I covered some key differences among data center technologies like software-defined networking (SDN), network functions virtualization (NFV) and network virtualization in a recent SecurityWeek column. Sometimes we throw these data center terms around so carelessly that we lose track of what they actually mean.
Rather than get caught up in acronyms and trendy buzzwords, consider that each of these technologies is a move towards a dynamic, services-oriented virtualized architecture.
Therefore, no matter what technology you adopt, you should consider whether your security solution can support dynamic, agile characteristics of virtual workloads without compromising network security. Here are some practical considerations as you consider how to secure your next-generation data center:
* Does your security solution offer comprehensive threat protection and visibility?
* Can an administrator apply dynamic security policies that are enforced even when virtual workloads move around?
* Is transparent traffic steering possible, or do you have to make manual network changes to steer traffic to your network security solution?
* Can your network security solution keep pace with the network's performance requirements?
* Can you manage and apply consistent security policies for virtualized and non-virtualized applications?
"Firewall helpers" or traditional security solutions that are rigid, slow and complex won't be all that helpful in a next-generation data center. Ensure that your network security solution includes all of these security considerations right from the beginning.
– Danelle Au, Director, Solutions Marketing