Security 3.0 and the Perimeter Myth

Greg Ness regarding the myth of security at the perimeter.  Continuing the story about how we really need to concern ourselves with VirtSec and  "the soft middle", and not just the perimeter.

Security 3.0 and the Perimeter Myth | AlwaysOn

Over the last few weeks I’ve been talking to analysts and security pros about virtualization, security and the evolution of netsec to virtsec. Last week I was in Los Angeles on a virtualization panel at the InformationWeek Virtualization Summit and then in NYC on a MISTI panel on virtsec.

As a result of several discussions, I’ve come to the conclusion that for many organizations their network really doesn’t have a perimeter, at least in the classic sense of defense. The idea of a strategic point of defense that protects what is inside has become a legacy myth, an anachronism from the early days of netsec and fame-seeking hackers.

...

THEN WHAT'S NEXT FOR NETSEC?

In the short term the netsec hardware vendors MUST announce a virtsec product in 2008. Being late to the party will cost them substantial vision and revenue growth points. As I commented before, these 2008 virtsec announcements will likely be vapor ware because of the substantial difficulties in moving from signature processing (usually ASIC) “architecture crunch” to massive hypervisor footprints. Maybe these products will be broken into multiple parts in order to lessen the load on individual servers and avoid massive processing burdens. Maybe they’ll find a creative way to exploit the hypervisor layer from afar? Either way, they are in a world of computational disadvantage until they understand the nature and weaknesses of the applications they are defending. ...

Powered by ScribeFire.