Submarines are made for war - they exist under the assumption that they will be attacked some day, and are constructed with this fact in mind. Unlike submarines, data centers built in the last 15 years were not designed for today’s cyber warfare. These data centers relied on a hardened perimeter as the primary means of defense. However, the shift to virtualization and cloud has all but eliminated the perimeter, giving attackers free rein once they find a way inside. So, it’s time to find a new way to fight back against these digital enemies with an architecture that is built for war: a distributed security system.
A distributed security system provides two of the key response technologies that help submarines survive an attack: sensors and compartments. The first step in any defense strategy is to have up-to-date situational awareness. This is delivered through a complete system of sensors that monitor the health and integrity of the sub, helping identify any potential breaches. A distributed security system contains a similar network of sensors that deliver situational awareness in the data center by monitoring the communications between every workload in the environment. Using these sensors, complex application relationships can be visualized, and, in turn, defensive strategies constructed.
Returning to the submarine analogy, in the event of a breach that is detected in the sub’s hull, internal bulkheads are closed off around the leak, containing the compromise and saving the rest of the sub. Similarly, a distributed security system can micro-segment the data center, providing per-workload bulkheads and remediation capabilities. In the event of a breach, the offending workloads can be identified and automatically isolated, taking action to prevent a small issue from cascading into a catastrophic failure. In these ways, distributed security systems turn the data centers of the past into cyber-submarines, designed for the modern battlefield of cyberspace, instead of the sea.
This kind of technology transformation is sorely needed. The Office of Personnel Management breach, the largest in US government history, is just the latest example of two frightening statistics: Last year, 43% of businesses* were breached, but less than 19% of those incidents** were discovered by internal IT staff. This chronic visibility problem must be fixed. Organizations must have visibility inside the data center - to regain situational awareness of the security and integrity of an organization’s most critical data assets.
At vArmour, we fundamentally believe this distributed approach to data center security is the only way for organizations to protect what matters most to them and their customers. Having complete visibility into the data center is the first step towards greater security and we are pleased to make this available today - for free. I am proud to introduce vArmour DSS-V, a free edition of the vArmour DSS Distributed Security System that users can easily download and visualize their complex application traffic in about 15 minutes. vArmour DSS-V will instantly provide IT and security professionals insight into the 77% of virtualized workload traffic*** they simply cannot see. It’s the right and necessary step for organizations to take to keep the data of their customers safe.
So today, I encourage you to take the first step in turning your data center into a cyber-submarine by requesting a download of vArmour DSS-V.
**Verizon 2014 Data Breach Investigations Report