Gartner Blog Network

Intelligent Hybrid Security is the Future

by Neil MacDonald  |  March 12, 2010  |  Comments Off on Intelligent Hybrid Security is the Future

I blog quite a bit about virtualization and security. To address the security issues with datacenter virtualization, a large number of smaller, point solution vendors of virtualized security controls have appeared. This helps address the immediate issues (because the larger security vendors have been struggling with the potential disruption in embracing virtualization), but isn’t necessarily the right approach longer term. One of the recommendations I make in my research is:

To reduce the chance of misconfiguration and mismanagement, favor security vendors that span physical and virtual environments with a consistent policy management and enforcement framework.

Most enterprises will have a mix of virtualized and physical security controls for years and don’t want or need the added complexity of dealing with another vendor and console.

I’ll take it further. I am seeing a similar evolution in Cloud security. We may choose to place some security controls into the Cloud (e.g. web security gateways). However, just as with virtualization, most enterprises will have a mix of enterprise- and Cloud-based security controls.

There future of security controls will be a multi-dimensional hybrid across on-premises physical appliances, virtual appliances, embedded within Cloud-based workloads and delivered as a service by Cloud-based providers. Enterprise-to-Cloud and Physical-to-Virtual – seamlessly.

I added the word “intelligent” in front to make it explicit that a) I want a single way to manage and express policy across these enforcement points and b) I want these controls to coordinate among themselves for optimal security policy enforcement. For example, if I’ve got a deep packet inspection capable perimeter firewall, a DPI data center firewall, a virtualized DPI firewall appliance and a DPI capable firewall running inside of the VM, they all don’t need to deeply inspect the same stream. They should coordinate and ensure that only one deep inspection is performed.

We are getting close, but I believe we are still about two years away from this vision.

Additional Resources

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Category: cloud  next-generation-data-center  next-generation-security-infrastructure  virtualization-security  

Tags: adaptive-security-infrastucture  cloud-security  next-generation-data-center  virtual-appliances  virtualization-security  

Neil MacDonald
VP & Gartner Fellow
15 years at Gartner
25 years IT industry

Neil MacDonald is a vice president, distinguished analyst and Gartner Fellow in Gartner Research. Mr. MacDonald is a member of Gartner's information security and privacy research team, focusing on operating system and application-level security strategies. Specific research areas include Windows security…Read Full Bio

Comments are closed

Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.