The security of virtual computers can be achieved by means of application program interfaces that enable select partners (such as McAfee, RSA, Check Point, Symantec, Sophos and others) to install security products that will support virtual environments. The result is an approach to security that provides customers with a cloud-based approach for running secured applications.
The interoperability of hypervisors with the offerings of various security products makes it possible for third-party vendors to manage, through the hypervisor, the protection of virtual machines in a cloud. By this means the security applications can identify malware or denial of service attacks. Security vendors can also use the hypervisors to detect and eliminate intrusions that have unprecedented characteristics, while retaining a record of such attempts for taking corrective actions.
The virtualization technology program for security partners includes the sharing of open, interoperable and cross-platform technologies. These become affordable by providing a continued stream of innovative security solutions, which is spread over a large machine population. By deployment of security measures to the entire cloud of virtual machines customers can obtain lower costs and gain greater visibility at network control centers. By applying consolidated security techniques it is possible to fund sophisticated forensic analysis, which can be scaled over thousands of servers and millions of personal computers.
Virtualization of security cannot be simply appended to servers or desktop computers, as is currently the case when virus protection software and firewalls are installed individually. There will be always gaps in the protective measures on account of the obsolescence of security software updates as well as the insufficiency of maintenance talent due to funding limitations. In most cases there will not be adequate personnel available for monitoring and then reacting to security incursions.
The intruders will be always seeking out unprotected gaps in protection. With millions of security incursions into the DoD networks per day, the number of potential out of control situations will overwhelm the defenders, unless the systems assurance designs offer well staffed consolidation of surveillance.
Third party “Security Virtual Appliances” should be embedded within the hypervisor technologies. These appliances provide services such as antivirus, personal firewall, intrusion detection, intrusion prevention, anti-spam, URL filtering, and others. With the growing importance of cloud management of thousands of servers, under central control, it is important to realize that the implementation of security cannot be an afterthought. Security must be fused into the cloud design as it evolves into a comprehensive virtual machine infrastructure.
This arrangement allows the monitoring and enforcement of network traffic within a virtual datacenter to meet corporate security policies and ensure regulatory compliance. It enables the running of applications efficiently within a shared computing resource pool, while still maintaining trust and network segmentation of users and sensitive data as needed.
Cloud computing, which can include thousands of servers, requires the full integration with the capabilities offered by vendor supplied security appliances. Such safeguards are expensive. They also require the vigilance of exceptionally well-trained personnel as well as the availability of an extensive suite of forensic tools.
On account of the huge costs for assuring the protection of DoD computing, the security of its 15,000 networks can be achieved only through the application of protective safeguards that operate in a cloud environment.