Insight and analysis on the data center space from industry thought leaders.
It’s Onward and Upward with Cloud Security
Intel's new Xeon processors continue the company's focus of building security features into the hardware level to complement software-based security, writes James Greene of Intel.
March 14, 2012
James Greene is a Product Marketing Engineer for Security Technologies at Intel. In this role, he is responsible for the definition of products and usage models for data center and cloud security solutions.
James-Greene-Intel-tn
JAMES GREENEIntel
When people talk about technology refresh, they often focus on gains in performance and efficiency—which are very important. But there’s another compelling reason for moving ahead to next-generation IT platforms: security enhancements.
That’s the case with the new Intel Xeon processor E5 family. It continues the long-running Intel focus on building security features into the hardware level to complement software-based security. This provides great value for almost any type of deployment, but the benefits can be especially powerful in cloud environments.
Cloud Presents New Issues
Why this focus on security challenges? When you move to a cloud environment, even a private one, you give up many of the physical controls and the traditional security toolbox used in a conventional enterprise data center.
Traditional data centers often embrace physical isolations and controls. One can separate workloads or systems and lock them up. And conventional security controls are largely oriented toward the perimeter of the data center. You build a formidable firewall that basically assumes anything from the outside is bad and anything on the inside is good.
In a cloud environment, you lose that physical isolation of your data, applications and systems, so you need to apply new, compensating protections to reduce risk. This is a lot like the loss of control you experience when you move from a desktop to a laptop. You need to think about security in new ways, and apply new protections, such as disk encryption to compensate for the fact that the systems (and the data they hold) are no longer constrained to the office.
Clouds Increase Complexity
Things are more complicated in a cloud environment, of course. Ideally, each workload should be protected individually, but that’s a challenging proposition. Encrypting the data that goes in and out of every virtual server would be a performance nightmare without technologies that greatly accelerate encryption. And you also need to think about hardware-level threats, such as rogue hypervisors or rootkits that seek to take control of an operating system when it boots up.
The Intel Xeon processor E5 architecture helps you address these challenges—and regain lost control—with technologies that harden the computing foundation. These include Intel AES New Instructions (Intel AES-NI) and Intel Trusted Execution Technology (Intel TXT).
These cloud security technologies, which debuted in earlier-generation processors, have been further optimized in the Intel Xeon processor E5 family. In addition, software and hardware vendors in the Intel ecosystem are making significant investments in products and solutions that leverage Intel AES-NI and Intel TXT.
Looking Toward the Future
As IT organizations face new threats and new security mandates, the technologies in the new processor family becomes all the more important. They also become all the more relevant as the ecosystem expands the range of hardware and software that takes advantage of the capabilities—delivering more protections, controls, and use models to end-user companies and cloud service providers.
Put it all together and you have compelling reasons to refresh with systems based on the next-generation Intel architecture. It’s onward and upward with cloud security.
Or maybe this is just the beginning of the beginning of better cloud security. What other capabilities would you like to see? Where are your priority requirements? I encourage comments below. Let's start a conversation.
Industry Perspectives is a content channel at Data Center Knowledge highlighting thought leadership in the data center arena. See our guidelines and submission process for information on participating. View previously published Industry Perspectives in our Knowledge Library.
About the Author
You May Also Like