The State Of the Art In Cloud Security…
…is still firewalls and SSL.
Cloud: The “revenge of (overlay) VPN and PKI”
/Sad Panda
Categories: Cloud Computing, Cloud Security
Recent Posts
Recent Comments
- Truman Boyes on On building fire extinguishers and fighting fires…
- Kurt Bales (@networkjanitor) on On building fire extinguishers and fighting fires…
- stefan avgoustakis on On building fire extinguishers and fighting fires…
- Alex Williams on On building fire extinguishers and fighting fires…
- cloudtoad on Incomplete Thought: The Time Is Now For OCP-like White Box Security Appliances
Tag Cloud
A6
Amazon
Amazon EC2
Amazon Elastic Compute Cloud
Amazon Web Services
Application programming interface
Automation
AWS
Business
Cisco
Cisco Systems
Cloud
CloudAudit
Cloud Computing
Cloud computing security
Cloud Networking
Cloud Security
Cloud Security Alliance
Google
IaaS
Information Security
Infrastructure as a Service
Innovation
Microsoft
Nicira
NIST
OpenFlow
Open Source
OpenStack
Platform as a service
RSA
SaaS
SDN
Security
Software as a service
Software Defined Networking
Twitter
VCloud
Virtualization
Virtualization Security
Virtual machine
virtual networking
Virtual private network
VMware
VMware vSphere
Categories
- A6
- Active Defense
- Analysts
- Application Security
- Automation
- BeanSec!
- Big Data
- Career
- Censorship
- Cisco
- Citrix
- Clean Pipes
- Cloud Computing
- Cloud Security
- Cloud Security Alliance
- CloudAudit
- Compliance
- Conferences
- Consumerization Of IT
- Current Affairs
- Data-Centric Security
- De-Perimeterization
- DevOps
- Disruptive Innovation
- DLP
- EDoS
- Encryption
- Endpoint Security
- Firewalls
- General Rants & Raves
- Governance, Risk Management & Compliance (GRC)
- Hacking
- Identity Management
- Identity theft
- Information Centricity
- Information Security
- Information Survivability
- Infrastructure 2.0
- Innovation
- Intrusion Detection
- Intrusion Prevention
- IP/Data Leakage
- Jackassery
- Jericho Forum
- Malware
- Marketing
- Microsoft
- MLS (Multilevel Security)
- Mobility
- Net Neutrality
- Network Access Control
- Networking
- Offensive Computing
- Open Source
- Open Standards
- Patch Management
- PCI
- Platform as a Service (PaaS)
- Podcasts
- Poetry
- Presentations
- Press
- Privacy
- Punditry
- Risk Assessment
- Risk Management
- Security Awareness
- Security Breaches
- Security Conferences
- Security Innovation & Imagination
- Security Metrics
- Security Predictions
- Security Strategy
- SIM/SEM/SEIM
- Social Media
- Software as a Service (SaaS)
- Software Defined Networking
- Speaking Engagements
- Take5
- Technology Review
- Travel
- Uncategorized
- Unified Threat Management (UTM)
- Virtualization
- Virtualization Security
- VM HyperJacking
- VMware
- Vulnerability Assessment / Vulnerability Management
- Vulnerability Research
- Vyatta
- Web Application Security
- Xen
Archives
- June 2015
- April 2015
- February 2015
- January 2015
- September 2014
- March 2014
- February 2014
- November 2013
- August 2013
- June 2013
- May 2013
- April 2013
- February 2013
- January 2013
- December 2012
- November 2012
- October 2012
- September 2012
- August 2012
- July 2012
- June 2012
- May 2012
- April 2012
- March 2012
- February 2012
- January 2012
- December 2011
- November 2011
- October 2011
- September 2011
- July 2011
- June 2011
- May 2011
- April 2011
- March 2011
- February 2011
- January 2011
- December 2010
- November 2010
- October 2010
- September 2010
- August 2010
- July 2010
- June 2010
- May 2010
- April 2010
- March 2010
- February 2010
- January 2010
- December 2009
- November 2009
- October 2009
- September 2009
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
- July 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
Gives the enterprise people warm fuzzy feeling: "Hey, it's just like home!"
Had an interesting discussion about this the other day. It begain with the "dumb network" debate in which the network becomes a simple highspeed delivery mechanism and intellegence is pushed to the end node. Similar to a highway where the "road" is simple and has limited governance. Conversely, a car has the ability to choose where to go, how fast to go, airbags, anti-lock, etc. If that analogy doesn't work well, use your home with keyed doors, security system, thermostat, etc.
Anyway, as virtualization and cloud continues to grow, will the "intelligent" network be necessary? Even now, VMware is absorbing multiple network services (FW, VPN, NAT, etc.).
What if everything outside of the local system interface was considered hostel because only specific nodes were trusted, regardless of transport? I question how you can secure the network when the only constant is the node. So is the target to secure the transport, node, or data? Mix as you will, something gotta give…