Perimeter
9/11/2009
02:56 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Crossbeam Publishes White Paper On Securing Virtualized Data Centers

"The Emergence of Two Clouds" outlines the risks around security virtualization, particularly when it comes to the complexities that arise when trying to manage multiple trust boundaries

BOXBOROUGH, Mass.—September 10, 2009—Crossbeam Systems, Inc., the leading provider of next-generation security platforms for high-performance networks, announced today the availability of a whitepaper titled "The Emergence of Two Clouds." The whitepaper is designed to help IT managers understand the unique challenges of securing virtualized environments and provide insight into a new best practices-based architecture that can greatly simplify management operations, while improving the flexibility and adaptability of the two current options: physical appliances and virtual security appliances. To download a copy of the whitepaper, please visit http://www.crossbeam.com/company/download_registration.php.

"For network security, there are significant consequences to mass deployment of virtualization technology," said Jon Oltsik, principal analyst at Enterprise Strategy Group. "Crossbeam's whitepaper elevates the discussion to help IT staff take advantage of security virtualization—which introduces a host of complex issues related to inter-VM traffic boundaries and VM sprawl. These concepts need to be better understood in order to move security virtualization forward from a great concept to a well-articulated security strategy."

Today, the potential security risks associated with virtualizing data centers are significant, leading many IT managers to stop short of virtualizing everything in the data center. Despite the advancements in virtualization, there is still a fundamental lack of knowledge and best practices that can help IT managers understand the consequences of a fully virtualized infrastructure and, most importantly, avoid the operational pitfalls.

"One of the biggest challenges IT managers face is the complexity of managing trust boundaries between Web, application and database VMs once the physical connections are removed," said Jim Freeze, Crossbeam's chief marketing officer. "Ironically, in an effort to protect between the virtualized layers, they end up replacing appliance sprawl with virtual machine sprawl and opening the door to new levels of risk. As the pressure mounts to virtualize more mission-critical IT infrastructure, the question of whether security virtualization can be done successfully is top of mind. The answer is yes, but not in a traditional IT architecture."

"The Emergence of Two Clouds" whitepaper outlines a third approach that creates a "two cloud" environment between the virtualized applications and the network security infrastructure. This enables companies to maintain trust boundaries and meet performance and reliability requirements, without losing any of the flexibility and adaptability benefits of a virtualized infrastructure.

"Once you have separated security from the application infrastructure, the problems associated with security virtualization are eliminated," added Freeze. "For instance, Crossbeam can centralize control of hundreds of virtualized services such as firewall and IPS and allow IT operations to manage traffic flow dynamically through the appropriate security service depending upon which trust boundary the data is crossing. Deploying these services on the X-Series platform gives IT managers the flexibility they need to scale and provision security services, without experiencing degradation in performance."

Crossbeam's X-Series Next Generation Security Platform enables customers to consolidate their security infrastructure on a scalable, carrier-class platform that virtualizes the delivery of best-of-breed security applications. Large enterprises and service providers use the X-Series to provide unprecedented scalability, flexibility and performance for their security deployments, while driving down costs and energy consumption.

About Crossbeam Crossbeam Systems, Inc. transforms the way enterprises, service providers and government agencies architect and deliver security services. The basis of Crossbeam's solution is its Next Generation Security Platform, a highly scalable software and hardware platform that facilitates the consolidation, virtualization and simplification of security services delivery, while preserving the customers' choice of best-of-breed security applications. Crossbeam offers the only security platform that delivers unparalleled network performance, scalability, adaptability and resiliency. Customers choose Crossbeam to intelligently manage risk, accelerate and maintain compliance, and protect their businesses from evolving threats. Crossbeam is headquartered in Boxborough, Mass., and has offices in Europe, Asia Pacific and Latin America. More information is available at http://www.crossbeam.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2963
Published: 2014-07-10
Multiple cross-site scripting (XSS) vulnerabilities in group/control_panel/manage in Liferay Portal 6.1.2 CE GA3, 6.1.X EE, and 6.2.X EE allow remote attackers to inject arbitrary web script or HTML via the (1) _2_firstName, (2) _2_lastName, or (3) _2_middleName parameter.

CVE-2014-3310
Published: 2014-07-10
The File Transfer feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center does not verify that a requested file was an offered file, which allows remote attackers to read arbitrary files via a modified request, aka Bug IDs CSCup62442 and CSCup58463.

CVE-2014-3311
Published: 2014-07-10
Heap-based buffer overflow in the file-sharing feature in WebEx Meetings Client in Cisco WebEx Meetings Server and WebEx Meeting Center allows remote attackers to execute arbitrary code via crafted data, aka Bug IDs CSCup62463 and CSCup58467.

CVE-2014-3315
Published: 2014-07-10
Cross-site scripting (XSS) vulnerability in viewfilecontents.do in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCup76308.

CVE-2014-3316
Published: 2014-07-10
The Multiple Analyzer in the Dialed Number Analyzer (DNA) component in Cisco Unified Communications Manager allows remote authenticated users to bypass intended upload restrictions via a crafted parameter, aka Bug ID CSCup76297.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.