By Richard Dornhart, National Security Practice Manager, Data#3
[Reading Time – 3 minutes]
When thinking of the relationship between infrastructure and data, it is useful to consider the various distributed networks of enterprise IT as a sort of neighbourhood. In this analogy, data centres are the buildings and the network links are the roads. From a security perspective, we have long sought to secure our networks by placing stronger locks on the doors of those buildings.
Yet data and applications constantly move laterally between data centres, Public/Private Cloud infrastructure and the various layers of applications. The number of possible connection points and the volume of traffic means that total protection of all that internal traffic is simply not viable. It is not feasible, for instance, to have a security guard overseeing every street corner, or every office on every floor of every building.
To cope with this new reality, a new security paradigm is emerging based on network virtualisation.
The key virtue of network virtualisation is that it creates a layer that is effectively a map between the application and the underlying physical infrastructure. In this way, the virtual fabric can be leveraged to align security policies and controls directly to the application, independent of the infrastucture underneath.
How does this work? Doesn’t this simply constitute another layer to manage, with all the implications of complexity it suggests?
Although it is true that network virtualisation does create an abstraction layer between infrastructure and applications, rather than asking ‘how can we secure virtualisation?’, a more useful question is ‘how can we use virtualisation to secure?’
Network virtualisation expands the possibilities of the control points offered by virtual switches, and broadens their functionality beyond routing and switching to include load-balancing, firewall and gateway capabilities. By introducing the notion of a virtual network controller, you introduce a central state distribution mechanism, to simulate control of all your virtual switches across a unified fabric. This essentially creates a network hypervisor, and a control point between every machine in that virtual network.
“Every program and every privileged user of the system should operate using the least amount of privilege necessary to complete the job.”
– Professor Jerome Saltzer, MIT, Communications of the ACM
The completeness of this approach allows network virtualisation security to act as an integrated system, rather than reactively creating endless silos. Additionally, since it allows us to view the infrastructure through the lens of the application, network virtualisation becomes the perfect platform by which Jerome Saltzer’s concept of ‘Least Privilege’ can be implemented.
Clearly, there is enormous and liberating power in being able to move towards software-based solutions to our problems – but how do we do that, without being forced to operate in the same trust domain as an attacker? This is the question that has necessitated us rethinking what effective enterprise security looks like, and why network virtualisation offers a new pathway forward.
In the 3rd post of this blog series, we’ll examine the role that encryption plays in protecting data flow, and how quickly it can become problematic to manage once it is extended beyond its typical boundaries.