also added to IT’s list and also costs money to put it in place.
Gottlieb explained that CloudShare’s premium, ready-made IT labs make it easy to replicate and share complex environments in the cloud, and updates can be done in minutes rather than days or months. CloudShare provides specialized solutions for three main user groups – the first is technical training as salespeople, resellers and customers need to be trained on full systems; the second is sales enablement, enabling demos and PoCs for complex products; and the third is for development and test scenarios, enabling many developers and testers to test on as many identical and fully-featured environments as needed.
Gottlieb pointed out that CloudShare is built to deliver an on-premise experience in the cloud. He added that in addition to supporting the complex networking features described above, some of the other premium features that distinguish their offering from the giant commodity cloud providers include CloudShare’s ease of use. He describes it as “cloud built for humans” with a very human- friendly interface – both for the security vendor’s users and for their customers, employees and partners on the receiving side. It’s designed to set up easily and includes a lot of automation and cost-saving features such as smart policies and auto-suspend, which detects when a lab isn’t in use and can suspend it automatically to save costs.
This advertorial is sponsored by CloudShare.
