Defining a set of security and compliance policies is a key step. Having a mechanism in place to implement and enforce security policy is not as easy. Many organizations have fallen victim to cyberattacks because the IT department had no plan in place to enforce a specific security policy. The good news is that one of the benefits of deploying network virtualization overlays is that they put in place a layer of abstraction that makes it much simpler to enforce security policies across a distributed computing environment.
But not everyone is aware that network virtualization can be used to enforce security policies. Brad Casemore, an analyst with IDC, said that application continuity is considered a bigger reason for virtualizing the network. However, he added that because of the popularity of micosegmentation enabled by network virtualization, more IT operations teams are discovering how to enforce security policies by leveraging the isolation microsegmentation provides.
Arguably, one of the biggest issues with IT security is the divide that exists between security professionals that come up with policies and the IT operations teams that have to enforce them. In the wake of a security breach there’s usually a lot of finger pointing that in the grand scheme of things is counterproductive. Rather than engaging in multiple rounds of the IT security blame game, it’s in the best interest of all to improve security at the lowest level of the IT infrastructure environment possible.
Because of the increasing number of high-profile IT security breaches, IT organizations are making security a big priority. In fact, Steve Niesman, president and CEO of itelligence, a systems integration arm of NTT Data Business Solutions, said IT security and modernization projects are often closely linked. IT leaders have discovered that the older the technology being used in a production environment, the tougher the security challenge becomes. Because of that, Niesman said that when most new applications are not being deployed in a public cloud or hosted environment, they wind up running on IT infrastructure that has been upgraded in one way or another.
Network virtualization, of course, is a key element of any data center modernization at the network level because it provides a crucial layer of abstraction and isolation that doesn’t require organizations to rip and replace the entire network underlay.
Nevertheless, Eric Thomas, director of professional services for Extrahop, a provider of IT analytics tools, said that while network virtualization represents an opportunity for security teams to take advantage of a platform deployed by IT operations teams to implement firewalls, they will often still need to manage physical firewalls that are not integrated with the network virtualization layer.
In the meantime, employing network virtualization to better integrate network and security management is a noble goal. Most IT organizations can take comfort in that face that network virtualization does provide a simpler way to implement security policies regardless of who in the organization defined them.