ACG Research

ACG Research
We focus on the Why before the What

Saturday, April 9, 2011

Data Center Security: Only as Strong or Safe as the Weakest Link

Although a government shutdown was averted, had it happened, cyber security and providing impregnable networks for the CIA, FBI and other U.S. government agencies with limited staffing and resources could have been severely compromised and had huge consequences and repercussions for these and other departments — not unlike security issues faced by enterprises. Data centers, whether government or enterprise owned, are key targets for criminals trying to hijack, steal or destroy critical and confidential information.

Enterprises and service providers must be able to quickly identify and respond to evolving threats, protect critical assets, and enforce their business policies. They need to understand that when they consider security they cannot only look at it as a point solution but as an end-to-end solution. Why? Because your security system is only as strong or safe as the weakest link in a network or infrastructure and having the appropriate security tools and controls ensures that firewalls and servers are not breached and systems are not at risk.

The security requirements vary somewhat when you consider the differences between enterprises and service providers. Enterprises are very critical about their networks and the importance of their infrastructure in relation to their business initiative. Essentially, they either manage their own network or have a partnership and coordinate their infrastructure/network security with a group of trusted managed service providers.

Service providers, on the other hand, must understand that just as with enterprises, applications are driving their networks. However, the key difference is that service providers are dealing with either hundreds or thousands of unrelated networks that require traffic flow isolation and each necessitate impenetrable security — both potentially costly requirements.

What must enterprises and service providers do to address the goals of (1) maintaining and upgrading the integrity of their network security while simultaneously (2) offering more services and expanding their market and (3) reigning in their OpEx?

To address their market share and retain their competitiveness, service providers must increase their content and applications, which demand more complex infrastructure requirements. Since all service providers are moving to IP because of the flexibility and potential cost saving (driven by convergence), security must be impregnable because IP increases security risk. Additionally, service providers need to maximize the value of each service they deliver either through multiplay or some manage service offering, both of which also have security requirements.

When it comes to service and security, the bottom line is that SPs need to, at a minimum, implement scalable, high-performance, reliable, and inviolable networks; manage multiple remote connections; and monitor and address potential security issues from many sources without degrading the customers’ experience. The challenge becomes one of juggling and balancing security and performance without compromising either.

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.