Capacity, Scalable Systems
Most data centers today must handle very high volumes of traffic across applications and therefore systems housed in data centers must be capable of handling very high throughput rates and be able to control high volumes of traffic crossing different domains. Systems, such as data center firewalls, must be able to manage a very large number of concurrent sessions owing to the speed with which sessions are set up and torn down in virtual environments. This means that data center systems must have very high processing power and must be able to avoid bottlenecks that could impede security.
Centralized Data Security Management
Security controls that are bolted on to specific systems are a management headache as the administration and maintenance of each control is usually specific to that control. In order to manage security in the complex, highly distributed data center environment that is increasingly common today, security controls should have a robust, centralized management system through which policies can be defined and enforced and through which granular controls can be placed over users, applications and resource domains. This will provide greater visibility over the security controls placed on every resource and system and will provide management reports regarding their effectiveness. Technologies are available with centralized management that can automatically update and patch a variety of systems and push them out to the devices that need them.
To meet compliance needs, security information and event management (SIEM) systems with centralized management can be used to monitor all network activity, such as application access and use patterns, and will analyze log files from a variety of sources to show how effective security controls are across the data center
Protecting Data Center Assets: The Ultimate Goal
Owing to the changing nature of computing, there is much consolidation and modernization being seen with regard to data center assets in order to take advantage of developments such as virtualization and cloud computing. This increases the complexity of data center environments further and also changes the way organizations need to think about security. In new data center environments, security needs to be built into the design and applied holistically across all assets, not tied to specific systems, with centralized management providing high levels of visibility and control to ensure that there are no gaps in protection.
About the Author
Fran Howarth is a principal analyst with Bloor Research, a European IT research company. A member of "Who's Who in e-Business" and a past judge for the Codie awards in security categories, Ms. Howarth has worked as a consultant and analyst for 20 years, including at the Aberdeen Group, KPMG Consulting, the Economic Intelligence Unit, and Quocirca Ltd. She is a frequent contributor to Faulkner's Security Management Practices publication, and may be reached via email: fhowarth@gmail.com.
This article is based on a comprehensive report published by Faulkner Information Services, a division of Information Today, Inc., that provides a wide range of reports in the IT, telecommunications, and security fields. For more information, visit www.faulkner.com.
To subscribe to the Faulkner Information Services, visit www.faulkner.com/showcase/subscription.asp.