Neil MacDonaldAs security controls are virtualized (e.g. firewalls, IPS, web application firewalls and so on), one of the more significant concerns is performance and throughput.
I remember a demonstration about a year ago where an IPS running in a VM virtual appliance easily consumed 2 out of 8 cores in a multicore system. A 25% overhead for security controls didn’t make sense.
That was then. Hardware advances continue. Within the next year, 64 core systems will be common. Now 2 out of 64 cores is a different story. 3% overhead? That I’ll take.
The ever-increasing number of cores available along with advances like VMsafe and VMsafe’s “fast path” as well as improvements in i/o virtualization with next-generation processors will enable virtualized security controls to become mainstream, reducing the need for traditional proprietary hardware-based security inspection appliances and greatly lowering barriers to adoption.
Security shouldn’t have to be rationed.
Virtualization will radically change our approaches to information security over the next decade. I’ll be presenting my latest research on the topic at the upcoming Gartner US Symposium in Orlando. I hope to see you there!
Comments Off
Category: Next-generation Data Center Next-generation Security Infrastructure Virtualization Security Tags: Virtual Appliances, Virtualization Security, VMsafe
