Key challenges to securing Software-Defined Data Centers

Tufin announced international survey results that highlight specific security challenges that need to be addressed in order to enable innovations such as the Software-Defined Data Center (SDDC).

Ninety-one percent of the 169 network and security managers surveyed at Cisco Live in Milan in January, and the 82% of the 203 security managers polled at the RSA Conference 2014 reported that the on-demand nature of virtualization and the cloud has increased pressure on them to deliver applications and services faster, with 40% citing complexity as the biggest barrier to network security.

“Virtualization and the cloud are dramatically increasing the rate and volume of network changes, forcing security managers to find new and better ways of ensuring security policies are kept intact throughout these rapid changes,” said Reuven Harrison, CTO, Tufin.

To achieve this move towards a dynamic, services-oriented virtualized architecture, applications, network and security teams must become more closely aligned and communicative. This requirement was magnified by a larger October 2013 Tufin-commissioned survey in which 71% of more than 500 senior IT professionals found themselves having to adopt new processes, learn new technologies and interact with new people because of the imperative to work together as a larger team.

Both networking and security managers pointed to specific issues resulting from the intense pace of change in today’s business environment, highlighting several opportunities to improve network security and overall network operations:

• Almost 90% felt that organizations rely too heavily on network security products and tools at the expense of good network architecture and design in order to deliver the optimum level of network security.
• Almost 40% reported that the biggest barrier to effective network security is network complexity while 25% cited a lack of collaboration and another 20% cited the constant change occurring in today’s networks as their biggest barriers.
• 89% of respondents reported that between 20-60% of security policy changes in their organization need to be corrected after the fact.
• Another one-sixth reported that as much as 60-80% of their organizations’ security policy changes need to be revised after the fact as well.

As revealed by these surveys, security and network teams are aligned on the value of automation.

35% of security managers and 39% of network managers believe automation can improve the accuracy of change in a complex network, and 20% of all respondents believe this would establish a consistent and repeatable process across all departments.