Before we continue with the discussion on the top SDx Infrastructure areas where we believe we will see the most security innovation, we would like to present the findings of our SDx Security survey of a subset of our readers in the SDxCentral community to gain insights into current sentiments around security. The following represents what they had to say about the current state of security.
Cloud and Data Center Security Drivers
The open ended question “what are the top three security issues you are experiencing?” yielded a variety of responses, but some common themes centered around needing greater visibility across the infrastructure and consistency, in terms of the being able to apply controls and policies throughout the environment.
There was an undertone of frustration in many responses that indicated they spend so much of their time and resources just trying to keep everything up and running that they don’t have time to apply to protecting against more advanced threats to their environment. One respondent noted their “operational resources are absorbed in maintaining our environment; we are not able to focus on being smarter about how to detect and respond to attacks.”
Many others noted the complexity of the environment (distributed users, disparate platforms, etc.) they need to support and the lack of data (visibility) they are working with make it very difficult to cost-effectively apply end-to-end security.
With the shift to a Software-Defined Everything (SDx) infrastructure and the larger role of virtualization and the cloud, we expect to see the problem get worse before it gets better. However, innovation in the security market, over the next 3-5 years, will hopefully start to address the visibility and manageability issues currently plaguing the market.
Major Security Challenges
When asked to identify the major security challenges they faced, a majority of respondents identified an “inability to secure across public and private cloud environments” (57%), a “lack of visibility” (55%) and a “lack of support for virtualized environments” (55%) as their biggest hurdles. (Note, respondents could identify all that applied.)
This points to some of the inherent security challenges associated with virtualization and cloud technologies. While organizations can use virtualization and the cloud to pool resources more effectively and hide the complexity of the underlying hardware/software with abstraction, this capabilities can obscure the visibility required by the security and infrastructure teams.