A deeper dive into cloud security as a service: Advantages and issues – Cloud Tech

In a recent article which focused on cloud security I presented a comparison between security-as-a-service and traditional style security tooling in the cloud. This installment is a deeper dive into the security as a service (SECaaS) paradigm.

It would seem to me that a natural outgrowth of the cloud computing and 'everything as a service' paradigm that the technology world is undergoing, would be that the tools and services we use to manage and secure our cloud environments also move into an as a service mode.

In much the way one would expect, SECaaS works under the principle of a small agent controlled from an external service provider. It is not so different conceptually from controlling a number of firewalls (virtual or physical) from an external management console.

Heres how it works. A security administrator sets the policy for the service in the SECaaS provider cloud, using online management tools, and sets what policy or policies applies to a group of VMs classified by any number of criteria.

Then, the SECaaS services governs the security activity within and around the VM via a lightweight, generic, agent installed within the VM. When a new VM is created out of a template the agent is included in the image.

Finally, the agent executes various security functions according to the direction/policy communicated from within the providers cloud environment.

For example, the security administrator creates a segmentation policy that all webserver VMs will only accept traffic on ports 80 and 443. The administrator creates a policy in the SECaaS cloud which is transmitted to the agents on all webserver VMs in the environment. The agent then acts to block and/or allow traffic as per this and other policies that apply to this type of VM.

The advantages of using a SECaaS solution include:

As more organisations continue to adopt and move to the public cloud it becomes even more critical to secure those environments, applications and services. SECaaS providers continue to enhance their offerings and continue to add specific security services to their portfolios. As SECaaS matures it becomes an even more viable option for securing enterprise public and hybrid cloud deployments.

Read more: Cloud security best practice: Security as a service or cloud security tooling?

See the original post:

A deeper dive into cloud security as a service: Advantages and issues - Cloud Tech

Related Posts

Comments are closed.