Press Release
Overcoming Cloud Computing’s Biggest Challenge: Virtual Network Security
Stonesoft shares five network tactics to help resolve cloud security issues
ATLANTA – April 14, 2010 – Stonesoft, a global provider of proven,
innovative network security solutions, has identified five ways that organizations can improve
cloud computing security. This announcement comes on the heels of recent research released from
Gartner, Inc. citing that 60 percent of virtualized servers will be less secure than the physical
servers they replace through 2012 (Source: Addressing the Most Common Security Risks in Data Center
Virtualization Projects, January 2010).
Today, most organizations deploy virtualization technologies without involving information
and network security teams in the initial planning stages. As a result, many organizations are
simply retrofitting their virtual networks with existing physical network security strategies and
technologies. This lack of foresight and technological preparedness drastically weakens network
security, which presents the biggest known challenge to the success of cloud computing with
large-scale organizations.
In response, Stonesoft has identified five ways IT teams can protect themselves against cloud
security threats and attacks, while helping ensure the success of their cloud computing strategies.
They include:
1. Federated ID: Inherent in a cloud computing environment is the need for
workers to log into multiple applications and services. This presents a formidable security
pitfall, as organizations may lose control over their ability to ensure strong authentication at
the user level. To mitigate this risk, organizations need “single sign-on” capabilities – such as
those provided by the StoneGate SSL VPN – that enable users to access multiple applications and
services, including those located outside of the organization in the public cloud, through a single
login. With this ability, organizations can streamline security management and ensure strong
authentication within the cloud.
2. Always-on Connectivity: When the majority of an organization’s critical
business data is stored in the cloud, network downtime can shut down business operations. Access to
cloud services must be always available, even during maintenance, thus requiring high availability
technologies and capabilities such as active/active clustering, dynamic server load balancing and
ISP load balancing within the network infrastructure. Organizations should seek technologies that
are built into their network solutions, rather than purchase them as standalone products to ensure
effectiveness, ease of management and reduced network costs.
3. Multi-layer Inspection: The rise of the cloud computing environment and
increased sophistication of threats has created a need for a proper layered defense comprised of
perimeter protection and intrusion detection and prevention capabilities within the network. Rather
than implementing first-generation firewalls to protect the cloud at the perimeter, Stonesoft
recommends the deployment of virtual
next generation firewall
appliances– like the StoneGate Virtual NextGen Firewall – that integrate advanced firewall and IPS
capabilities for deep traffic inspection. This will allow organizations to inspect all levels of
traffic, from basic Web browsing to peer-to-peer applications and encrypted Web traffic in the SSL
tunnel. Additional IPS appliances should be implemented to protect networks from internal attacks
that threaten access to the cloud.
4. Centralized Management: Human error is still the greatest network
security threat facing both physical and virtual computing environments. As companies deploy
additional network devices to secure their virtual networks, they exponentially increase this risk
as device management, monitoring and configuration become more tedious and less organized. For this
reason, Stonesoft recommends companies use a single management console to manage, monitor and
configure all devices – physical, virtual and third-party.
5. Virtual Desktop Protection: More and more organizations are deploying
virtual desktops to realize the cost and administration benefits. However, these desktops are just
as – if not more – vulnerable than their physical counterparts. To adequately protect virtual
desktops, organizations should isolate them from other network segments and implement deep
inspection at the network level to prevent both internal and external threats. Those organizations
should deploy a multi-pronged approach to security by implementing IPS technology that prevents
illegal internal access, protects the clients from malicious servers, as well as providing secure
remote access capabilities through IPsec or SSL VPN that protects against unauthorized external
access.
Stonesoft currently offers a selection of virtual network security solutions that provide
advanced security in the cloud. These include the StoneGate Virtual NextGen Firewall, StoneGate
Virtual IPS and StoneGate Virtual SSL VPN. For more information on these solutions, please visit
www.stonesoft.com.
About Stonesoft
Stonesoft Corporation (NASDAQ OMX: SFT1V) delivers proven, innovative solutions that simplify network security management for even the most complex network environments. The StoneGate Platform unifies management of entire networks—including StoneGate and third-party devices—blending integrated threat management, end-to-end high availability and network optimization into a centrally controlled system. As a result, Stonesoft provides the highest levels of proactive control, always-on connectivity and compliance at the lowest total cost of ownership (TCO) on the market today. Founded in 1990, the company is an established leader in network security innovation with corporate headquarters in Helsinki, Finland and Americas headquarters in Atlanta, Georgia. For more information, visit www.stonesoft.com. and http://stoneblog.stonesoft.com.Media Contact
Hannah Bowerhannah@bower-communications.com
404.371.3989
Wednesday, April 14, 2010
