I ran across an article today titled “Fortinet Extends Cloud Security with Four New Virtual Appliances“. I dove in waiting to see what Fortinet was doing to secure the cloud. I was dismayed to once again find out that what was really going on was that Fortinet has released a series of “virtual appliances”. These appliances can be run in a VM environment instead of on a actual physical server. But running in a VM instance doesn’t mean you are protecting the other VMs, let alone providing any sort of cloud security.
Lets get this really clear. Virtual security appliances do not in and of themselves provide any cloud security. They can be hosted in the cloud perhaps, so elasticity of resources available is available to them as well. But that really does not have much to do with how they are providing cloud security if at all. Running in the cloud is not protecting the cloud!
I think far too many security companies have not been clear about cloud-based security versus cloud security. In the rush to jump on the cloud bandwagon, everyone wants to be cloud security providers. It reminds me of over-hyped NAC market. Everything and everyone was a NAC provider. All it does is serve to confuse what is really needed and what should be really provided.
So security vendors and the media, lets be clear. If something runs in a virtual machine, lets not call it cloud security!
- Cloud Computing and the Big Pipes myth (blogs.cisco.com)
- Catbird CTO To Deliver Keynote Address On Opportunities and Dangers in Today’s Cloud Computing Environments (eon.businesswire.com)
- Citrix aims to extend beyond private clouds (v3.co.uk)
- IBM adds Power7 hardware support to CloudBurst (v3.co.uk)
- Getting to the nitty gritty of cloud security- the hypervisor (securecloudreview.com)
- Fortinet shakes up Gold regime (channelweb.co.uk)
- Security Vendors Show Hardware Still Has Purpose (blogs.channelinsider.com)