Perimeter
9/11/2009
02:56 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Crossbeam Publishes White Paper On Securing Virtualized Data Centers

"The Emergence of Two Clouds" outlines the risks around security virtualization, particularly when it comes to the complexities that arise when trying to manage multiple trust boundaries

BOXBOROUGH, Mass.—September 10, 2009—Crossbeam Systems, Inc., the leading provider of next-generation security platforms for high-performance networks, announced today the availability of a whitepaper titled "The Emergence of Two Clouds." The whitepaper is designed to help IT managers understand the unique challenges of securing virtualized environments and provide insight into a new best practices-based architecture that can greatly simplify management operations, while improving the flexibility and adaptability of the two current options: physical appliances and virtual security appliances. To download a copy of the whitepaper, please visit http://www.crossbeam.com/company/download_registration.php.

"For network security, there are significant consequences to mass deployment of virtualization technology," said Jon Oltsik, principal analyst at Enterprise Strategy Group. "Crossbeam's whitepaper elevates the discussion to help IT staff take advantage of security virtualization—which introduces a host of complex issues related to inter-VM traffic boundaries and VM sprawl. These concepts need to be better understood in order to move security virtualization forward from a great concept to a well-articulated security strategy."

Today, the potential security risks associated with virtualizing data centers are significant, leading many IT managers to stop short of virtualizing everything in the data center. Despite the advancements in virtualization, there is still a fundamental lack of knowledge and best practices that can help IT managers understand the consequences of a fully virtualized infrastructure and, most importantly, avoid the operational pitfalls.

"One of the biggest challenges IT managers face is the complexity of managing trust boundaries between Web, application and database VMs once the physical connections are removed," said Jim Freeze, Crossbeam's chief marketing officer. "Ironically, in an effort to protect between the virtualized layers, they end up replacing appliance sprawl with virtual machine sprawl and opening the door to new levels of risk. As the pressure mounts to virtualize more mission-critical IT infrastructure, the question of whether security virtualization can be done successfully is top of mind. The answer is yes, but not in a traditional IT architecture."

"The Emergence of Two Clouds" whitepaper outlines a third approach that creates a "two cloud" environment between the virtualized applications and the network security infrastructure. This enables companies to maintain trust boundaries and meet performance and reliability requirements, without losing any of the flexibility and adaptability benefits of a virtualized infrastructure.

"Once you have separated security from the application infrastructure, the problems associated with security virtualization are eliminated," added Freeze. "For instance, Crossbeam can centralize control of hundreds of virtualized services such as firewall and IPS and allow IT operations to manage traffic flow dynamically through the appropriate security service depending upon which trust boundary the data is crossing. Deploying these services on the X-Series platform gives IT managers the flexibility they need to scale and provision security services, without experiencing degradation in performance."

Crossbeam's X-Series Next Generation Security Platform enables customers to consolidate their security infrastructure on a scalable, carrier-class platform that virtualizes the delivery of best-of-breed security applications. Large enterprises and service providers use the X-Series to provide unprecedented scalability, flexibility and performance for their security deployments, while driving down costs and energy consumption.

About Crossbeam Crossbeam Systems, Inc. transforms the way enterprises, service providers and government agencies architect and deliver security services. The basis of Crossbeam's solution is its Next Generation Security Platform, a highly scalable software and hardware platform that facilitates the consolidation, virtualization and simplification of security services delivery, while preserving the customers' choice of best-of-breed security applications. Crossbeam offers the only security platform that delivers unparalleled network performance, scalability, adaptability and resiliency. Customers choose Crossbeam to intelligently manage risk, accelerate and maintain compliance, and protect their businesses from evolving threats. Crossbeam is headquartered in Boxborough, Mass., and has offices in Europe, Asia Pacific and Latin America. More information is available at http://www.crossbeam.com/.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-3946
Published: 2014-04-24
Cisco IOS before 15.3(2)S allows remote attackers to bypass interface ACL restrictions in opportunistic circumstances by sending IPv6 packets in an unspecified scenario in which expected packet drops do not occur for "a small percentage" of the packets, aka Bug ID CSCty73682.

CVE-2012-5723
Published: 2014-04-24
Cisco ASR 1000 devices with software before 3.8S, when BDI routing is enabled, allow remote attackers to cause a denial of service (device reload) via crafted (1) broadcast or (2) multicast ICMP packets with fragmentation, aka Bug ID CSCub55948.

CVE-2013-6738
Published: 2014-04-24
Cross-site scripting (XSS) vulnerability in IBM SmartCloud Analytics Log Analysis 1.1 and 1.2 before 1.2.0.0-CSI-SCALA-IF0003 allows remote attackers to inject arbitrary web script or HTML via an invalid query parameter in a response from an OAuth authorization endpoint.

CVE-2014-0188
Published: 2014-04-24
The openshift-origin-broker in Red Hat OpenShift Enterprise 2.0.5, 1.2.7, and earlier does not properly handle authentication requests from the remote-user auth plugin, which allows remote attackers to bypass authentication and impersonate arbitrary users via the X-Remote-User header in a request to...

CVE-2014-2391
Published: 2014-04-24
The password recovery service in Open-Xchange AppSuite before 7.2.2-rev20, 7.4.1 before 7.4.1-rev11, and 7.4.2 before 7.4.2-rev13 makes an improper decision about the sensitivity of a string representing a previously used but currently invalid password, which allows remote attackers to obtain potent...

Best of the Web