April 21, 2009

Can you trust the cloud? That's the big security question now facing chief information officers and others in charge of keeping an organization's information safe.

The network is changing, that's for sure. Thanks to de-perimeterization, the iPhone Effect, virtualization, cloud computing and a few other conspiring factors, that change is coming fast. It all adds up to what Bob Gleichauf, chief technology officer of Cisco's Wireless and Security Technology group, calls "the blurring of everything" – especially the blurring of traditional borders between the corporate network and the rest of the world.

News@Cisco recently spoke with Gleichauf about his views on the changes taking place in networking communications and their implications for network security.

What do you see as the key trends in networking communications that will most affect security in the next few years?

Bob Gleichauf: I think everyone sees seamless mobility as the Holy Grail. But seamless mobility causes de-perimeterization. Thanks to the iPhone Effect – everyone has a cool mobile device they want to use – the de-perimeterization of corporate networks is greatly accelerating. I refer to this as the "blurring of everything." 

De-perimeterization, which refers to the migration from static networks with hardened borders to much more open networks with less well-defined borders, certainly took off with the advent of the Internet. Before then, corporate networks pretty much operated autonomously and unconnected from other networks. Of course, that's been radically changing over the past 15 years. But now employees are increasingly using their mobile devices instead of desktop or laptop computers to access information, and that's creating new security challenges.

The bookend to seamless mobility is cloud computing. To support thin-client mobile devices, organizations are starting to build out virtual desktop infrastructures. Very little will reside on a desktop. It will be more of a symbol for the central vault of information for an employee.

Trying to migrate legacy corporate applications onto these devices is just not possible. Hosting these applications on backend servers is much more tenable. So in many respects de-perimeterization and the iPhone effect have helped promote cloud computing and Software as a Service (SaaS).

What challenges are these trends creating for network security?

Bob Gleichauf: The security issues related to seamless mobility and de-perimeterization cannot be ignored anymore. New mobile devices are placing this issue center stage. The classic lines separating private networks from public networks, mobile devices from desktop devices, and employees from outsiders are rapidly blurring. Communications no longer take place in such neat categories.

If your employees are constantly moving around and using a growing assortment of mobile devices, where are the borders of your network? And if these devices have to run on networks outside your control – cellular, Wi-Fi, WiMax, broadband or others – how, then, do you control the security of each communications session?

The basic challenge from these changes is that the traditional firewall approach is no longer sufficient. Certainly, it remains very effective at "keeping bad things out." But this service needs to be extended and augmented to deal with the trends being discussed here. Then there is the fact that with today's regulations and intellectual property concerns, companies also now have to figure out new ways for how to keep good things in.

The number of computing devices or combinations of computing scenarios is becoming so great that companies are struggling to secure all of these devices. There are just too many of them. In a given week, an employee could work from a desktop computer in an office, a computer or laptop from home, a smart phone while driving, and a netbook in a hotel room. Combined with the various operating systems, applications, and networks (corporate, service provider, etc.) there's no way they can lock down all of these.

In what ways will network security need to change to address these new computing and communications developments?

Bob Gleichauf: The challenge with seamless mobility is that it is not just a wireless issue. Seamless mobility is an experience that involves access across all forms of communication: wired, Wi-Fi, cellular, WiMax, RFID, etc.

So the question is: how do you create a security framework that can address all of those scenarios? Security has to move from assessing "user" access to assessing "entity" access. The network needs to judge the trustworthiness of anything that can send or receive information. That could be a person, a device, or an application.

New security models will also need to account for the needs of all participants in the network: users, administrators, service providers, vendors, and governments/regulators. The needs of these groups often overlap and conflict. Reconciling their different needs is critical to our longer-term success in combating the new types of security issues.

Since corporate networking options are becoming far more dynamic, security has to keep up. Rather than yes/no firewalls, networking security needs to get better at assessing shades of good and bad. We need richer information on identities and richer policies that can make more flexible assessments.

What is your vision for how networking security should evolve during the next few years?

Bob Gleichauf: I call my concept for addressing the security challenges of seamless mobile security the Network Privilege Framework. I should emphasize that this is not an "official" Cisco concept, but, rather, my own umbrella term for thinking about a cohesive security approach to the radical shift that's underway in corporate networking.

The Network Privilege Framework uses both hard and soft credentials for assessing the trustworthiness of a network "user," which includes virtual machines as well as people and devices. Certainly, if a user doesn't even have a password, then he or she is not getting access. But there's now so much more to account for.

The Network Privilege Framework also draws upon new constructs such as a user's posture, location, and reputation. These dynamic attributes are then combined to create a contextual identity or role that can be used as part of the authentication process. Used in conjunction with static attributes, such as user, device and directory role, network policy services can create a composite role that provides a better fit for access controls as well as threat defense. This new type of role is in effect an identity "score," like an eBay buyer-seller rating, only with richer content.

Certainly, some of the pieces for this are in place, but much more work needs to happen to decouple security from physical network topology.

What is your advice to CIOs about how to address these changes, especially given the rapid pace of change?

Bob Gleichauf: I would say: Don't let security fall off the plate in a rush to move to these new computing models. If you lose "situational awareness," that is very dangerous, especially if you are outsourcing. Wherever your data may reside, you need to be able to monitor activity and have visibility into your traffic.