Securing 'East-West' Traffic in the CloudVMware COO Raghu Raghuram on Using Microsegmentation
Protecting "East-West" cloud traffic - the traffic between apps and virtual machines - is a significant challenge, but microsegmentation can help address it, says Raghu Raghuram of VMware.
"The nature of application traffic is that each application is broken up into many parts, sometimes tens or hundreds of components," Raghuram says in an interview with Information Security Media Group. "If you were to use the same techniques that you use for controlling North-South traffic [from device into the cloud] and apply it to East-West traffic, then there would be a massive explosion in the number of firewalls you would need ... and in the complexity of the routing that has to happen."
Microsegmentation allows for surrounding each app, app component or virtual machine with its own network access rules that are enforced programmatically at the virtual machine itself, instead of at a central point. This distributed approach allows for much more scalability and much better enforcement, Raghuram says.
"The policy enforcement mechanism has to be global," he asserts. "This is a problem that gets complicated in the multicloud world, and having a global policy layer is something that becomes super critical." (see: Securing Multicloud Environments)
In this audio interview (see player link below image), Raghuram also shares insights on:
- How microsegmentation and software-defined security functions in the cloud;
- Using machine learning techniques and automation to secure the cloud;
- Why a global policy view and control is essential in a multicloud environment.
Raghuram, COO of products and cloud services at VMware, has joint responsibility for all VMware's product and service offerings and centralized services, support and operational functions. During his tenure at VMware, Raghuram has held multiple leadership roles, most recently leading the company's software-defined data center business as the executive vice president and general manager. Prior to that, he led the company's cloud infrastructure and management business as the general manager, and led worldwide product marketing, product management and business planning for VMware's virtual infrastructure. Raghuram began his career at VMware running product management for ESX and vSphere. Earlier, Raghuram held product management and marketing roles at AOL, Bang Networks and Netscape.