As
the curtain opens on 2016, you can expect massive changes in the
security landscape. Technology providers such as firewall vendors,
switching vendors and others will fade as new solutions better suited to
the cloud computing environment emerge.
On
the flip side, companies that provide encryption and anti-malware
technologies will continue to see their fortunes rise because the demand
will continue to grow. But to thrive, these vendors must bring out new
products and services evolved for cloud computing.
Anti-malware evolves and grows
Let’s
take the case of anti-malware vendors that have traditionally served
on-premise clientele. As more companies move to off-premise solutions —
the cloud — so, too, will the attacks of nefarious hackers and others
intent on stealing or compromising your company’s data. For anti-malware
vendors, the new year brings a huge opportunity to update and create
new solutions tailored to the cloud.
The
good news is these are essentially the same types of services that
analyze data traffic for malware, but designed for the cloud. It still
won’t be easy; there are some technical hurdles, like figuring out how
the anti-malware solution gets inserted into a cloud system to which it
doesn’t necessarily have access. Still, I think the top-shelf
anti-malware vendors will be hugely motivated to attack this problem
with gusto, and will figure it out.
Of
course, Amazon and other cloud providers will continue to enhance their
security, but dealing with the many and evolving strains of malware is
not their core competency. Instead, I think they will be more inclined
to work with, or at least make it easier for, established security
vendors to deploy their solutions onto cloud platforms. Expect to see
more APIs and frameworks from cloud providers that allow for more
seamless integration of third-party anti-malware.
Firewalls have nowhere to go
While
anti-malware vendors have new opportunities, the same can’t be said for
traditional firewall vendors. The reason is that access control (a core
firewall feature) is being commoditized.
We will see a much larger percentage of enterprise workloads moving to the cloud in 2016.
Firewalls
are typically used for access control to determine who can talk to what
over which protocol. They’ve also been very IP-centric. Over time,
firewall vendors have added application awareness, as well as protocol
and packet inspection. The cloud doesn’t change the need for these
advanced functions, but often the core access control is embedded in the
cloud provider’s system, and I don’t see firewall vendors being able to
subvert or co-exist with what’s already there.
Also,
access control is already being built in to cloud providers’
hypervisors and tied to provisioning of individual compute instances.
Amazon’s Security Groups is just such an example.
Load balancers tilt
Like
traditional firewalls, vendors of load balancers and application
delivery controller appliances face tough sledding in 2016. Load
balancers have long served a useful function, distributing network or
application traffic across servers to handle high volumes of users or
visitors. But auto-scaling of compute power is already part of the cloud
provider’s infrastructure, so customers don’t need to buy it
separately.
I fully expect that
legacy apps closely tied to traditional load balancers will continue to
be used on-premise or, in some cases, rewritten for new cloud
architectures.
The year of encryption
Mobile
devices weren’t always so ubiquitous. Remember when only doctors
carried beepers? The same could be said for encryption, a technology
that companies deployed only in certain scenarios that absolutely
required it. Moving to the public cloud means the expectation is that
everything needs to be encrypted — always.
But
in this new cloud computing era, encryption vendors need to develop
solutions that are massively scalable and truly transparent. Like
anti-malware, the opportunity here is huge, and I fully expect
encryption vendors to make solid progress in 2016.
Another
reason I think this will be a big year for encryption is that it’s
becoming far easier to deploy. Traditional agent-based encryption is
well-established, but has always been hard to deploy because it doesn’t
work seamlessly with data management and other infrastructure functions.
There is such a demand and focus on encryption recently that you can be
sure plenty of bright minds are working on more advanced solutions that
overcome the limits of traditional encryption. Expect to see some of
these released in 2016.
Solutions that tightly integrate encryption will be the big winners in the year ahead.
Cloud
providers will continue to offer built-in encryption capabilities,
similar to firewalls and load balancers, but the evolution of
third-party solutions will broaden the reach of encryption. Looking
further out, it’s not hard to imagine that encryption will do more than
just protect data; it will take on a bigger role in protecting other
parts of the network with access control.
I
think it’s inevitable, as the cloud becomes more ubiquitous in the
years ahead, that encryption will essentially become the new perimeter
and insertion point for companies to enforce their security policies.
It’s a fantastic opportunity for encryption vendors to start delivering
on in 2016.
The cloud blots the outlook for switch vendors
Switching
products offer many complex features, such as VLANS (Virtual Local Area
Networks), that are manifestations of physical constructs. But with
cloud computing, switching is far more straightforward and the role of
switch vendors changes.
Traditionally,
switching products have relied on elaborate routing protocols and
network encapsulations to make sure that, for example, Rack A doesn’t
talk to Rack B, but can talk to Rack C. It gets way more complicated in
the jumble known as network management.
But
in cloud computing, the network management mess goes away. For example,
Security Groups, the network controls Amazon uses that are defined up
front and deployed automatically. This is a huge time saver because you
no longer have to set up network access control policies and the need
for software switches is greatly reduced.
There
is still going to be a need for switches; for example, customers who
want to project one network onto different infrastructures — but this is
far from a big growth opportunity. In my opinion, switch vendors are
going to have difficulty finding new revenue for their traditional
products in 2016.
That pesky issue of
insertion in the cloud is also a tremendous challenge to switch
vendors. To get a so-called virtual switch inserted in a cloud-based
data center, it would need to be tightly integrated with a cloud-based
hypervisor. But I see no incentive for cloud providers to give
third-party switch vendors special access to their systems.
As a result, I think switch vendors are going to be left out in the cold when it comes to opportunities in the cloud.
A winning combination of software storage and encryption
Enterprise
data is already growing exponentially, and the cloud will accelerate
this trend because it provides readily accessible infrastructure to
store all that data. Simply put, it’s a great opportunity for
software-based storage systems.
But
there’s the issue of managing all this data in a way that spans both
private and public clouds, because most companies will leverage both.
This point is where software storage vendors can thrive to the extent
they’re able to bring new cloud-based data management solutions to the
fore.
I strongly believe that for
these software storage solutions to succeed, however, they need to be
tightly integrated with security, such as encryption. The alternative is
to keep encrypting data separately from the storage system, but that
just makes it a hassle to replicate, back up and move data around.
Solutions that tightly integrate encryption will be the big winners in
the year ahead.
The hype becomes reality
You
might say 2015 was the year of cloud computing — at least when it comes
to media coverage. But the fact is, only a small percentage of
enterprise workloads moved to the public cloud this past year. That’s
about to change. The transition of the enterprise from private to public
clouds is likely to be the most impactful transition in the IT data
center sector in the past three decades.
I
expect we will see a much larger percentage of enterprise workloads
moving to the cloud in 2016, with a much bigger migration to follow.
I’ll be fascinated to see what the established vendors and upstarts
bring to the table this year to accelerate the inevitable transition to
the cloud.
No comments:
Post a Comment