Perimeter
9/11/2009
02:56 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Crossbeam Publishes White Paper On Securing Virtualized Data Centers

"The Emergence of Two Clouds" outlines the risks around security virtualization, particularly when it comes to the complexities that arise when trying to manage multiple trust boundaries

BOXBOROUGH, Mass.—September 10, 2009—Crossbeam Systems, Inc., the leading provider of next-generation security platforms for high-performance networks, announced today the availability of a whitepaper titled "The Emergence of Two Clouds." The whitepaper is designed to help IT managers understand the unique challenges of securing virtualized environments and provide insight into a new best practices-based architecture that can greatly simplify management operations, while improving the flexibility and adaptability of the two current options: physical appliances and virtual security appliances. To download a copy of the whitepaper, please visit http://www.crossbeam.com/company/download_registration.php.

"For network security, there are significant consequences to mass deployment of virtualization technology," said Jon Oltsik, principal analyst at Enterprise Strategy Group. "Crossbeam's whitepaper elevates the discussion to help IT staff take advantage of security virtualization—which introduces a host of complex issues related to inter-VM traffic boundaries and VM sprawl. These concepts need to be better understood in order to move security virtualization forward from a great concept to a well-articulated security strategy."

Today, the potential security risks associated with virtualizing data centers are significant, leading many IT managers to stop short of virtualizing everything in the data center. Despite the advancements in virtualization, there is still a fundamental lack of knowledge and best practices that can help IT managers understand the consequences of a fully virtualized infrastructure and, most importantly, avoid the operational pitfalls.

"One of the biggest challenges IT managers face is the complexity of managing trust boundaries between Web, application and database VMs once the physical connections are removed," said Jim Freeze, Crossbeam's chief marketing officer. "Ironically, in an effort to protect between the virtualized layers, they end up replacing appliance sprawl with virtual machine sprawl and opening the door to new levels of risk. As the pressure mounts to virtualize more mission-critical IT infrastructure, the question of whether security virtualization can be done successfully is top of mind. The answer is yes, but not in a traditional IT architecture."

"The Emergence of Two Clouds" whitepaper outlines a third approach that creates a "two cloud" environment between the virtualized applications and the network security infrastructure. This enables companies to maintain trust boundaries and meet performance and reliability requirements, without losing any of the flexibility and adaptability benefits of a virtualized infrastructure.

"Once you have separated security from the application infrastructure, the problems associated with security virtualization are eliminated," added Freeze. "For instance, Crossbeam can centralize control of hundreds of virtualized services such as firewall and IPS and allow IT operations to manage traffic flow dynamically through the appropriate security service depending upon which trust boundary the data is crossing. Deploying these services on the X-Series platform gives IT managers the flexibility they need to scale and provision security services, without experiencing degradation in performance."

Crossbeam's X-Series Next Generation Security Platform enables customers to consolidate their security infrastructure on a scalable, carrier-class platform that virtualizes the delivery of best-of-breed security applications. Large enterprises and service providers use the X-Series to provide unprecedented scalability, flexibility and performance for their security deployments, while driving down costs and energy consumption.

About Crossbeam Crossbeam Systems, Inc. transforms the way enterprises, service providers and government agencies architect and deliver security services. The basis of Crossbeam's solution is its Next Generation Security Platform, a highly scalable software and hardware platform that facilitates the consolidation, virtualization and simplification of security services delivery, while preserving the customers' choice of best-of-breed security applications. Crossbeam offers the only security platform that delivers unparalleled network performance, scalability, adaptability and resiliency. Customers choose Crossbeam to intelligently manage risk, accelerate and maintain compliance, and protect their businesses from evolving threats. Crossbeam is headquartered in Boxborough, Mass., and has offices in Europe, Asia Pacific and Latin America. More information is available at http://www.crossbeam.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Tech Digest, Dec. 19, 2014
Software-defined networking can be a net plus for security. The key: Work with the network team to implement gradually, test as you go, and take the opportunity to overhaul your security strategy.
Flash Poll
Title Partner’s Role in Perimeter Security
Title Partner’s Role in Perimeter Security
Considering how prevalent third-party attacks are, we need to ask hard questions about how partners and suppliers are safeguarding systems and data.
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3580
Published: 2014-12-18
The mod_dav_svn Apache HTTPD server module in Apache Subversion 1.x before 1.7.19 and 1.8.x before 1.8.11 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a REPORT request for a resource that does not exist.

CVE-2014-4801
Published: 2014-12-18
Cross-site scripting (XSS) vulnerability in IBM Rational Quality Manager 2.x through 2.0.1.1, 3.x before 3.0.1.6 iFix 4, 4.x before 4.0.7 iFix 2, and 5.x before 5.0.1 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.

CVE-2014-6076
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allow remote attackers to conduct clickjacking attacks via a crafted web site.

CVE-2014-6077
Published: 2014-12-18
Cross-site request forgery (CSRF) vulnerability in IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

CVE-2014-6078
Published: 2014-12-18
IBM Security Access Manager for Mobile 8.x before 8.0.1 and Security Access Manager for Web 7.x before 7.0.0 FP10 and 8.x before 8.0.1 do not have a lockout period after invalid login attempts, which makes it easier for remote attackers to obtain admin access via a brute-force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Join us Wednesday, Dec. 17 at 1 p.m. Eastern Time to hear what employers are really looking for in a chief information security officer -- it may not be what you think.