Federating Firewalls in the Cloud

    When it comes to the security of cloud computing, there’s obviously a lot to be concerned about. But for all the talk about cloud security there hasn’t been much discussion about how to actually make managing security in the cloud a whole lot easier.

    At the TechCrunch Disrupt 2011 conference, the folks at Dome9 Security announced the general availability of a new service for remotely managing the firewalls that come embedded in most operating systems these days. That may not sound like much, but when you think about it, that type of service can go a long way to addressing some of the more basic concerns when it comes to cloud computing security.

    According to Dave Meizlik, vice president of marketing and business development, one of the fundamental issues with cloud computing these days is that too many administrators leave ports open so they can easily access a server in the cloud. Meizlik notes that it doesn’t take much for an enterprising hacker to guess what that password might be, thereby potentially unleashing all kinds of mayhem. Meizlik says Dome9 Security addresses this issue by providing a service that will automatically close those ports after a specified period of time using the firewall embedded in most server operating systems.

    Of course, the other implication of the Dome9 service is that many IT organizations may not need to deploy dedicated firewalls in the cloud if they can effectively manage embedded firewalls via one single pane of glass.

    No one is ever likely to be completely happy with security in the cloud, but at the very least there are some basic measures that should be taken to at least prevent low-level attacks from becoming a major problem, or as Meizlik puts it, if you never lock your car and it eventually gets stolen, you might be as much responsible for letting it happen as the thief who took it.

    Mike Vizard
    Mike Vizard
    Michael Vizard is a seasoned IT journalist, with nearly 30 years of experience writing and editing about enterprise IT issues. He is a contributor to publications including Programmableweb, IT Business Edge, CIOinsight and UBM Tech. He formerly was editorial director for Ziff-Davis Enterprise, where he launched the company’s custom content division, and has also served as editor in chief for CRN and InfoWorld. He also has held editorial positions at PC Week, Computerworld and Digital Review.

    Latest Articles