It is a fact that virtualization is looked upon to reduce the physical boundaries between applications and work and making it virtual and dynamic. There has been a hunt by the companies for a long duration now in search of a method or technology that can provide similar effects for security control in a cloud and control the traffic through its data centers. Thus came Micro-segmentation. It uses software technology to manage virtual machines, wherein the VM are present on different or the same servers, different grouping, isolation and more and can still be all controlled effectively and access control can be applied.
To ensure security, traditional networks are usually divided into security zones, where groups of assets such as servers or desktops are put on different network segments. Security policies are then performed over the traffic between these zones. The zones can be set up as needed for departmental boundaries, functions or for security. This division creates regions where access violation doesn't affect or penetrate the other zones as quickly and effectively and in turn doesn't hinder the daily and regular usage of the cloud and it's usage performance.
Micro-segmentation is not a complete fix though. There are issues like Virtualization Security that are yet to be answered by it. Micro-segmentation is held accountable on multiple stands, some of them being the technology needing to offer the same level of elasticity that the data center provides, handling both the change in the size of the physical infrastructure, as well as the change of workloads that run on the infrastructure. Also the need to work with a diverse set of hardware and software environments stands strong. In order to provide on-demand security in the virtualized environment, it is necessary for the Micro-segmentation to support changes to security functionalities without changes in the infrastructure. To end this off, the Micro-segmentation solution needs to integrate well with cloud orchestration and avoid intrusive changes to the cloud infrastructure.
No comments:
Post a Comment