Cloud computing has become a much more defined platform. There are more use cases, and many more organizations are actively looking at cloud models today than ever before. We have better infrastructure, more resources, and a much more connected user. All of this is fueling tremendous growth in cloud adoption.
For example, the latest Cisco Global Cloud Index report predicts that:
- Annual global cloud IP traffic will reach 5.3 zettabytes by the end of 2017. By 2017, global cloud IP traffic will reach 443 exabytes per month (up from 98 exabytes per month in 2012).
- Global cloud IP traffic will increase nearly 4.5-fold over the next five years. Overall, cloud IP traffic will grow at a CAGR of 35 percent from 2012 to 2017.
- Global cloud IP traffic will account for more than two-thirds of total datacenter traffic by 2017.
This type of growth is driving cloud providers to offer new types of solutions, new ways to distribute data, and even better ways to compute. However, just like any technology that becomes a lot more popular, security concerns are also growing as data traverses the WAN and becomes much more accessible to malicious attacks.
What’s clear is that traditional security is no longer sufficient to protect the modern cloud workload. But what will next-generation security look like? Here are a few ways by which software-defined security is helping redefine the modern cloud:
Logical security abstraction
This is where we begin to separate the logical from the physical. A big part of next-gen security is having the ability to interact with technology at various layers. This means deploying virtual services that directly interact with underlying physical components. In some cases this could be asset management or a virtual service monitoring a remote physical port in a managed services scenario. Similarly, it might mean choosing between a physical appliance or a virtual security appliance. In all cases, the security of your datacenter is going to revolve around how well you can secure the virtual and cloud layer.
Scalable security services
Next-generation security uses various services to control and secure infrastructure data. Application firewalls, API-based client-less security, and network traffic service monitors all provide new levels of security. Imagine having a key application sitting behind a powerful application security engine. This engine heuristically learns how your application operates and halts any anomalous traffic.
Data security and control
It’s not just about securing your information. Because there is so much more data, next-generation security solutions can also help with traffic flow. This could mean pushing traffic to one logical node or another for a variety of reasons. Controls can be set up to manage inbound users and user groups. This creates a dynamic environment where data and users are managed intelligently while they utilize the cloud. What's more, because data and virtual machines are very fluid, agile, and capable of traversing a number of datacenter points, next-generation security is refining how all of this information is controlled and secured as it passes through various cloud points. This will really help advance data security, integrity, and control.
As more IT organizations gravitate to the burgeoning array of new cloud options, security teams will also need to consider what modern technologies they can add to their toolsets. New features and tools for your next-gen infrastructure could include virtual security services, security integration with cloud-based applications, and technologies that ensure that user data is always secure, in motion or at rest.
Regardless of the options or security features you choose to work with, it’s important to understand that there is a lot more data being generated every single day and that this data is becoming a lot more valuable. Next-generation security enables flexibility and diversity within a security offering. Your cloud, datacenter, and infrastructure are flexible and agile components -- your security model should be the same.