The rapidly growing world of security virtualization

The following is a guest post by a 2016 Secure360 Twin Cities Platinum Sponsor Fortinet. 

Computing inside most data centers has long been seen as the bleeding edge when it comes to the implementation and deployment of new technologies. Virtualization is a prime example: today virtualized computing environments are gaining foothold throughout enterprises… but in many data centers, virtualization has existed in some form or another for about 15 years! In many data centers, virtualization is often the default form of compute-workload. 

The benefits

The benefits to data center operators and cloud service providers are obvious: being able to offer customers the ability to scale up or down almost instantaneously, not to mention the affordability of being able to provide such flexibility… providers have predicated their entire business model on building infrastructure that is as efficient and as automated as possible to keep costs down, both for themselves and their customers. It’s no wonder enterprises are flocking to virtualization in droves. 

The rapidly growing world of virtualization

Beyond the traditional computing found in the DC, though, many network elements or ‘functions’ are now virtualized as well. First we saw switching and routing move to a ‘fabric’ inside software, managed between the underlying hypervisor and the guest VM. But it’s now moved beyond basic networking functions: other elements like firewalls, IPS, DNS, web proxies and other elements are now being run as VMs rather than as disparate hardware appliances. Not all security elements in the DC and in the cloud are being virtualized though – aggregation points like Internet firewalls, SSL proxies and VPN concentrators are still using appliances. This is largely a speed issue for now – many of these elements require high throughput and intense processing requirements. For now, virtualization doesn’t have that kind of capability … there are discreet processing limits and certain hardware-based/ASIC acceleration still provide significant traffic throughput advantages over a virtualized equivalent. In many environments where 10Gbps (or more) of throughput and security processing is needed, virtualized environments are not an option… yet.

Nonetheless, virtualization of many network elements is spreading from the DC and the cloud and now into the transport networks and edge devices (gateways) in both the enterprise and at the carrier level. Join us at Secure360 where we will discuss some of the opportunities and challenges surrounding the rapidly growing world of security virtualization both inside and outside the DC and cloud environments.