In the past decade, cloud computing has become increasingly popular among enterprises, with Gartner Research projecting IT spending on public cloud-based infrastructure services to surpass $24 billion in 2016, and associated management and security to surpass $8 billion. This evolution of our IT infrastructure brings with it concerns about the safety of our data, applications and end users. We talked to Chad Whalen about the move to the cloud, the related security concerns, and how Fortinet is protecting this rapidly-evolving IT infrastructure.
As cloud technologies rapidly mature, they offer enterprises a number of different deployment options.
Public cloud – Also commonly referred to as infrastructure as a service (IaaS), public cloud services from Amazon Web Services (AWS), Microsoft Azure, and other telcos and service providers are perhaps the most visible type of cloud computing.
Private cloud – Enterprises have been adopting server virtualization for IT efficiency and data center consolidation for a number of years, but the notion of private clouds is more than just a virtualized data center. Instead, internal data centers are being transformed by successive waves of technology from software-defined networking (SDN) to SD-WAN, tiered storage, and other so-called software-defined data center (SDDC) technologies. These converged and orchestrated layers of logical infrastructure enable internal IT teams, or rather IT as a service (ITaaS), to deliver internal infrastructure with the same flexibility, and often economies, as those offered by public cloud providers.
Hybrid cloud – Today, most organizations are moving to long-term strategies of deploying servers and applications on a combination of both private and public cloud infrastructure. The persistence of both internal and externally hosted platforms additionally dictates migration of large volumes of data and applications, persistent site-to-site connectivity, and stretching of network topologies across the WAN.
Software as a Service (SaaS) – As an alternative to deploying applications on cloud-based infrastructure, IT organizations can instead choose to procure web-based applications designed from the ground up to be delivered from the cloud, including popular applications like Salesforce.com, Office 365, and Dropbox. While appearing to be very different from IaaS cloud services like AWS, software as a service (SaaS) really represents another fundamental cloud computing approach where the underlying infrastructure, from compute to security, is the responsibility of the SaaS vendor (who may in turn deploy on another provider’s IaaS/PaaS platform).
Speed and agility: Solutions take too long to secure and deploy on premises. Virtualization provides enterprises the agility to provision, configure, and deploy infrastructure and applications nimbly and quickly for different organizations, business units, or projects.
Scalability: Cloud environments are designed to scale elastically to much larger capacities than traditional IT environments, and they give you the ability to ramp capacity up and down quickly on demand.
Cost: No large, upfront capital expenditures on hardware and software to run your network, fewer expensive software upgrades, reduced IT support costs, and predictable IT expenditures are just a few of the potential cost benefits of letting someone else manage your servers and applications. In addition, organizations increasingly expect to be able to consume infrastructure on demand, starting and stopping instantly, and paying for only the capacity they need at any given time on a metered (i.e., utility-based) model.
Service innovation velocity: The public cloud offers providers a great opportunity to easily innovate and deliver new services and offerings to extend their current business offerings to customers. These services can often be competitive differentiators for their business.
As an organization’s IT infrastructure stretches and evolves, the attack surface expands as well. If your security can’t keep up with the agile public, private, and hybrid cloud environments of today, gaps in protection will occur. The biggest challenge is the growing concern of exposing sensitive corporate data to advanced malware and threats in this new, fast-evolving cloud environment. Customers worry about the ability to present a consistent security posture across physical, virtual, private, and public cloud platforms. Another concern is the loss of visibility and manageability across all traffic and environments, which means internal breaches can go undetected and spread. Client-side threats, where malware infects a cloud infrastructure through an authorized, yet infected or compromised endpoint device, is also a real concern.
To keep pace with the rapid transition to the cloud and provide increased security effectiveness across any cloud environments, cloud security solutions need to be agile and scalable to meet changing needs. They also need to be segmented to minimize the impact of an advanced threat by isolating workloads, applications, data, and traffic, and consistent to ensure the seamless management, distribution, and enforcement of policy, as well as the collection of valuable threat intelligence.
The Fortinet Security Fabric provides market-leading security solutions for any virtualization and cloud environment, including the most widely adopted service provider security solutions in the market. Using a cloud-based management tool (FortiManager), a common operating system (FortiOS), and a single threat intelligence source for consistent enforcement (FortiGuard), organizations can weave together a single, integrated security fabric for complete visibility and control across their entire distributed network environment.
Read more on how to solve security challenges in hybrid cloud with Fortinet.